Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133342e302f32342d3234203d3e203136353039.roa
File: 3138382e3230392e3133342e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: jZItrHf7055SyqKU97fgOt1OO8FXpaYc7KiW/X563tU=
Subject key identifier: C9:09:C2:A4:98:B6:13:24:6B:17:D6:05:D7:75:B9:85:4D:75:52:FC
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 2FA8027C70D06AAAB637BA747890F06B68B221B6
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133342e302f32342d3234203d3e203136353039.roa
Signing time: Thu 26 Mar 2026 09:00:54 +0000
ROA not before: Thu 26 Mar 2026 08:55:54 +0000
ROA not after: Thu 25 Mar 2027 09:00:54 +0000
asID: 16509
IP address blocks: 188.209.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:a8:02:7c:70:d0:6a:aa:b6:37:ba:74:78:90:f0:6b:68:b2:21:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:54 2026 GMT
Not After : Mar 25 09:00:54 2027 GMT
Subject: CN=C909C2A498B613246B17D605D775B9854D7552FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b9:a8:68:e8:3d:5f:43:5e:6b:dd:d5:3e:9f:
23:31:af:df:09:36:2c:20:14:be:0c:fd:5a:95:9f:
61:50:19:17:40:56:4a:8f:7f:a5:e6:85:b4:6e:1a:
a2:35:23:0a:34:73:2e:68:de:b7:ae:b5:54:66:73:
b8:2c:9b:01:4f:bf:da:d9:b6:7e:89:b4:60:3b:a2:
c3:7a:49:f2:b3:ec:2f:f8:90:e0:11:3c:f1:55:61:
5c:0b:0b:6c:4b:88:49:8a:30:c5:2e:f5:c6:d8:90:
50:da:fb:37:21:2f:31:34:51:68:39:6b:bf:c5:e2:
db:c9:94:ae:fd:87:72:19:91:7e:4b:e8:5a:c0:30:
4b:d6:2c:0c:61:d7:a9:ea:95:51:35:07:d6:df:67:
29:80:88:c4:e2:a0:37:55:ab:f0:e0:37:8f:52:90:
4a:1f:59:6c:e2:5f:03:96:e7:4b:24:44:14:0a:f3:
49:50:23:9e:ad:6f:b5:35:ff:d2:02:5a:40:91:52:
59:06:ee:72:f5:12:6b:6b:7a:8a:9a:cb:e1:f3:9f:
0e:8a:f7:32:9e:a9:d1:6b:6a:99:2f:4b:17:71:d1:
cf:8b:41:46:be:58:27:d4:99:a0:3c:7c:a0:ed:f5:
6c:50:d2:46:34:0e:24:5e:59:f6:80:e1:06:31:de:
6e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:09:C2:A4:98:B6:13:24:6B:17:D6:05:D7:75:B9:85:4D:75:52:FC
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133342e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.134.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f1:7c:e2:7b:c8:08:fa:22:ed:f5:55:9a:3f:e1:04:fc:e7:
0b:4e:1a:53:30:33:26:09:91:64:23:c7:9a:bb:41:c1:e1:1f:
91:34:c0:9c:95:f7:64:a5:02:17:89:8f:04:a5:b2:0b:61:04:
12:0a:ac:cd:d6:20:b6:22:d9:f2:70:e8:b0:7b:f7:6a:4a:f1:
b4:55:67:ae:8e:18:71:22:e7:0a:51:26:83:48:2a:22:dc:d2:
84:9a:0d:5c:a8:6c:8b:9c:ae:96:14:d3:a2:f0:46:f6:57:06:
5d:7d:1d:da:10:f8:88:9c:e7:86:19:c9:59:d6:3b:bf:30:e6:
4a:9a:b7:46:ba:8d:93:47:e5:8b:c1:d8:a8:8d:40:cf:48:98:
08:c1:a4:11:e9:91:ba:ce:c8:bc:70:2e:69:c3:c9:c5:9a:c6:
8a:8b:ca:f8:da:8c:13:d3:61:eb:12:cd:39:fd:0c:03:7e:34:
63:83:b2:b0:46:08:c5:4d:2a:49:cc:04:24:57:e2:18:72:39:
06:76:b0:ef:db:30:5a:ad:1f:71:b1:d7:dc:0e:cf:0b:75:bc:
4b:09:7d:83:34:c1:8d:56:83:5b:8c:74:be:d8:08:56:34:12:
64:58:bc:ad:a7:b9:9a:56:03:b2:d5:d2:2b:a5:0f:67:20:ab:
ee:e8:21:94
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUL6gCfHDQaqq2N7p0eJDwa2iyIbYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTRaFw0yNzAzMjUwOTAwNTRaMDMxMTAvBgNV
BAMTKEM5MDlDMkE0OThCNjEzMjQ2QjE3RDYwNUQ3NzVCOTg1NEQ3NTUyRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2uaho6D1fQ15r3dU+nyMxr98J
NiwgFL4M/VqVn2FQGRdAVkqPf6XmhbRuGqI1Iwo0cy5o3reutVRmc7gsmwFPv9rZ
tn6JtGA7osN6SfKz7C/4kOARPPFVYVwLC2xLiEmKMMUu9cbYkFDa+zchLzE0UWg5
a7/F4tvJlK79h3IZkX5L6FrAMEvWLAxh16nqlVE1B9bfZymAiMTioDdVq/DgN49S
kEofWWziXwOW50skRBQK80lQI56tb7U1/9ICWkCRUlkG7nL1Emtreoqay+Hznw6K
9zKeqdFrapkvSxdx0c+LQUa+WCfUmaA8fKDt9WxQ0kY0DiReWfaA4QYx3m4TAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyQnCpJi2EyRrF9YF13W5hU11UvwwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC80YYwDQYJKoZIhvcNAQELBQADggEBAIzxfOJ7yAj6Iu31VZo/4QT85wtOGlMw
MyYJkWQjx5q7QcHhH5E0wJyV92SlAheJjwSlsgthBBIKrM3WILYi2fJw6LB792pK
8bRVZ66OGHEi5wpRJoNIKiLc0oSaDVyobIucrpYU06LwRvZXBl19HdoQ+Iic54YZ
yVnWO78w5kqat0a6jZNH5YvB2KiNQM9ImAjBpBHpkbrOyLxwLmnDycWaxoqLyvja
jBPTYesSzTn9DAN+NGODsrBGCMVNKknMBCRX4hhyOQZ2sO/bMFqtH3Gx19wOzwt1
vEsJfYM0wY1Wg1uMdL7YCFY0EmRYvK2nuZpWA7LV0iulD2cgq+7oIZQ=
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:11:31 2026 by rpki-client