Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3134312e302f32342d3234203d3e203633343733.roa
File: 3138382e3230392e3134312e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: 5PJGvp+FCiAbtjl3F/x5XPmpPCIx1scBgabDNyAULsE=
Subject key identifier: 15:B6:5D:59:3A:47:7A:29:4A:B9:F5:7C:82:68:C2:2C:D0:7F:2F:4B
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 2A8117D837D1566DD200B7934B83EF8B65601A43
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3134312e302f32342d3234203d3e203633343733.roa
Signing time: Thu 26 Mar 2026 09:00:54 +0000
ROA not before: Thu 26 Mar 2026 08:55:54 +0000
ROA not after: Thu 25 Mar 2027 09:00:54 +0000
asID: 63473
IP address blocks: 188.209.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 12:59:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:81:17:d8:37:d1:56:6d:d2:00:b7:93:4b:83:ef:8b:65:60:1a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 26 08:55:54 2026 GMT
Not After : Mar 25 09:00:54 2027 GMT
Subject: CN=15B65D593A477A294AB9F57C8268C22CD07F2F4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:77:5a:f1:45:79:43:30:94:3a:08:51:43:e9:
1c:1c:4f:da:48:cb:50:ce:35:7b:63:03:55:58:2b:
29:ab:29:bb:d0:8f:24:c1:c3:84:1a:01:1f:d6:e6:
35:a5:68:fc:f7:46:54:c0:a6:be:d1:ca:a0:d5:47:
1f:27:40:74:22:bb:8c:69:34:80:59:64:92:cd:da:
bd:05:e1:09:26:6b:58:ac:05:73:c5:17:95:d4:36:
ce:54:12:c7:66:d7:4e:5a:95:72:cc:6e:6e:33:f5:
95:f4:f5:8f:59:f9:3f:fd:04:3c:45:33:c4:9b:95:
7f:12:38:48:24:af:e0:51:89:67:98:f9:a8:8a:be:
aa:2e:03:6a:7a:65:ee:5d:de:ab:85:e4:34:b0:8c:
42:40:9a:15:37:94:5c:3e:4e:18:ea:fd:5a:6f:bc:
da:8b:36:8f:83:c9:cc:0d:cb:f7:03:6d:54:48:b9:
5d:77:cf:e0:fa:df:3f:3c:22:63:be:b1:a5:e3:2f:
e4:f5:04:b0:3c:60:84:f9:fb:fa:b1:9f:dc:38:1d:
0a:9e:c2:e1:01:a8:2a:82:a3:53:c5:9f:2c:c3:8d:
b2:cc:d6:cc:2f:53:37:a5:ac:61:b9:11:d6:ae:a9:
1c:c3:a6:61:5c:4a:9d:1b:dd:f7:a6:a6:95:c2:7e:
ce:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B6:5D:59:3A:47:7A:29:4A:B9:F5:7C:82:68:C2:2C:D0:7F:2F:4B
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3134312e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.141.0/24
Signature Algorithm: sha256WithRSAEncryption
39:7f:a6:e0:e9:0d:7a:af:a5:c9:96:a6:ef:23:ff:6b:32:4c:
42:62:bf:dd:25:e2:9a:9f:42:4a:cd:6b:8c:df:7a:87:cd:a7:
74:a0:93:cb:46:c5:f5:88:72:58:14:f0:41:67:2e:95:39:7b:
54:70:f7:f2:3a:3f:7e:01:b4:b5:45:d8:37:30:73:e4:16:7f:
11:d7:54:94:c3:55:b9:77:75:41:e7:b0:83:b7:73:fe:f7:ce:
05:f8:68:cc:16:7c:21:95:0e:e7:83:2e:ec:42:2c:cb:6d:a4:
f0:06:39:80:88:41:cb:8d:38:68:79:e7:db:72:87:0b:d9:bf:
88:a0:c3:e9:eb:76:dc:fa:ac:e1:fe:f3:38:d9:a6:0b:b6:43:
a0:4f:37:ef:08:e2:f0:a7:db:5d:dd:eb:c5:40:f9:bf:3a:d2:
d1:bd:57:6f:e7:27:2c:65:d8:95:78:29:b1:41:66:1d:7b:01:
7a:17:f3:b7:ef:e6:73:a1:45:36:ca:89:01:03:f9:14:f6:99:
af:44:a1:43:88:76:92:17:9d:68:2b:c6:39:69:e9:99:1a:04:
70:41:e3:fb:b7:31:2f:d7:46:1a:48:53:11:ca:46:4d:75:7f:
f8:f4:a1:2f:24:4f:e9:f5:fe:60:e3:e9:3f:78:5f:90:40:90:
f5:73:a3:2c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKoEX2DfRVm3SALeTS4Pvi2VgGkMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMjYwODU1NTRaFw0yNzAzMjUwOTAwNTRaMDMxMTAvBgNV
BAMTKDE1QjY1RDU5M0E0NzdBMjk0QUI5RjU3QzgyNjhDMjJDRDA3RjJGNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdd1rxRXlDMJQ6CFFD6RwcT9pI
y1DONXtjA1VYKymrKbvQjyTBw4QaAR/W5jWlaPz3RlTApr7RyqDVRx8nQHQiu4xp
NIBZZJLN2r0F4Qkma1isBXPFF5XUNs5UEsdm105alXLMbm4z9ZX09Y9Z+T/9BDxF
M8SblX8SOEgkr+BRiWeY+aiKvqouA2p6Ze5d3quF5DSwjEJAmhU3lFw+Thjq/Vpv
vNqLNo+DycwNy/cDbVRIuV13z+D63z88ImO+saXjL+T1BLA8YIT5+/qxn9w4HQqe
wuEBqCqCo1PFnyzDjbLM1swvUzelrGG5EdauqRzDpmFcSp0b3femppXCfs4/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFbZdWTpHeilKufV8gmjCLNB/L0swHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzNDM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC80Y0wDQYJKoZIhvcNAQELBQADggEBADl/puDpDXqvpcmWpu8j/2syTEJiv90l
4pqfQkrNa4zfeofNp3Sgk8tGxfWIclgU8EFnLpU5e1Rw9/I6P34BtLVF2Dcwc+QW
fxHXVJTDVbl3dUHnsIO3c/73zgX4aMwWfCGVDueDLuxCLMttpPAGOYCIQcuNOGh5
59tyhwvZv4igw+nrdtz6rOH+8zjZpgu2Q6BPN+8I4vCn213d68VA+b860tG9V2/n
Jyxl2JV4KbFBZh17AXoX87fv5nOhRTbKiQED+RT2ma9EoUOIdpIXnWgrxjlp6Zka
BHBB4/u3MS/XRhpIUxHKRk11f/j0oS8kT+n1/mDj6T94X5BAkPVzoyw=
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:10:24 2026 by rpki-client