Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3134302e302f32342d3234203d3e203136323736.roa
File: 3138382e3230392e3134302e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: uscLDE4MYKcSzxC+amLd7pEBwSi8suW8G9AGUUcQeyg=
Subject key identifier: 3E:C7:3E:E1:E5:9D:DC:BD:D7:20:8D:1C:FA:FD:95:93:93:BC:1F:83
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 7960298312656C8FC4F67681129F91621111EB50
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3134302e302f32342d3234203d3e203136323736.roa
Signing time: Thu 26 Mar 2026 09:00:55 +0000
ROA not before: Thu 26 Mar 2026 08:55:55 +0000
ROA not after: Thu 25 Mar 2027 09:00:55 +0000
asID: 16276
IP address blocks: 188.209.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:60:29:83:12:65:6c:8f:c4:f6:76:81:12:9f:91:62:11:11:eb:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:55 2026 GMT
Not After : Mar 25 09:00:55 2027 GMT
Subject: CN=3EC73EE1E59DDCBDD7208D1CFAFD959393BC1F83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:44:cb:18:40:13:08:e1:0d:62:70:6d:d8:b6:
a9:d5:ac:e5:f7:7f:f1:60:79:86:8b:7c:1c:e4:08:
d3:96:91:b9:44:d6:52:e0:c2:92:32:40:5a:2e:41:
1f:41:d3:8c:d7:d4:94:98:10:dd:2d:a2:f0:f4:3c:
51:14:fe:8b:8a:8f:cf:2d:93:aa:55:43:c3:87:2d:
a8:24:9e:ee:de:18:f0:01:70:cc:26:fc:2a:42:bc:
a5:63:f3:74:55:74:21:e0:06:0e:c5:2c:79:9d:18:
77:ae:70:d6:ae:ab:f5:00:b1:3e:1a:8d:01:9e:95:
4f:07:e9:0c:14:13:b0:0b:8e:a9:41:39:a7:0e:89:
dc:ed:12:cf:69:2c:14:3d:f7:65:f4:d8:6b:36:2c:
65:cf:c7:bc:65:11:f5:a4:6c:b1:70:4d:dd:80:a9:
d5:f5:b3:b6:c2:7d:9b:f9:60:ed:01:fe:f3:f7:fd:
03:1b:ac:12:55:49:cd:49:11:d5:74:d3:02:4f:70:
5f:4c:3e:f6:8a:06:97:ad:aa:f8:c4:26:51:f9:a0:
86:de:21:87:d8:2d:52:45:89:36:4a:78:2d:c7:c1:
00:29:47:41:4d:32:b6:4b:df:9f:95:e2:7a:c8:e2:
70:6a:22:02:33:c7:38:d9:59:6a:4d:bf:29:29:4d:
2c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C7:3E:E1:E5:9D:DC:BD:D7:20:8D:1C:FA:FD:95:93:93:BC:1F:83
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3134302e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.140.0/24
Signature Algorithm: sha256WithRSAEncryption
35:b9:48:a9:64:f7:26:d8:60:d8:13:73:71:e9:69:01:fc:85:
b4:0e:68:ef:f8:79:8f:53:03:fa:fb:b4:d1:d8:19:a5:39:f5:
eb:0d:9f:b6:c8:b5:fc:44:95:4e:a5:aa:60:0a:a0:98:1e:d4:
96:ab:0c:66:08:d0:78:7a:8d:60:41:c5:08:a6:74:5f:f1:17:
85:47:9c:17:c7:34:63:7c:c3:15:cb:10:55:81:c2:f8:08:3c:
4a:c9:48:8e:6d:1e:c9:94:7a:b9:7d:4f:74:23:c0:15:56:dc:
ce:44:ba:0e:1b:f1:aa:62:eb:ed:46:b8:25:40:bc:ad:4e:14:
13:91:f3:fc:05:55:31:a9:ee:80:8d:c5:6b:68:d3:42:72:6d:
44:d8:d7:0c:bb:6b:0f:44:db:43:66:06:3c:6a:c1:bd:74:b7:
40:3f:bc:7a:1c:d4:dc:7b:94:71:91:00:95:68:eb:e3:6a:c5:
a7:74:b3:c0:23:9d:28:b0:e5:e9:4c:65:c8:32:26:53:b1:4f:
59:d2:7b:67:d4:c0:ae:02:65:8f:85:6a:21:3c:36:c1:28:c1:
28:db:d8:73:4e:e8:7f:54:90:f7:83:cc:18:af:93:75:00:8e:
1d:66:67:47:8c:0b:52:64:b5:13:0d:ad:c2:23:59:cb:f3:a1:
b0:3c:76:dd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeWApgxJlbI/E9naBEp+RYhER61AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTVaFw0yNzAzMjUwOTAwNTVaMDMxMTAvBgNV
BAMTKDNFQzczRUUxRTU5RERDQkRENzIwOEQxQ0ZBRkQ5NTkzOTNCQzFGODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2RMsYQBMI4Q1icG3YtqnVrOX3
f/FgeYaLfBzkCNOWkblE1lLgwpIyQFouQR9B04zX1JSYEN0tovD0PFEU/ouKj88t
k6pVQ8OHLagknu7eGPABcMwm/CpCvKVj83RVdCHgBg7FLHmdGHeucNauq/UAsT4a
jQGelU8H6QwUE7ALjqlBOacOidztEs9pLBQ992X02Gs2LGXPx7xlEfWkbLFwTd2A
qdX1s7bCfZv5YO0B/vP3/QMbrBJVSc1JEdV00wJPcF9MPvaKBpetqvjEJlH5oIbe
IYfYLVJFiTZKeC3HwQApR0FNMrZL35+V4nrI4nBqIgIzxzjZWWpNvykpTSyHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPsc+4eWd3L3XII0c+v2Vk5O8H4MwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzMjM3MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC80YwwDQYJKoZIhvcNAQELBQADggEBADW5SKlk9ybYYNgTc3HpaQH8hbQOaO/4
eY9TA/r7tNHYGaU59esNn7bItfxElU6lqmAKoJge1JarDGYI0Hh6jWBBxQimdF/x
F4VHnBfHNGN8wxXLEFWBwvgIPErJSI5tHsmUerl9T3QjwBVW3M5Eug4b8api6+1G
uCVAvK1OFBOR8/wFVTGp7oCNxWto00JybUTY1wy7aw9E20NmBjxqwb10t0A/vHoc
1Nx7lHGRAJVo6+Nqxad0s8AjnSiw5elMZcgyJlOxT1nSe2fUwK4CZY+FaiE8NsEo
wSjb2HNO6H9UkPeDzBivk3UAjh1mZ0eMC1JktRMNrcIjWcvzobA8dt0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:48 2026 by rpki-client