Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3235302e302f32342d3234203d3e20323134343831.roa
File: 37382e33312e3235302e302f32342d3234203d3e20323134343831.roa (raw, json)
Hash identifier: Xh+4Fmw3HZHxAC8pNc6/ElYeUT+jwzZzd/9pGLQWbig=
Subject key identifier: 51:1A:E2:46:F0:EC:27:5A:C6:16:F8:65:67:0F:3F:5D:31:FE:B6:E6
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 21AD7A9D6F97E9630614441BE97839B6878CB54E
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3235302e302f32342d3234203d3e20323134343831.roa
Signing time: Mon 20 Apr 2026 11:23:48 +0000
ROA not before: Mon 20 Apr 2026 11:18:48 +0000
ROA not after: Mon 19 Apr 2027 11:23:48 +0000
asID: 214481
IP address blocks: 78.31.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:ad:7a:9d:6f:97:e9:63:06:14:44:1b:e9:78:39:b6:87:8c:b5:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Apr 20 11:18:48 2026 GMT
Not After : Apr 19 11:23:48 2027 GMT
Subject: CN=511AE246F0EC275AC616F865670F3F5D31FEB6E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6a:6a:5b:9b:bb:82:55:7f:65:12:de:84:ec:
4a:b9:b2:97:4a:eb:0a:fe:5f:13:c2:bc:f5:ba:02:
20:4c:09:2e:c1:54:71:93:89:93:ad:a4:ef:58:cf:
a3:8a:d0:bb:9f:16:ef:11:40:f9:d1:bc:8c:59:7e:
69:9b:bf:1c:2e:65:7f:2d:0b:e3:17:db:28:5b:3d:
ca:e1:d3:4f:6b:73:55:3f:66:06:98:98:37:9b:00:
e1:a1:98:35:26:d5:0c:e0:c1:a9:bf:9e:72:73:35:
b5:e9:b4:e4:5e:b2:6a:82:f0:67:1c:47:39:13:4c:
ff:24:ad:78:6f:43:53:71:79:7d:54:07:da:11:a3:
fe:7c:f0:43:86:4d:4d:55:cd:d2:0b:98:c8:36:35:
ee:d9:63:a5:b9:64:23:4a:46:2b:99:42:82:0e:96:
db:0c:97:83:3f:2b:5c:52:ed:4c:62:2b:81:41:38:
85:2e:ee:65:36:74:6b:56:79:10:62:21:d3:87:0d:
89:c3:c7:02:df:65:27:9a:af:61:97:ed:5d:0e:b4:
12:ce:50:29:a7:e5:3c:2d:73:26:bc:28:39:1c:70:
7a:58:a2:a5:ed:89:b5:8e:9a:06:e2:e9:ed:80:cd:
db:53:f2:2b:6f:f5:76:5c:60:ce:a3:a6:9f:25:40:
e7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:1A:E2:46:F0:EC:27:5A:C6:16:F8:65:67:0F:3F:5D:31:FE:B6:E6
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3235302e302f32342d3234203d3e20323134343831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.250.0/24
Signature Algorithm: sha256WithRSAEncryption
09:23:de:3d:6a:a2:80:30:39:46:c9:65:4b:47:66:f6:3d:f0:
d5:e7:f8:dd:22:43:ec:e9:c6:9e:ed:66:be:31:8e:4d:f4:a0:
17:d3:87:44:fa:84:65:0a:fc:50:64:57:90:1b:f1:47:92:36:
b4:01:39:b5:e6:65:53:1d:55:85:7e:8e:9c:19:97:64:f3:e7:
3d:71:09:e4:b1:c0:a7:00:c5:ff:59:96:36:30:25:69:ff:2f:
8a:0a:2d:fd:c5:66:b6:5a:90:90:cd:83:75:e8:5b:ce:d0:c2:
42:77:1a:be:2d:ed:ab:cc:69:dc:f0:ef:91:ab:fa:a8:8f:30:
77:b7:97:98:37:e7:a1:cc:4c:de:be:0c:e5:a7:0c:a8:44:88:
c8:5e:fd:6b:68:0a:de:69:fa:0f:6e:ab:03:ef:dd:be:ea:68:
10:6a:ae:48:bd:f8:af:91:49:41:e4:6c:ec:13:4a:dd:a9:53:
2d:e8:3d:d6:5d:50:3f:14:d2:fe:ce:36:b9:2a:8e:a3:38:17:
54:ee:98:62:04:5d:38:c3:10:4f:ba:10:d9:f2:e1:9a:d8:78:
b9:f3:17:7a:23:3e:c1:74:c2:93:14:0b:1b:64:43:ca:3f:e2:
f5:aa:a8:6a:bd:05:0b:68:48:64:08:2b:2d:ba:2b:1e:7b:53:
64:c0:4f:ce
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIa16nW+X6WMGFEQb6Xg5toeMtU4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjA0MjAxMTE4NDhaFw0yNzA0MTkxMTIzNDhaMDMxMTAvBgNV
BAMTKDUxMUFFMjQ2RjBFQzI3NUFDNjE2Rjg2NTY3MEYzRjVEMzFGRUI2RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjampbm7uCVX9lEt6E7Eq5spdK
6wr+XxPCvPW6AiBMCS7BVHGTiZOtpO9Yz6OK0LufFu8RQPnRvIxZfmmbvxwuZX8t
C+MX2yhbPcrh009rc1U/ZgaYmDebAOGhmDUm1Qzgwam/nnJzNbXptOResmqC8Gcc
RzkTTP8krXhvQ1NxeX1UB9oRo/588EOGTU1VzdILmMg2Ne7ZY6W5ZCNKRiuZQoIO
ltsMl4M/K1xS7UxiK4FBOIUu7mU2dGtWeRBiIdOHDYnDxwLfZSear2GX7V0OtBLO
UCmn5Twtcya8KDkccHpYoqXtibWOmgbi6e2AzdtT8itv9XZcYM6jpp8lQOeBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUURriRvDsJ1rGFvhlZw8/XTH+tuYwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzczODJlMzMzMTJlMzIzNTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzQzODMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Th/6MA0GCSqGSIb3DQEBCwUAA4IBAQAJI949aqKAMDlGyWVLR2b2PfDV5/jdIkPs
6cae7Wa+MY5N9KAX04dE+oRlCvxQZFeQG/FHkja0ATm15mVTHVWFfo6cGZdk8+c9
cQnkscCnAMX/WZY2MCVp/y+KCi39xWa2WpCQzYN16FvO0MJCdxq+Le2rzGnc8O+R
q/qojzB3t5eYN+ehzEzevgzlpwyoRIjIXv1raAreafoPbqsD792+6mgQaq5Ivfiv
kUlB5GzsE0rdqVMt6D3WXVA/FNL+zja5Ko6jOBdU7phiBF04wxBPuhDZ8uGa2Hi5
8xd6Iz7BdMKTFAsbZEPKP+L1qqhqvQULaEhkCCstuisee1NkwE/O
-----END CERTIFICATE-----
Generated at Wed May 13 06:51:41 2026 by rpki-client