Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133342e302f32342d3234203d3e203134363138.roa
File: 3138382e3230392e3133342e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: JDc6LBVDJwyCOhdz0iIkjz1/8vkKqxVjGqxbKovcXfI=
Subject key identifier: 2D:68:86:F4:56:BA:53:FC:F1:05:74:D3:3B:8C:1A:6B:85:FB:3E:47
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 33F3E09DFC962F87B3C18E9BCBB40E04C5DAF3C7
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133342e302f32342d3234203d3e203134363138.roa
Signing time: Thu 26 Mar 2026 09:00:54 +0000
ROA not before: Thu 26 Mar 2026 08:55:54 +0000
ROA not after: Thu 25 Mar 2027 09:00:54 +0000
asID: 14618
IP address blocks: 188.209.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f3:e0:9d:fc:96:2f:87:b3:c1:8e:9b:cb:b4:0e:04:c5:da:f3:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:54 2026 GMT
Not After : Mar 25 09:00:54 2027 GMT
Subject: CN=2D6886F456BA53FCF10574D33B8C1A6B85FB3E47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3e:5d:6a:7b:3c:06:4d:ad:36:06:ef:96:b9:
8b:08:18:63:8d:e4:3b:b9:a7:7a:c8:37:cf:bd:6f:
14:bf:54:38:f1:03:1c:38:a4:ac:61:6b:c1:39:07:
01:e2:02:ac:71:f9:57:4b:e3:77:ac:b6:56:43:ae:
6a:0d:5c:91:96:8b:f7:97:03:06:e6:c1:b0:c0:82:
63:de:50:fc:f3:d5:03:dd:40:ea:43:34:ee:5f:3c:
47:30:92:07:36:c0:65:10:34:cc:e2:75:86:e6:ca:
3e:2a:f3:b2:c0:ad:0c:e9:9c:52:d5:9f:63:56:6d:
6a:fe:de:f7:2a:b4:ff:88:c5:bf:87:f8:58:8f:35:
d3:b5:a7:8b:6d:64:d3:80:ed:0c:d8:c1:49:78:b7:
50:fe:dd:f0:ca:8a:55:b6:da:25:5a:eb:5e:5d:75:
61:a5:77:54:d3:77:4a:32:dd:44:4e:24:31:5a:65:
ec:00:2e:27:ff:c4:6e:fb:b9:b0:5a:ae:84:e3:bd:
ef:ce:8d:1b:16:3b:68:93:c2:7f:fe:ad:3c:cf:36:
b8:b2:ad:21:d3:fc:93:03:31:73:64:9f:9a:69:a0:
bc:fe:95:ed:fc:82:ca:a9:ab:c9:a4:b0:3c:97:77:
38:cc:e1:35:7f:d8:5c:0d:f6:86:5b:18:9b:9a:d1:
e8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:68:86:F4:56:BA:53:FC:F1:05:74:D3:3B:8C:1A:6B:85:FB:3E:47
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133342e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.134.0/24
Signature Algorithm: sha256WithRSAEncryption
88:d7:a7:94:e3:81:97:34:e4:2b:f0:be:cd:4e:fa:b0:78:05:
fa:58:87:b7:22:95:d7:d6:fb:53:46:2f:c0:3b:14:28:08:1f:
61:01:04:b0:a5:2c:32:dd:62:64:a8:fa:81:24:e3:ea:e6:65:
43:87:ab:5d:1a:c7:0b:6b:ae:03:19:3f:d9:15:9c:4b:97:0a:
27:bd:3b:6a:7c:69:7f:0b:09:74:90:01:cb:56:ab:57:88:24:
82:f6:75:12:32:ca:cf:d3:75:3e:fb:7c:ca:ec:45:c5:30:4c:
89:91:63:ff:fd:22:1d:7d:ea:0e:bc:9d:5f:eb:f0:e8:db:f7:
51:76:d2:51:9b:0a:e7:56:10:38:6e:95:5f:02:e1:24:5f:09:
e7:7d:16:4a:bc:8a:cc:30:6d:2d:d5:8f:bd:a0:f9:80:8c:1e:
e1:fa:0c:9b:b7:2d:9b:7d:07:3f:9c:ac:7d:b6:82:96:56:c1:
68:1b:27:69:92:bb:23:9b:1c:93:2a:37:25:80:cf:a1:ff:27:
26:be:65:cb:67:ad:8d:bb:50:b6:9c:60:66:ed:a9:8a:cb:3c:
9f:67:b5:c4:48:ec:94:53:ba:cc:6a:48:b8:08:d7:1d:af:c9:
f6:89:2d:10:73:10:8b:c4:95:ec:46:b6:28:fd:f2:35:7e:a2:
e9:8a:b4:77
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM/PgnfyWL4ezwY6by7QOBMXa88cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTRaFw0yNzAzMjUwOTAwNTRaMDMxMTAvBgNV
BAMTKDJENjg4NkY0NTZCQTUzRkNGMTA1NzREMzNCOEMxQTZCODVGQjNFNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Pl1qezwGTa02Bu+WuYsIGGON
5Du5p3rIN8+9bxS/VDjxAxw4pKxha8E5BwHiAqxx+VdL43estlZDrmoNXJGWi/eX
AwbmwbDAgmPeUPzz1QPdQOpDNO5fPEcwkgc2wGUQNMzidYbmyj4q87LArQzpnFLV
n2NWbWr+3vcqtP+Ixb+H+FiPNdO1p4ttZNOA7QzYwUl4t1D+3fDKilW22iVa615d
dWGld1TTd0oy3UROJDFaZewALif/xG77ubBaroTjve/OjRsWO2iTwn/+rTzPNriy
rSHT/JMDMXNkn5ppoLz+le38gsqpq8mksDyXdzjM4TV/2FwN9oZbGJua0ejHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULWiG9Fa6U/zxBXTTO4waa4X7PkcwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC80YYwDQYJKoZIhvcNAQELBQADggEBAIjXp5TjgZc05Cvwvs1O+rB4BfpYh7ci
ldfW+1NGL8A7FCgIH2EBBLClLDLdYmSo+oEk4+rmZUOHq10axwtrrgMZP9kVnEuX
Cie9O2p8aX8LCXSQActWq1eIJIL2dRIyys/TdT77fMrsRcUwTImRY//9Ih196g68
nV/r8Ojb91F20lGbCudWEDhulV8C4SRfCed9Fkq8iswwbS3Vj72g+YCMHuH6DJu3
LZt9Bz+crH22gpZWwWgbJ2mSuyObHJMqNyWAz6H/Jya+ZctnrY27ULacYGbtqYrL
PJ9ntcRI7JRTusxqSLgI1x2vyfaJLRBzEIvElexGtij98jV+oumKtHc=
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:11:04 2026 by rpki-client