Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3132392e302f32342d3234203d3e20323134363339.roa
File: 3138382e3230392e3132392e302f32342d3234203d3e20323134363339.roa (raw, json)
Hash identifier: MnuL2F9y/WA9vRb+A/HNAi/8EtIiGRl+YCoxtZaiMNE=
Subject key identifier: 58:33:F4:08:52:E1:F4:80:ED:40:44:89:BC:7E:4B:1E:11:6D:DC:F4
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 68A3AE4B550E7874DA6F8CE12C9DC4F2942F6AE8
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3132392e302f32342d3234203d3e20323134363339.roa
Signing time: Thu 26 Mar 2026 09:00:55 +0000
ROA not before: Thu 26 Mar 2026 08:55:55 +0000
ROA not after: Thu 25 Mar 2027 09:00:55 +0000
asID: 214639
IP address blocks: 188.209.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a3:ae:4b:55:0e:78:74:da:6f:8c:e1:2c:9d:c4:f2:94:2f:6a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:55 2026 GMT
Not After : Mar 25 09:00:55 2027 GMT
Subject: CN=5833F40852E1F480ED404489BC7E4B1E116DDCF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:60:10:d9:9c:6b:03:60:47:f2:f0:bd:24:1a:
7c:81:de:6a:e9:c8:16:71:aa:dd:91:91:31:8c:7f:
7e:de:58:e1:71:95:7b:16:8b:e5:1b:e8:c8:c1:93:
73:7a:8d:d0:b0:f7:37:56:3e:e5:20:7c:a4:f5:d4:
30:ce:6c:6a:0e:e5:26:45:c1:d4:c1:0b:06:4c:4a:
83:ee:75:6d:cf:3f:f1:e2:b9:aa:b5:7c:89:68:75:
c5:92:f3:87:d7:23:95:cf:83:18:a1:36:ef:78:f6:
fe:65:53:95:43:b6:4b:6c:5e:ad:04:b4:a7:d0:5b:
c7:c2:e8:12:cc:d9:a4:44:2b:58:8f:da:4a:e0:4c:
4c:62:5c:94:86:53:24:ee:74:c4:7d:ef:03:d8:f5:
75:d8:c6:c4:00:23:61:69:20:c2:a2:f4:4a:dd:40:
c7:ed:e7:c0:43:7a:01:20:c0:a2:1f:c1:c7:39:45:
1a:16:25:09:93:6f:81:27:18:21:9b:0f:80:db:0e:
28:74:8c:82:38:38:7b:5a:bf:9e:bb:ec:3b:d5:c4:
73:0a:50:07:38:3c:fb:78:1c:fa:87:ce:3f:bc:65:
28:33:59:8d:2a:61:a8:59:8f:66:01:c7:2c:59:8f:
14:a0:e6:e7:94:27:80:e5:95:d4:db:7b:bc:4b:d5:
7e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:33:F4:08:52:E1:F4:80:ED:40:44:89:BC:7E:4B:1E:11:6D:DC:F4
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3132392e302f32342d3234203d3e20323134363339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:3c:69:30:a2:99:0d:a2:d6:a7:19:f1:34:d4:1c:6b:e3:f9:
37:f2:d5:61:08:73:57:92:18:fa:da:91:8d:85:98:2c:4a:50:
68:75:38:0d:e5:f3:ad:a1:7a:db:5d:ba:b5:4a:d3:15:b5:44:
fb:b4:ee:70:fa:90:2e:68:31:36:f0:c8:10:55:ed:0e:69:8b:
1c:9e:14:a2:de:34:46:e9:d0:ab:92:e6:5f:e9:76:35:48:fb:
87:58:12:a6:50:f0:32:aa:26:8f:87:cc:02:d6:d3:85:57:49:
21:4a:49:bb:1f:2d:f7:20:3d:52:a9:a6:df:78:67:63:47:9a:
bb:4b:8e:4a:8a:fa:56:e3:29:29:06:64:a6:ce:62:7b:f2:55:
5e:a8:d2:52:18:55:b7:25:8f:20:b5:64:4a:4e:b9:43:9a:db:
f7:3e:1c:58:17:7d:d9:aa:8e:f6:6b:27:85:75:32:83:4c:28:
86:9a:a4:4a:8a:96:2b:bd:ce:36:01:75:09:d0:f4:a9:cd:99:
45:c0:1a:6c:7e:65:d9:6e:ca:92:74:31:bb:d0:af:a3:ca:ce:
2b:b9:63:e5:d3:4c:94:6a:4f:c6:c9:03:0d:07:c0:d4:b8:ba:
2c:7d:91:c2:3f:a5:38:e6:ef:f1:b2:ea:b3:5f:69:57:63:a7:
67:8b:64:9b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUaKOuS1UOeHTab4zhLJ3E8pQvaugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTVaFw0yNzAzMjUwOTAwNTVaMDMxMTAvBgNV
BAMTKDU4MzNGNDA4NTJFMUY0ODBFRDQwNDQ4OUJDN0U0QjFFMTE2RERDRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRYBDZnGsDYEfy8L0kGnyB3mrp
yBZxqt2RkTGMf37eWOFxlXsWi+Ub6MjBk3N6jdCw9zdWPuUgfKT11DDObGoO5SZF
wdTBCwZMSoPudW3PP/Hiuaq1fIlodcWS84fXI5XPgxihNu949v5lU5VDtktsXq0E
tKfQW8fC6BLM2aREK1iP2krgTExiXJSGUyTudMR97wPY9XXYxsQAI2FpIMKi9Erd
QMft58BDegEgwKIfwcc5RRoWJQmTb4EnGCGbD4DbDih0jII4OHtav5677DvVxHMK
UAc4PPt4HPqHzj+8ZSgzWY0qYahZj2YBxyxZjxSg5ueUJ4DlldTbe7xL1X6vAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUWDP0CFLh9IDtQESJvH5LHhFt3PQwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzIzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM2MzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALzRgTANBgkqhkiG9w0BAQsFAAOCAQEAjzxpMKKZDaLWpxnxNNQca+P5N/LV
YQhzV5IY+tqRjYWYLEpQaHU4DeXzraF62126tUrTFbVE+7TucPqQLmgxNvDIEFXt
DmmLHJ4Uot40RunQq5LmX+l2NUj7h1gSplDwMqomj4fMAtbThVdJIUpJux8t9yA9
Uqmm33hnY0eau0uOSor6VuMpKQZkps5ie/JVXqjSUhhVtyWPILVkSk65Q5rb9z4c
WBd92aqO9msnhXUyg0wohpqkSoqWK73ONgF1CdD0qc2ZRcAabH5l2W7KknQxu9Cv
o8rOK7lj5dNMlGpPxskDDQfA1Li6LH2Rwj+lOObv8bLqs19pV2OnZ4tkmw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:36 2026 by rpki-client