Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133312e302f32342d3234203d3e20323035363334.roa
File: 3138382e3230392e3133312e302f32342d3234203d3e20323035363334.roa (raw, json)
Hash identifier: l8u9RwnMTukBMpDxmIjUQ7ixNrvTQbldmzD2gS4UyWQ=
Subject key identifier: 97:5B:D7:BD:D2:DB:62:E6:30:B1:CA:BE:F0:26:CD:95:E0:16:A1:03
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 0BECD7BD84B6ED6B8F7E3C66DA22EA1FD0520E1E
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133312e302f32342d3234203d3e20323035363334.roa
Signing time: Thu 26 Mar 2026 09:00:55 +0000
ROA not before: Thu 26 Mar 2026 08:55:55 +0000
ROA not after: Thu 25 Mar 2027 09:00:55 +0000
asID: 205634
IP address blocks: 188.209.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:ec:d7:bd:84:b6:ed:6b:8f:7e:3c:66:da:22:ea:1f:d0:52:0e:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:55 2026 GMT
Not After : Mar 25 09:00:55 2027 GMT
Subject: CN=975BD7BDD2DB62E630B1CABEF026CD95E016A103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bd:58:cb:cf:3c:22:8b:71:bd:0d:84:96:55:
81:c8:3b:37:18:1b:e9:3d:a9:e2:c7:e1:57:f5:05:
cb:15:87:c2:09:fa:d5:32:38:2c:5b:b4:68:b5:d4:
ea:b5:cb:fe:2c:54:c2:c5:77:c4:45:dd:87:68:12:
3b:87:ee:1d:cd:50:2c:f2:92:83:eb:93:7e:13:ae:
30:12:26:5b:c4:47:43:a7:9e:b5:ec:c6:85:72:a5:
07:8e:3b:20:89:a2:76:47:0d:50:19:37:64:4b:a4:
f3:32:29:5a:95:ea:ef:c2:37:06:76:f4:5e:5d:94:
e2:91:9d:2d:5a:e4:b1:66:27:97:23:98:a9:85:d4:
f4:c6:11:8e:4b:e9:0f:33:db:d0:23:25:87:d2:05:
40:2f:10:a1:e8:27:13:b9:26:36:9f:20:a7:1e:a4:
0a:a1:2c:0f:9b:fd:77:36:ae:49:fc:98:aa:83:2e:
3c:2c:7e:76:98:71:82:9b:86:f2:42:0d:39:c0:49:
95:09:d3:63:8a:bc:d7:79:39:cc:3b:14:f5:ab:6f:
1c:98:2c:2d:3e:0b:81:47:ca:c3:50:67:54:45:31:
b9:0f:b3:8a:5d:7d:9f:a7:d8:e9:09:9b:f4:02:45:
da:4e:ec:ec:a8:7e:69:cf:4f:a7:ce:ed:72:56:80:
b5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5B:D7:BD:D2:DB:62:E6:30:B1:CA:BE:F0:26:CD:95:E0:16:A1:03
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133312e302f32342d3234203d3e20323035363334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
21:36:3d:d8:0a:6b:43:28:ba:a4:79:47:1e:f2:aa:4e:23:b5:
82:24:ff:1f:bd:f7:ec:74:f3:64:39:c5:6e:1d:48:ea:4f:46:
f6:69:b0:3c:94:55:94:d3:75:88:49:11:4b:40:8c:1f:53:ed:
f4:bc:36:21:9e:38:29:7f:3a:aa:bb:e0:88:d3:99:29:1f:11:
74:eb:85:b5:70:37:0c:22:96:4c:0d:14:90:c9:76:0e:b3:7f:
c0:20:4e:34:52:44:39:64:b8:75:0d:d3:88:6e:e9:f0:5a:b5:
85:e7:7d:c0:60:84:ed:56:29:c1:af:6c:01:8a:bb:5e:dc:bd:
70:06:c7:be:9c:f7:1f:bb:f3:c8:ea:a7:cf:30:b6:dd:cd:6e:
9b:0b:2f:13:db:6e:df:ef:7f:fe:a9:c8:af:89:f7:74:7f:95:
1f:67:6f:df:e7:6d:34:6f:71:7b:8c:4b:28:e4:45:da:d3:4c:
ef:64:5d:f4:02:8a:0f:82:d4:b4:f4:93:12:f8:b9:f3:9b:87:
0a:81:f5:46:70:d8:60:c8:99:a9:4f:b7:24:28:86:1e:44:80:
b2:d7:74:4e:61:33:86:f9:a5:a2:b8:4f:eb:66:a2:83:73:85:
2a:28:18:92:e7:3c:54:74:b2:8b:b6:2f:d4:1d:ab:74:24:3f:
bc:47:db:ec
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUC+zXvYS27WuPfjxm2iLqH9BSDh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTVaFw0yNzAzMjUwOTAwNTVaMDMxMTAvBgNV
BAMTKDk3NUJEN0JERDJEQjYyRTYzMEIxQ0FCRUYwMjZDRDk1RTAxNkExMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYvVjLzzwii3G9DYSWVYHIOzcY
G+k9qeLH4Vf1BcsVh8IJ+tUyOCxbtGi11Oq1y/4sVMLFd8RF3YdoEjuH7h3NUCzy
koPrk34TrjASJlvER0OnnrXsxoVypQeOOyCJonZHDVAZN2RLpPMyKVqV6u/CNwZ2
9F5dlOKRnS1a5LFmJ5cjmKmF1PTGEY5L6Q8z29AjJYfSBUAvEKHoJxO5JjafIKce
pAqhLA+b/Xc2rkn8mKqDLjwsfnaYcYKbhvJCDTnASZUJ02OKvNd5Ocw7FPWrbxyY
LC0+C4FHysNQZ1RFMbkPs4pdfZ+n2OkJm/QCRdpO7OyofmnPT6fO7XJWgLV3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUl1vXvdLbYuYwscq+8CbNleAWoQMwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTM2MzMzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALzRgzANBgkqhkiG9w0BAQsFAAOCAQEAITY92AprQyi6pHlHHvKqTiO1giT/
H7337HTzZDnFbh1I6k9G9mmwPJRVlNN1iEkRS0CMH1Pt9Lw2IZ44KX86qrvgiNOZ
KR8RdOuFtXA3DCKWTA0UkMl2DrN/wCBONFJEOWS4dQ3TiG7p8Fq1hed9wGCE7VYp
wa9sAYq7Xty9cAbHvpz3H7vzyOqnzzC23c1umwsvE9tu3+9//qnIr4n3dH+VH2dv
3+dtNG9xe4xLKORF2tNM72Rd9AKKD4LUtPSTEvi585uHCoH1RnDYYMiZqU+3JCiG
HkSAstd0TmEzhvmlorhP62aig3OFKigYkuc8VHSyi7Yv1B2rdCQ/vEfb7A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:17:11 2026 by rpki-client