Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
File: 38322e3134302e3133312e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: tf013dx+p23kvdhs/rrgl7jF0HCw4nuCcwBzDL5I7qE=
Subject key identifier: A5:97:BE:5B:91:FE:C2:EB:EE:22:46:80:6D:C9:65:E5:19:00:A8:D9
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 5CAC5DF18B93D600D72B0F06D09A0B4E858B16D7
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
Signing time: Fri 10 Apr 2026 10:10:59 +0000
ROA not before: Fri 10 Apr 2026 10:05:59 +0000
ROA not after: Fri 09 Apr 2027 10:10:59 +0000
asID: 15419
IP address blocks: 82.140.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 12:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:ac:5d:f1:8b:93:d6:00:d7:2b:0f:06:d0:9a:0b:4e:85:8b:16:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Apr 10 10:05:59 2026 GMT
Not After : Apr 9 10:10:59 2027 GMT
Subject: CN=A597BE5B91FEC2EBEE2246806DC965E51900A8D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:56:0e:fe:9f:fb:21:15:d1:a7:78:7d:2c:ae:
3d:72:cf:5c:2a:2a:98:56:53:59:5d:d9:30:d2:da:
b3:8d:16:2c:a6:e7:cf:bd:85:17:8d:14:97:55:ec:
d1:04:b6:dd:58:eb:23:5a:d4:2b:28:98:2e:da:97:
22:76:a5:e1:ae:95:d0:8a:9a:28:48:a2:3a:17:77:
5a:3b:0d:ae:69:31:66:13:35:fd:3b:10:6b:f1:be:
98:27:32:6f:f6:15:7f:cd:ec:01:0d:64:60:18:fe:
f5:74:0c:a0:ca:1c:91:f7:01:4f:93:2f:fc:2c:7b:
b1:e5:1b:3f:1e:35:22:60:ce:99:17:30:10:26:60:
1a:0e:c4:f9:92:a0:79:a9:0f:cd:27:2f:41:49:3b:
9a:9e:fa:8e:3a:e2:01:29:45:16:9e:6c:a5:2e:44:
b8:f2:5d:fb:18:8d:09:e7:91:14:bd:5a:33:b4:5a:
bb:6e:4c:e3:0d:c3:c8:6c:0d:3f:1d:82:1a:d7:a0:
a7:e2:59:f1:84:92:d1:64:6e:b2:8b:d0:55:ac:15:
7a:3e:ce:80:35:b3:4f:a2:64:20:3c:bc:f4:56:60:
df:e7:ca:b2:50:38:73:b1:f2:77:63:22:07:37:58:
ce:74:d9:58:e0:dc:e3:00:86:54:19:7a:9b:19:19:
ad:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:97:BE:5B:91:FE:C2:EB:EE:22:46:80:6D:C9:65:E5:19:00:A8:D9
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3133312e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.131.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:de:4a:9a:7c:82:1b:eb:9d:da:b9:9e:4a:b5:02:da:ed:e6:
66:fe:7f:1e:bc:40:1d:d0:d7:74:9e:62:7e:ea:d0:e6:46:ec:
b4:28:9c:9b:d0:bf:42:cb:79:a4:db:86:af:dd:80:a5:73:67:
77:9d:f1:81:b0:44:74:35:67:bf:40:db:85:05:c6:ad:f4:56:
3c:4d:ff:b4:45:11:8f:d8:24:2a:f5:20:ec:26:61:3b:0a:40:
88:9e:87:4e:08:e2:bb:f0:83:61:ed:a7:e9:84:10:48:05:cd:
7e:d9:bf:be:d1:5e:ea:d2:1d:3f:07:6d:46:a7:06:ae:2d:f7:
9f:89:f7:68:89:38:ff:b1:db:96:56:cb:1b:36:c2:22:95:0f:
39:64:90:f8:da:3f:c5:56:ca:09:40:36:14:40:0f:3d:7f:a1:
6b:67:1b:84:f8:5b:7d:e9:a1:8c:0b:3a:a8:13:fe:8f:b3:3f:
3a:f8:83:e4:ed:94:68:c0:21:d8:05:b2:3f:31:89:53:87:d3:
45:89:ce:29:e3:30:01:01:4a:c9:27:8c:60:92:dd:ea:e6:a7:
3e:7c:29:04:78:7b:77:17:f4:37:15:95:72:01:ca:d2:e8:d1:
5a:aa:1b:14:ab:8f:44:23:1b:09:4b:01:9a:7d:d1:72:0d:4a:
99:fe:09:29
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXKxd8YuT1gDXKw8G0JoLToWLFtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNjA0MTAxMDA1NTlaFw0yNzA0MDkxMDEwNTlaMDMxMTAvBgNV
BAMTKEE1OTdCRTVCOTFGRUMyRUJFRTIyNDY4MDZEQzk2NUU1MTkwMEE4RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXVg7+n/shFdGneH0srj1yz1wq
KphWU1ld2TDS2rONFiym58+9hReNFJdV7NEEtt1Y6yNa1CsomC7alyJ2peGuldCK
mihIojoXd1o7Da5pMWYTNf07EGvxvpgnMm/2FX/N7AENZGAY/vV0DKDKHJH3AU+T
L/wse7HlGz8eNSJgzpkXMBAmYBoOxPmSoHmpD80nL0FJO5qe+o464gEpRRaebKUu
RLjyXfsYjQnnkRS9WjO0WrtuTOMNw8hsDT8dghrXoKfiWfGEktFkbrKL0FWsFXo+
zoA1s0+iZCA8vPRWYN/nyrJQOHOx8ndjIgc3WM502Vjg3OMAhlQZepsZGa15AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpZe+W5H+wuvuIkaAbcll5RkAqNkwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzMjJlMzEzNDMwMmUzMTMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UoyDMA0GCSqGSIb3DQEBCwUAA4IBAQAd3kqafIIb653auZ5KtQLa7eZm/n8evEAd
0Nd0nmJ+6tDmRuy0KJyb0L9Cy3mk24av3YClc2d3nfGBsER0NWe/QNuFBcat9FY8
Tf+0RRGP2CQq9SDsJmE7CkCInodOCOK78INh7afphBBIBc1+2b++0V7q0h0/B21G
pwauLfefifdoiTj/sduWVssbNsIilQ85ZJD42j/FVsoJQDYUQA89f6FrZxuE+Ft9
6aGMCzqoE/6Psz86+IPk7ZRowCHYBbI/MYlTh9NFic4p4zABAUrJJ4xgkt3q5qc+
fCkEeHt3F/Q3FZVyAcrS6NFaqhsUq49EIxsJSwGafdFyDUqZ/gkp
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:36:31 2026 by rpki-client