Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133302e302f32342d3234203d3e203136353039.roa
File: 3138382e3230392e3133302e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: 7iOcs6N3S+CcV7fmjYidGtqvfh7xTITx+GiTfixZ04E=
Subject key identifier: DC:98:3B:FD:07:CF:BC:CE:54:E3:44:92:1F:39:37:89:3C:13:57:C4
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 392C47BFB59B91BA280260CF18774A1D22F18DCB
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133302e302f32342d3234203d3e203136353039.roa
Signing time: Thu 26 Mar 2026 09:00:55 +0000
ROA not before: Thu 26 Mar 2026 08:55:55 +0000
ROA not after: Thu 25 Mar 2027 09:00:55 +0000
asID: 16509
IP address blocks: 188.209.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:2c:47:bf:b5:9b:91:ba:28:02:60:cf:18:77:4a:1d:22:f1:8d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:55 2026 GMT
Not After : Mar 25 09:00:55 2027 GMT
Subject: CN=DC983BFD07CFBCCE54E344921F3937893C1357C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a5:91:1f:a2:a4:74:11:e1:52:c2:b3:86:85:
c4:f0:58:0c:e8:18:31:3b:2d:da:af:47:40:fc:d3:
33:0d:c5:f6:24:28:9a:90:ba:47:3d:9d:15:9e:ef:
5f:a1:52:28:66:e2:81:5a:4c:75:30:3a:ef:62:a6:
b0:cb:9b:fc:ab:a5:c3:58:51:cb:03:b2:32:27:c0:
11:41:10:ed:21:6d:95:0b:52:6d:19:1f:25:ca:a7:
d9:88:27:81:34:9a:37:1c:55:73:16:a1:03:2f:ca:
ca:59:7d:e7:d2:35:28:f5:37:88:48:fe:83:8b:44:
5b:ce:d1:1a:fe:fb:26:13:87:3e:b2:b0:63:2b:bb:
38:ba:6d:b4:c6:e7:da:31:f9:86:26:d5:30:95:70:
7c:a4:e5:ea:b2:99:42:0b:57:d9:5f:e7:44:34:83:
5d:69:fa:78:be:c2:7b:9e:02:c3:10:44:0b:0a:e0:
36:c9:6a:aa:14:14:01:23:65:dc:91:d9:a3:71:df:
a9:2d:af:c5:24:93:ac:1a:3a:a8:76:3d:4c:88:a1:
ce:a2:4c:3e:be:e9:b6:de:fb:f4:9f:94:34:6f:f5:
85:f8:48:d5:ea:98:fd:85:96:e2:3d:33:d0:bb:fc:
34:a8:c4:9c:4a:99:fd:e5:9d:fc:78:6e:44:87:94:
53:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:98:3B:FD:07:CF:BC:CE:54:E3:44:92:1F:39:37:89:3C:13:57:C4
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133302e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.130.0/24
Signature Algorithm: sha256WithRSAEncryption
47:0e:ac:a4:f5:f2:10:42:24:9e:d5:e2:1e:42:f1:80:14:c1:
cd:cf:98:bd:f0:2b:0b:53:8f:75:de:75:bc:76:d1:f1:b2:3b:
df:77:d3:96:0b:f8:a1:d1:8e:78:3f:47:ee:ff:36:31:95:a8:
b3:98:78:3c:5a:72:59:7f:4f:64:3e:47:5d:d8:67:b8:65:89:
f7:be:c1:a2:2a:85:da:5b:2b:fc:90:b2:e6:68:22:17:e9:bb:
4a:12:c4:6e:23:1b:34:05:24:51:78:fc:da:dd:cb:03:aa:2f:
f4:31:0e:13:02:98:73:6e:d8:a4:64:d3:7f:a8:b5:03:8a:3f:
f2:ae:a9:80:04:db:38:36:9d:7b:aa:df:ff:76:e6:e2:d1:38:
47:aa:92:d8:92:d5:6d:0a:c8:6d:f4:c4:79:3a:a0:24:0f:6f:
4e:fb:4b:4e:c4:6f:41:8e:0f:c8:03:a2:3f:cc:3f:02:d8:9a:
2b:28:a2:84:80:48:7b:2a:bf:3b:13:b8:b1:75:d4:e1:df:05:
f4:71:13:46:5e:87:df:23:df:da:05:2e:1a:ec:b7:90:d1:08:
11:cd:fd:76:9b:6c:c7:ce:b7:c2:1f:d8:dc:3c:e2:fc:b8:82:
e3:57:80:7d:ef:d3:25:69:c4:b2:3b:05:3d:2f:3a:00:ad:a2:
51:a1:b1:b6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOSxHv7WbkbooAmDPGHdKHSLxjcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTVaFw0yNzAzMjUwOTAwNTVaMDMxMTAvBgNV
BAMTKERDOTgzQkZEMDdDRkJDQ0U1NEUzNDQ5MjFGMzkzNzg5M0MxMzU3QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9pZEfoqR0EeFSwrOGhcTwWAzo
GDE7LdqvR0D80zMNxfYkKJqQukc9nRWe71+hUihm4oFaTHUwOu9iprDLm/yrpcNY
UcsDsjInwBFBEO0hbZULUm0ZHyXKp9mIJ4E0mjccVXMWoQMvyspZfefSNSj1N4hI
/oOLRFvO0Rr++yYThz6ysGMruzi6bbTG59ox+YYm1TCVcHyk5eqymUILV9lf50Q0
g11p+ni+wnueAsMQRAsK4DbJaqoUFAEjZdyR2aNx36ktr8Ukk6waOqh2PUyIoc6i
TD6+6bbe+/SflDRv9YX4SNXqmP2FluI9M9C7/DSoxJxKmf3lnfx4bkSHlFOdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3Jg7/QfPvM5U40SSHzk3iTwTV8QwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC80YIwDQYJKoZIhvcNAQELBQADggEBAEcOrKT18hBCJJ7V4h5C8YAUwc3PmL3w
KwtTj3Xedbx20fGyO99305YL+KHRjng/R+7/NjGVqLOYeDxacll/T2Q+R13YZ7hl
ife+waIqhdpbK/yQsuZoIhfpu0oSxG4jGzQFJFF4/NrdywOqL/QxDhMCmHNu2KRk
03+otQOKP/KuqYAE2zg2nXuq3/925uLROEeqktiS1W0KyG30xHk6oCQPb077S07E
b0GOD8gDoj/MPwLYmisoooSASHsqvzsTuLF11OHfBfRxE0Zeh98j39oFLhrst5DR
CBHN/XabbMfOt8If2Nw84vy4guNXgH3v0yVpxLI7BT0vOgCtolGhsbY=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:50 2026 by rpki-client