Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133322e302f32342d3234203d3e203239383032.roa
File: 3138382e3230392e3133322e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: IK+/dGS6RNZQyVMAoi/ihx5HiURdH9tpR8LjZodWFbA=
Subject key identifier: 04:E0:F6:7F:1D:2C:6E:E1:2D:50:4C:98:56:CC:3F:3E:0E:92:7E:DA
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 5657C40AF2AFDB6D8BE09DEA9A271A53C66CA289
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133322e302f32342d3234203d3e203239383032.roa
Signing time: Thu 26 Mar 2026 09:00:56 +0000
ROA not before: Thu 26 Mar 2026 08:55:56 +0000
ROA not after: Thu 25 Mar 2027 09:00:56 +0000
asID: 29802
IP address blocks: 188.209.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:57:c4:0a:f2:af:db:6d:8b:e0:9d:ea:9a:27:1a:53:c6:6c:a2:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:56 2026 GMT
Not After : Mar 25 09:00:56 2027 GMT
Subject: CN=04E0F67F1D2C6EE12D504C9856CC3F3E0E927EDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:53:75:08:99:c1:ce:8f:f8:32:80:b8:21:5f:
a5:82:de:22:1e:65:5d:70:be:b7:e7:39:b0:56:c6:
b8:11:19:ff:f3:54:39:84:ba:91:1b:1f:ec:2c:20:
b9:71:fe:14:57:a4:e3:1b:11:4a:7b:40:93:1d:1f:
45:68:f5:9e:d3:b7:a9:33:60:08:72:c0:85:04:d3:
76:d7:24:ae:27:21:c3:61:5d:3f:07:bb:aa:1c:ec:
2d:24:87:d8:7a:76:35:0c:34:29:53:bf:21:4d:0d:
8d:a9:b9:76:e2:d8:c9:b1:b2:62:ba:c3:54:05:dd:
a6:91:4a:ab:be:75:84:60:ef:0a:7e:9a:d4:3c:8e:
ef:54:b6:39:35:d0:8c:b0:3e:b0:9e:0c:26:fd:6f:
9b:ac:05:1f:c6:70:c4:72:da:f3:57:4d:b2:45:c5:
aa:4a:32:52:59:8a:c8:3d:4f:e5:d1:b3:91:c4:58:
a2:0e:c2:4d:c9:b2:ff:2b:ee:51:73:8e:a7:20:fa:
1e:e7:3c:c5:fe:4c:0f:d7:78:5d:3d:78:fa:bf:ad:
33:75:df:95:84:f4:62:40:ee:5f:a6:73:bd:1f:80:
08:33:2e:0c:9d:5e:c7:7f:e6:11:48:61:0a:d1:03:
f2:b3:55:81:38:0f:f2:d8:96:1d:a0:2e:cc:72:a7:
41:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E0:F6:7F:1D:2C:6E:E1:2D:50:4C:98:56:CC:3F:3E:0E:92:7E:DA
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133322e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.132.0/24
Signature Algorithm: sha256WithRSAEncryption
57:93:ba:6c:54:b1:a9:1b:f3:b8:42:cb:91:cf:be:c1:0a:e6:
92:ef:7e:7f:96:41:c8:f7:a0:28:14:6b:bf:5d:90:17:f3:31:
06:f1:24:4f:38:d0:52:aa:86:b8:a6:a6:ab:2f:c6:1b:7c:45:
52:ee:95:bc:dd:11:9f:26:e7:17:1d:1b:9b:a3:73:56:1d:00:
49:34:94:37:cf:09:87:f6:1b:b4:67:c4:3d:c9:90:a5:73:40:
7c:17:a0:e4:67:c2:54:0b:c6:50:82:eb:87:f7:e5:1a:fc:56:
50:b0:f6:9f:69:8d:1f:cc:64:42:b1:39:c8:b3:08:14:2e:2d:
15:88:d6:35:36:e0:21:7d:92:c8:67:0d:23:16:9d:ba:4f:68:
4c:67:1d:9f:be:5d:9a:bb:f9:aa:cd:20:0a:88:58:69:15:05:
f4:a7:f8:e4:2f:ab:bb:c6:5b:b8:fe:6d:eb:17:77:7c:a9:02:
78:47:ba:a5:3f:4e:b1:71:b4:0d:55:c5:3b:29:a5:a6:f3:9c:
48:2d:29:29:e7:01:fa:44:c4:5b:28:a8:9b:7d:38:81:2c:79:
4c:54:1e:7a:35:ac:5f:cf:41:b7:2d:58:38:82:86:12:15:2c:
28:07:ee:85:1b:ad:1b:e6:5a:50:5b:96:ea:52:9a:c5:41:ac:
ce:81:63:23
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVlfECvKv222L4J3qmicaU8ZsookwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTZaFw0yNzAzMjUwOTAwNTZaMDMxMTAvBgNV
BAMTKDA0RTBGNjdGMUQyQzZFRTEyRDUwNEM5ODU2Q0MzRjNFMEU5MjdFREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXU3UImcHOj/gygLghX6WC3iIe
ZV1wvrfnObBWxrgRGf/zVDmEupEbH+wsILlx/hRXpOMbEUp7QJMdH0Vo9Z7Tt6kz
YAhywIUE03bXJK4nIcNhXT8Hu6oc7C0kh9h6djUMNClTvyFNDY2puXbi2MmxsmK6
w1QF3aaRSqu+dYRg7wp+mtQ8ju9Utjk10IywPrCeDCb9b5usBR/GcMRy2vNXTbJF
xapKMlJZisg9T+XRs5HEWKIOwk3Jsv8r7lFzjqcg+h7nPMX+TA/XeF09ePq/rTN1
35WE9GJA7l+mc70fgAgzLgydXsd/5hFIYQrRA/KzVYE4D/LYlh2gLsxyp0GDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBOD2fx0sbuEtUEyYVsw/Pg6SftowHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC80YQwDQYJKoZIhvcNAQELBQADggEBAFeTumxUsakb87hCy5HPvsEK5pLvfn+W
Qcj3oCgUa79dkBfzMQbxJE840FKqhrimpqsvxht8RVLulbzdEZ8m5xcdG5ujc1Yd
AEk0lDfPCYf2G7RnxD3JkKVzQHwXoORnwlQLxlCC64f35Rr8VlCw9p9pjR/MZEKx
OcizCBQuLRWI1jU24CF9kshnDSMWnbpPaExnHZ++XZq7+arNIAqIWGkVBfSn+OQv
q7vGW7j+besXd3ypAnhHuqU/TrFxtA1VxTsppabznEgtKSnnAfpExFsoqJt9OIEs
eUxUHno1rF/PQbctWDiChhIVLCgH7oUbrRvmWlBblupSmsVBrM6BYyM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:57 2026 by rpki-client