Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3137382e302f32342d3234203d3e203135343139.roa
File: 38322e3134302e3137382e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: 9ZXjSWAp+j58GwfDtQ/mqL8ScvPvc/83HCdFvbTQt+M=
Subject key identifier: B3:6F:77:F3:85:8D:71:A3:5F:C6:08:AA:97:BD:3F:CB:F9:CD:5F:06
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 076B0C27A0497F3F00B279DD213CB6714A7AE3DE
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3137382e302f32342d3234203d3e203135343139.roa
Signing time: Fri 10 Apr 2026 10:11:00 +0000
ROA not before: Fri 10 Apr 2026 10:06:00 +0000
ROA not after: Fri 09 Apr 2027 10:11:00 +0000
asID: 15419
IP address blocks: 82.140.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 12:16:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:6b:0c:27:a0:49:7f:3f:00:b2:79:dd:21:3c:b6:71:4a:7a:e3:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Apr 10 10:06:00 2026 GMT
Not After : Apr 9 10:11:00 2027 GMT
Subject: CN=B36F77F3858D71A35FC608AA97BD3FCBF9CD5F06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:73:9b:25:88:d5:54:3a:df:cd:39:44:c7:e5:
9b:00:db:61:78:7a:7c:60:5d:47:7b:51:89:43:9e:
6f:c4:94:e5:95:8b:56:e8:9f:01:69:38:dd:cb:f9:
ed:37:93:0f:ca:85:51:ca:3d:a2:36:14:d1:e7:1f:
0c:f3:f8:1c:05:d8:82:2f:d5:11:c5:3e:c4:7e:de:
5d:45:88:2e:36:8d:70:b6:e2:83:c6:2b:2c:88:01:
c8:92:f1:a5:b7:19:d1:bb:75:da:3a:9f:57:76:c6:
e8:14:90:ce:d4:11:18:06:45:a7:eb:f6:5f:1a:3f:
1b:09:75:a6:a0:7e:0a:9a:a8:0c:82:82:06:64:f9:
78:1c:e0:d1:e6:fd:ae:32:37:b5:f6:d9:df:80:ab:
c6:42:cd:d4:f4:11:8a:5b:2c:4f:a8:fb:46:0a:67:
46:e2:24:48:41:9a:2b:f0:93:58:34:fa:67:81:6a:
d2:b8:c7:18:88:51:d2:d5:66:96:dc:ff:2e:0e:eb:
3c:b8:c2:64:a0:51:9d:21:57:97:6c:5e:1c:91:29:
0c:e2:25:80:5f:ea:ff:8c:a1:74:2a:2b:49:ef:49:
7a:15:3a:c0:6f:dc:d0:cc:43:6c:98:6d:95:38:c9:
12:39:3c:66:33:eb:8a:79:cc:aa:24:f5:44:63:f4:
3b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6F:77:F3:85:8D:71:A3:5F:C6:08:AA:97:BD:3F:CB:F9:CD:5F:06
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3137382e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.178.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:0b:13:ff:94:0e:d0:38:ab:a2:7a:b7:7f:f1:98:db:a9:5f:
d9:89:ef:65:e1:36:37:39:5b:0c:4c:1d:ab:cd:71:62:52:94:
9a:d5:8c:f8:32:35:7a:1b:eb:1e:8c:a2:31:5e:b7:42:9b:f3:
72:fe:cc:97:33:62:11:68:6d:7b:17:85:a0:1a:f9:93:0b:ca:
bc:f9:25:8a:d6:43:69:89:f1:82:21:4f:59:1c:43:d3:d8:d8:
fe:af:1e:9c:80:5b:74:bb:a3:0a:62:eb:51:1c:39:5d:ed:20:
4c:5a:88:ea:9c:7f:ae:72:fb:f1:6e:3b:71:f7:d0:83:34:9b:
9b:b2:ba:ca:bc:0e:dc:07:6f:52:d1:e0:2a:6c:00:6f:8d:4e:
f1:0c:0d:a5:f7:7d:cf:38:3a:a2:d2:d7:ed:46:24:4b:60:75:
15:6e:7c:a0:95:21:9e:18:28:fe:f8:6c:0c:8a:f7:57:13:1b:
92:d5:e7:ac:92:c2:15:47:ee:04:8c:d0:bc:ba:c3:17:7c:42:
99:4c:5b:44:89:b9:0e:e5:bc:34:c8:d9:6d:0d:7a:09:b3:cd:
04:bd:b9:23:98:59:f4:57:21:c3:32:78:14:10:57:ba:54:38:
ac:c4:9d:33:06:b1:c8:3c:e5:30:dd:d0:c3:d7:ed:27:46:b1:
78:2d:db:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUB2sMJ6BJfz8AsnndITy2cUp6494wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNjA0MTAxMDA2MDBaFw0yNzA0MDkxMDExMDBaMDMxMTAvBgNV
BAMTKEIzNkY3N0YzODU4RDcxQTM1RkM2MDhBQTk3QkQzRkNCRjlDRDVGMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFc5sliNVUOt/NOUTH5ZsA22F4
enxgXUd7UYlDnm/ElOWVi1bonwFpON3L+e03kw/KhVHKPaI2FNHnHwzz+BwF2IIv
1RHFPsR+3l1FiC42jXC24oPGKyyIAciS8aW3GdG7ddo6n1d2xugUkM7UERgGRafr
9l8aPxsJdaagfgqaqAyCggZk+Xgc4NHm/a4yN7X22d+Aq8ZCzdT0EYpbLE+o+0YK
Z0biJEhBmivwk1g0+meBatK4xxiIUdLVZpbc/y4O6zy4wmSgUZ0hV5dsXhyRKQzi
JYBf6v+MoXQqK0nvSXoVOsBv3NDMQ2yYbZU4yRI5PGYz64p5zKok9URj9DtpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUs29384WNcaNfxgiql70/y/nNXwYwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzMjJlMzEzNDMwMmUzMTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UoyyMA0GCSqGSIb3DQEBCwUAA4IBAQCuCxP/lA7QOKuierd/8ZjbqV/Zie9l4TY3
OVsMTB2rzXFiUpSa1Yz4MjV6G+sejKIxXrdCm/Ny/syXM2IRaG17F4WgGvmTC8q8
+SWK1kNpifGCIU9ZHEPT2Nj+rx6cgFt0u6MKYutRHDld7SBMWojqnH+ucvvxbjtx
99CDNJubsrrKvA7cB29S0eAqbABvjU7xDA2l933PODqi0tftRiRLYHUVbnyglSGe
GCj++GwMivdXExuS1eesksIVR+4EjNC8usMXfEKZTFtEibkO5bw0yNltDXoJs80E
vbkjmFn0VyHDMngUEFe6VDisxJ0zBrHIPOUw3dDD1+0nRrF4Ldsi
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:04:29 2026 by rpki-client