Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235352e302f32342d3234203d3e20313530323933.roa
File: 38322e3139382e3235352e302f32342d3234203d3e20313530323933.roa (raw, json)
Hash identifier: PZT2bsP63jmlkBR7AbjcPO53jtTVWbRtnVsGrrkHMwY=
Subject key identifier: C8:5E:88:A0:92:D4:5B:31:18:F4:B2:9C:38:1E:68:B4:09:54:EE:EA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 757A80E78D7622B81A20D3C7F7EA8B295470D800
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235352e302f32342d3234203d3e20313530323933.roa
Signing time: Tue 24 Mar 2026 13:07:10 +0000
ROA not before: Tue 24 Mar 2026 13:02:10 +0000
ROA not after: Tue 23 Mar 2027 13:07:10 +0000
asID: 150293
IP address blocks: 82.198.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:7a:80:e7:8d:76:22:b8:1a:20:d3:c7:f7:ea:8b:29:54:70:d8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 24 13:02:10 2026 GMT
Not After : Mar 23 13:07:10 2027 GMT
Subject: CN=C85E88A092D45B3118F4B29C381E68B40954EEEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ef:81:b6:23:7c:03:9f:0e:23:5d:b8:b6:40:
8e:52:6c:22:fd:cf:a6:8d:cb:11:b5:de:60:81:a1:
d0:50:54:79:00:de:b1:c6:ef:90:99:fe:ee:52:dc:
fa:94:78:35:eb:57:f1:75:7b:d9:aa:c5:3a:aa:19:
73:be:51:78:3c:33:3a:75:68:ad:61:cd:05:b7:1b:
71:79:02:18:de:66:f7:9d:67:9b:65:03:b1:bd:da:
9c:9b:94:40:b6:82:df:3c:c9:56:83:cd:f5:c5:4b:
70:cc:98:b9:2c:10:1e:4d:2b:1c:23:31:2e:91:d2:
34:c2:80:bf:a9:8a:9e:c6:8e:30:99:5f:7f:0d:64:
bf:55:3b:2d:64:b6:85:1c:ec:eb:cf:1a:17:3f:b5:
47:92:79:db:03:d0:bf:0b:4c:1d:9f:83:b4:dd:cb:
d9:9d:2e:44:85:6c:d0:26:9c:76:cb:7b:7f:5d:14:
41:a0:01:0d:67:0b:ce:7d:88:c2:d3:22:2e:f8:06:
37:8a:21:51:ff:90:17:41:88:37:cd:a4:bb:63:e8:
d4:a8:9c:6a:63:9e:1e:be:40:00:0e:00:d2:09:32:
97:33:81:ee:18:73:00:8a:bd:dc:20:43:46:a2:9e:
8f:9f:c2:32:9c:22:f0:e3:50:58:bd:0c:f8:12:00:
ff:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:5E:88:A0:92:D4:5B:31:18:F4:B2:9C:38:1E:68:B4:09:54:EE:EA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235352e302f32342d3234203d3e20313530323933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.198.255.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:cf:16:ad:2e:72:0d:4f:0a:0e:19:d3:c5:5b:2f:21:58:7a:
a5:af:00:f0:bf:89:08:83:96:83:ce:ef:b8:af:d6:15:6a:3b:
89:43:72:12:24:71:18:af:3f:f8:2d:9e:b4:1b:2a:27:72:2d:
68:27:80:ba:74:b7:20:f1:dd:ea:32:ec:52:9e:40:8d:61:e0:
01:ae:e8:5e:62:4e:b0:b2:c7:45:ce:54:a5:16:84:e3:9d:7b:
9d:e8:46:fd:21:47:ee:b6:ae:02:c8:86:e7:6f:d8:4d:2f:f6:
31:16:1d:d1:7f:77:61:fc:65:c3:8f:60:9d:2e:62:fc:b5:e8:
b1:fc:f2:49:79:39:c5:8e:78:4f:72:99:2f:7b:f4:87:4f:df:
ce:8b:83:9b:e6:1d:d0:a9:37:9b:aa:c5:b7:cb:68:27:f3:2d:
2e:84:f0:1c:0b:38:f4:8a:65:58:b1:d8:48:77:10:97:7e:cf:
99:a9:98:7e:74:29:9f:67:7f:fc:2f:fd:94:1b:16:52:cc:cf:
76:96:83:87:73:4b:5a:10:f1:14:c8:d5:69:2e:25:fa:3e:c6:
8d:f2:ae:0e:6a:00:60:8d:37:1a:b0:98:61:52:f2:c2:d9:2a:
ca:07:9c:2f:91:4e:cf:32:62:93:81:cf:1b:1e:3d:21:72:49:
bd:7a:68:09
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdXqA5412IrgaINPH9+qLKVRw2AAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjQxMzAyMTBaFw0yNzAzMjMxMzA3MTBaMDMxMTAvBgNV
BAMTKEM4NUU4OEEwOTJENDVCMzExOEY0QjI5QzM4MUU2OEI0MDk1NEVFRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC674G2I3wDnw4jXbi2QI5SbCL9
z6aNyxG13mCBodBQVHkA3rHG75CZ/u5S3PqUeDXrV/F1e9mqxTqqGXO+UXg8Mzp1
aK1hzQW3G3F5AhjeZvedZ5tlA7G92pyblEC2gt88yVaDzfXFS3DMmLksEB5NKxwj
MS6R0jTCgL+pip7GjjCZX38NZL9VOy1ktoUc7OvPGhc/tUeSedsD0L8LTB2fg7Td
y9mdLkSFbNAmnHbLe39dFEGgAQ1nC859iMLTIi74BjeKIVH/kBdBiDfNpLtj6NSo
nGpjnh6+QAAOANIJMpczge4YcwCKvdwgQ0aino+fwjKcIvDjUFi9DPgSAP+TAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyF6IoJLUWzEY9LKcOB5otAlU7uowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM4MmUzMjM1
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzAzMjM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSxv8wDQYJKoZIhvcNAQELBQADggEBAJvPFq0ucg1PCg4Z08VbLyFYeqWvAPC/
iQiDloPO77iv1hVqO4lDchIkcRivP/gtnrQbKidyLWgngLp0tyDx3eoy7FKeQI1h
4AGu6F5iTrCyx0XOVKUWhOOde53oRv0hR+62rgLIhudv2E0v9jEWHdF/d2H8ZcOP
YJ0uYvy16LH88kl5OcWOeE9ymS979IdP386Lg5vmHdCpN5uqxbfLaCfzLS6E8BwL
OPSKZVix2Eh3EJd+z5mpmH50KZ9nf/wv/ZQbFlLMz3aWg4dzS1oQ8RTI1WkuJfo+
xo3yrg5qAGCNNxqwmGFS8sLZKsoHnC+RTs8yYpOBzxsePSFySb16aAk=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:46:45 2026 by rpki-client