Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133362e302f32342d3234203d3e20323035323230.roa
File: 3138382e3230392e3133362e302f32342d3234203d3e20323035323230.roa (raw, json)
Hash identifier: K5j2VCJaLJROS2jyZo3elrdCIZjXim0MOB6LLk+1ZrA=
Subject key identifier: 5F:E1:79:4B:9F:78:93:D6:CB:76:4D:B3:1B:E9:14:0A:2C:AC:F6:1A
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 1562384A571AEB933D0305B11C2D2E0ACCC15DCA
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133362e302f32342d3234203d3e20323035323230.roa
Signing time: Thu 26 Mar 2026 09:00:56 +0000
ROA not before: Thu 26 Mar 2026 08:55:56 +0000
ROA not after: Thu 25 Mar 2027 09:00:56 +0000
asID: 205220
IP address blocks: 188.209.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:62:38:4a:57:1a:eb:93:3d:03:05:b1:1c:2d:2e:0a:cc:c1:5d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:56 2026 GMT
Not After : Mar 25 09:00:56 2027 GMT
Subject: CN=5FE1794B9F7893D6CB764DB31BE9140A2CACF61A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3a:ba:8e:0e:40:c7:d2:26:75:c9:0f:b7:72:
78:f5:d2:f0:ea:f5:fd:ac:a2:1e:e1:7d:a0:f5:39:
da:26:31:40:cc:39:ce:24:75:c1:c4:44:9f:54:1a:
34:d5:25:24:21:dc:18:7d:92:58:ca:9b:60:5b:75:
25:e9:94:05:a3:95:8a:5b:49:19:2e:63:fc:63:c4:
89:ff:7e:23:5f:8f:5d:08:09:ca:e8:16:83:2e:65:
c5:28:41:b1:aa:50:a4:7c:61:44:da:65:9b:3f:88:
c6:fd:4e:28:4c:bd:6b:25:0a:3d:da:c6:94:49:99:
75:f5:e8:01:f7:00:a3:f4:92:5f:83:86:71:13:16:
0f:a1:c9:4b:62:81:b8:33:08:7b:cf:60:b9:44:a9:
16:36:30:1d:96:16:35:16:97:4b:85:f4:16:83:dd:
88:a9:f2:c5:63:a4:d3:ab:41:af:b6:77:34:56:8a:
ed:8e:3f:04:9f:f6:7e:f9:2e:80:ff:78:70:4f:c3:
bb:06:fd:9a:31:34:5c:ea:ad:34:c1:0a:c2:df:50:
84:6d:6c:2f:c4:f8:1c:77:ba:3f:4a:b4:9a:37:d3:
00:08:93:9e:45:19:33:4a:a8:81:75:ff:3c:d2:fa:
13:73:34:79:47:20:29:91:a7:f4:b3:b5:5d:b5:c0:
c3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E1:79:4B:9F:78:93:D6:CB:76:4D:B3:1B:E9:14:0A:2C:AC:F6:1A
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133362e302f32342d3234203d3e20323035323230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.136.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:29:5d:b6:dc:af:0e:6e:8f:cf:f7:c0:5d:42:9f:3d:67:a5:
9c:25:05:fa:d0:67:5a:98:ae:1b:ac:b9:73:a2:51:70:fd:0e:
e1:9d:9c:03:7b:1e:04:3d:d8:ba:ca:10:9f:a4:59:0d:41:c3:
b6:ac:06:44:7e:f3:7e:6c:f2:bc:0f:87:d0:0c:8b:6f:5e:fe:
bf:32:3e:e4:7d:c7:f9:0e:e7:0f:5a:ce:41:43:4f:f8:7d:e2:
f0:7b:95:84:1b:51:4a:2b:45:6d:58:2f:1a:65:01:74:5b:b3:
d5:64:ea:a5:42:4f:cf:bb:ac:88:8a:db:d1:4e:76:6c:53:f7:
de:d1:5f:08:83:e3:d4:35:93:9d:55:d9:41:73:7e:d5:f8:89:
56:5b:3c:da:ed:25:3d:b3:6c:ba:ab:23:40:12:89:58:2e:e0:
90:3a:66:9b:eb:9b:88:6b:92:3c:48:7f:f6:96:b2:2f:82:e0:
1a:b8:e2:ea:a3:42:9f:03:21:87:60:39:ea:7f:3b:fc:b9:e0:
31:e1:ad:be:6e:a8:27:7e:02:71:b5:52:36:78:ad:3f:6e:d2:
83:05:65:24:8c:e9:3e:75:a6:73:75:09:fe:f5:b1:59:91:c3:
35:9b:e1:d3:7c:fd:b1:66:e9:e0:c0:36:4e:56:1c:5b:23:d4:
ce:0c:c3:08
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFWI4Slca65M9AwWxHC0uCszBXcowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTZaFw0yNzAzMjUwOTAwNTZaMDMxMTAvBgNV
BAMTKDVGRTE3OTRCOUY3ODkzRDZDQjc2NERCMzFCRTkxNDBBMkNBQ0Y2MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHOrqODkDH0iZ1yQ+3cnj10vDq
9f2soh7hfaD1OdomMUDMOc4kdcHERJ9UGjTVJSQh3Bh9kljKm2BbdSXplAWjlYpb
SRkuY/xjxIn/fiNfj10ICcroFoMuZcUoQbGqUKR8YUTaZZs/iMb9TihMvWslCj3a
xpRJmXX16AH3AKP0kl+DhnETFg+hyUtigbgzCHvPYLlEqRY2MB2WFjUWl0uF9BaD
3Yip8sVjpNOrQa+2dzRWiu2OPwSf9n75LoD/eHBPw7sG/ZoxNFzqrTTBCsLfUIRt
bC/E+Bx3uj9KtJo30wAIk55FGTNKqIF1/zzS+hNzNHlHICmRp/SztV21wMM9AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUX+F5S594k9bLdk2zG+kUCiys9howHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTMyMzIzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALzRiDANBgkqhkiG9w0BAQsFAAOCAQEAHSldttyvDm6Pz/fAXUKfPWelnCUF
+tBnWpiuG6y5c6JRcP0O4Z2cA3seBD3YusoQn6RZDUHDtqwGRH7zfmzyvA+H0AyL
b17+vzI+5H3H+Q7nD1rOQUNP+H3i8HuVhBtRSitFbVgvGmUBdFuz1WTqpUJPz7us
iIrb0U52bFP33tFfCIPj1DWTnVXZQXN+1fiJVls82u0lPbNsuqsjQBKJWC7gkDpm
m+ubiGuSPEh/9payL4LgGrji6qNCnwMhh2A56n87/LngMeGtvm6oJ34CcbVSNnit
P27SgwVlJIzpPnWmc3UJ/vWxWZHDNZvh03z9sWbp4MA2TlYcWyPUzgzDCA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:01:37 2026 by rpki-client