Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133372e302f32342d3234203d3e2034353933.roa
File: 3138382e3230392e3133372e302f32342d3234203d3e2034353933.roa (raw, json)
Hash identifier: k1kucyBYq+rAPWz+BqM8AXn9mwo3cArL8MGPhqmN6ic=
Subject key identifier: 00:BB:34:35:81:1B:78:D9:92:1E:7F:67:BC:66:2F:54:F1:BE:A2:20
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 6A5046043A44954B184500ECFF3452BCACF775FB
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133372e302f32342d3234203d3e2034353933.roa
Signing time: Fri 08 May 2026 06:30:22 +0000
ROA not before: Fri 08 May 2026 06:25:22 +0000
ROA not after: Fri 07 May 2027 06:30:22 +0000
asID: 4593
IP address blocks: 188.209.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:50:46:04:3a:44:95:4b:18:45:00:ec:ff:34:52:bc:ac:f7:75:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: May 8 06:25:22 2026 GMT
Not After : May 7 06:30:22 2027 GMT
Subject: CN=00BB3435811B78D9921E7F67BC662F54F1BEA220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:55:91:f7:2b:22:24:03:08:a2:34:75:07:c5:
c3:95:2d:b9:a8:93:fa:40:83:5c:00:1f:d5:c0:1a:
2a:6b:64:13:25:b6:84:58:0e:00:9d:43:3f:cf:29:
73:45:e0:c5:1b:6f:53:58:42:46:5f:79:78:58:a7:
bd:a1:cb:e0:af:ec:2b:50:cb:7d:fd:f6:55:3b:b0:
93:0f:6f:ca:e6:34:d9:af:ae:17:be:db:48:7e:e4:
92:13:3a:78:a0:ca:e7:01:18:f8:d7:06:98:39:6b:
4d:c3:dc:9c:fe:7a:46:54:b4:ea:44:42:5d:3a:dd:
f7:3c:85:ae:9f:3f:07:d3:fe:8c:9b:f4:36:db:5c:
7e:b2:de:1a:58:2a:bf:ac:11:1f:7e:59:ac:fe:8c:
23:41:ac:99:b0:30:57:0f:a2:c8:8a:5f:2e:6c:f6:
fc:fc:b4:b8:51:39:47:d5:10:bd:de:cb:d8:df:26:
e1:a5:40:5b:0c:21:4d:a0:73:ed:a9:e1:69:14:cc:
32:01:23:e6:a4:fb:13:55:12:da:9d:27:0c:ed:b7:
ee:92:05:2a:0c:38:ee:48:8d:91:ef:4f:76:4d:6c:
57:80:84:45:df:21:a6:43:2d:0d:d6:dd:4e:60:a6:
ce:9e:09:4d:f0:04:70:91:f0:3c:94:46:9b:dc:11:
db:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BB:34:35:81:1B:78:D9:92:1E:7F:67:BC:66:2F:54:F1:BE:A2:20
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133372e302f32342d3234203d3e2034353933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.137.0/24
Signature Algorithm: sha256WithRSAEncryption
95:fd:93:27:3c:f6:69:41:aa:ba:d5:f0:79:cf:af:86:f7:1d:
73:c4:5a:95:b3:8c:9e:39:19:e7:2c:73:b5:8b:2f:74:26:fe:
c4:68:3a:be:31:8b:f5:02:b5:22:90:9a:8a:29:ac:39:7f:a1:
7e:24:38:67:49:91:9a:03:c5:e5:0c:06:be:53:13:b3:e5:6e:
f0:be:1b:4f:ce:f0:56:72:a3:85:95:16:05:c8:44:6e:02:1d:
42:30:12:4e:86:4d:93:26:bb:6d:19:8a:2a:08:2c:21:d2:b5:
aa:c2:be:00:2c:9e:d9:73:c9:9f:4d:ca:3d:c4:b4:fd:f6:10:
15:b2:1f:67:da:24:d5:dd:2f:00:e9:b3:03:7e:66:76:ce:62:
d0:82:4e:78:39:2b:e5:04:07:89:08:7f:3b:a5:e3:64:07:79:
9b:b7:c9:ca:8a:1d:85:38:a0:4e:bc:3b:79:99:66:f3:ae:7f:
5d:58:2d:88:0b:8c:df:23:2e:a3:ab:a7:04:9e:9c:f4:ee:01:
e7:ec:04:f2:76:68:f6:73:91:24:e1:ba:ec:d1:40:2d:d5:d4:
e7:67:7d:d8:09:0f:03:73:68:bd:30:a3:f7:f1:51:f8:d2:05:
ac:68:45:e2:52:c6:e1:2b:53:4b:7a:d9:6c:02:33:5e:9c:6c:
e6:36:ca:6f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUalBGBDpElUsYRQDs/zRSvKz3dfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjA1MDgwNjI1MjJaFw0yNzA1MDcwNjMwMjJaMDMxMTAvBgNV
BAMTKDAwQkIzNDM1ODExQjc4RDk5MjFFN0Y2N0JDNjYyRjU0RjFCRUEyMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8VZH3KyIkAwiiNHUHxcOVLbmo
k/pAg1wAH9XAGiprZBMltoRYDgCdQz/PKXNF4MUbb1NYQkZfeXhYp72hy+Cv7CtQ
y3399lU7sJMPb8rmNNmvrhe+20h+5JITOnigyucBGPjXBpg5a03D3Jz+ekZUtOpE
Ql063fc8ha6fPwfT/oyb9DbbXH6y3hpYKr+sER9+Waz+jCNBrJmwMFcPosiKXy5s
9vz8tLhROUfVEL3ey9jfJuGlQFsMIU2gc+2p4WkUzDIBI+ak+xNVEtqdJwztt+6S
BSoMOO5IjZHvT3ZNbFeAhEXfIaZDLQ3W3U5gps6eCU3wBHCR8DyURpvcEdtlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUALs0NYEbeNmSHn9nvGYvVPG+oiAwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzUzOTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
vNGJMA0GCSqGSIb3DQEBCwUAA4IBAQCV/ZMnPPZpQaq61fB5z6+G9x1zxFqVs4ye
ORnnLHO1iy90Jv7EaDq+MYv1ArUikJqKKaw5f6F+JDhnSZGaA8XlDAa+UxOz5W7w
vhtPzvBWcqOFlRYFyERuAh1CMBJOhk2TJrttGYoqCCwh0rWqwr4ALJ7Zc8mfTco9
xLT99hAVsh9n2iTV3S8A6bMDfmZ2zmLQgk54OSvlBAeJCH87peNkB3mbt8nKih2F
OKBOvDt5mWbzrn9dWC2IC4zfIy6jq6cEnpz07gHn7ATydmj2c5Ek4brs0UAt1dTn
Z33YCQ8Dc2i9MKP38VH40gWsaEXiUsbhK1NLetlsAjNenGzmNspv
-----END CERTIFICATE-----
Generated at Wed May 13 00:27:41 2026 by rpki-client