Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3138392e302f32342d3234203d3e203135343139.roa
File: 38322e3134302e3138392e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: zH/62I+GFjmbLT58TFoHTt4seVQwFkHzMOITLzNLWwM=
Subject key identifier: 2D:3F:9E:6E:18:89:06:68:05:A7:06:B0:49:74:15:75:79:65:2D:92
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 0E419218477A07B368C1571AE2FC9242C8E68968
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3138392e302f32342d3234203d3e203135343139.roa
Signing time: Fri 10 Apr 2026 10:10:59 +0000
ROA not before: Fri 10 Apr 2026 10:05:59 +0000
ROA not after: Fri 09 Apr 2027 10:10:59 +0000
asID: 15419
IP address blocks: 82.140.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:41:92:18:47:7a:07:b3:68:c1:57:1a:e2:fc:92:42:c8:e6:89:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Apr 10 10:05:59 2026 GMT
Not After : Apr 9 10:10:59 2027 GMT
Subject: CN=2D3F9E6E1889066805A706B04974157579652D92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1c:89:f3:fe:17:1a:4e:9b:41:02:c7:22:ba:
5e:fc:e0:f9:47:d9:40:90:bd:67:6c:af:36:74:8e:
86:b9:45:98:08:8e:9d:95:d7:3f:5a:ef:1c:d1:b9:
6f:00:76:dd:79:05:22:1e:58:b1:ac:0a:59:94:2a:
3a:e3:a8:06:7a:89:e9:85:71:fc:b5:bc:f4:8f:6f:
b9:7c:01:c7:f9:ef:5d:f8:04:a8:53:bd:3c:06:75:
2e:a9:00:55:a2:8f:1a:15:66:7a:9c:a9:cb:44:6f:
22:62:14:bd:ec:69:b1:59:a2:79:ba:84:6a:85:fe:
40:f7:f2:3d:0b:38:1f:b7:b5:fa:1d:a4:fe:33:a4:
c2:c1:a6:c0:42:1a:e3:06:a7:07:f9:d6:3b:75:11:
06:13:5e:6d:8a:41:17:33:79:5a:20:7c:75:7f:34:
60:32:72:8b:0d:4c:5e:3d:52:04:dd:f7:64:2f:5a:
54:66:1b:76:4e:19:e3:4e:a2:ef:2f:2a:df:51:cb:
55:1a:99:0c:06:fd:26:31:44:32:3c:9e:1c:b7:48:
21:0b:bd:f6:be:94:fd:88:10:bd:aa:fb:53:30:85:
98:b7:8c:af:ad:34:60:f4:3f:ff:96:50:53:36:30:
fa:5e:a6:9d:c5:99:5d:6c:1a:43:cf:6c:88:51:7f:
cd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3F:9E:6E:18:89:06:68:05:A7:06:B0:49:74:15:75:79:65:2D:92
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38322e3134302e3138392e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.189.0/24
Signature Algorithm: sha256WithRSAEncryption
97:02:cd:73:a5:da:dc:32:0a:de:17:82:5d:ed:f2:d5:0b:b3:
a4:24:ae:14:c1:bc:f0:50:6f:e5:7f:4d:40:c5:25:fb:73:13:
7e:83:29:37:d4:6d:66:42:2d:4c:76:6a:ee:5c:2f:33:88:7f:
68:13:be:f7:b8:a6:43:f3:42:c0:57:fa:e8:41:9d:97:ec:ab:
43:90:ed:36:96:47:ad:ba:94:06:65:62:c7:c2:e7:7d:e2:69:
cc:cf:dd:39:c2:db:d3:d1:01:57:7c:55:fd:4e:d4:82:b7:2f:
b1:76:61:9e:4b:90:34:0d:f6:5c:e1:66:b6:89:fc:52:99:2d:
3d:d1:96:21:7e:58:e7:2b:71:12:34:11:9d:01:01:56:80:59:
ab:84:e5:ec:a3:e7:9c:3b:18:eb:00:bb:c0:14:1a:58:f7:3b:
8d:c5:4a:1a:f1:c1:e7:f9:59:b6:64:45:d7:e7:00:8c:a0:23:
32:80:98:86:d4:24:80:72:d3:d5:81:09:05:60:c8:de:80:a9:
38:ca:ab:6a:00:92:86:b6:4f:7a:1f:35:7c:1d:b3:22:04:b4:
93:49:7a:ce:fa:97:f0:0e:e3:5a:b6:1a:95:15:ab:47:ef:3c:
f9:fe:db:9e:5c:aa:7c:65:11:3e:c1:e6:62:91:a0:03:5b:26:
d3:e9:4d:3f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDkGSGEd6B7NowVca4vySQsjmiWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yNjA0MTAxMDA1NTlaFw0yNzA0MDkxMDEwNTlaMDMxMTAvBgNV
BAMTKDJEM0Y5RTZFMTg4OTA2NjgwNUE3MDZCMDQ5NzQxNTc1Nzk2NTJEOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHHInz/hcaTptBAsciul784PlH
2UCQvWdsrzZ0joa5RZgIjp2V1z9a7xzRuW8Adt15BSIeWLGsClmUKjrjqAZ6iemF
cfy1vPSPb7l8Acf57134BKhTvTwGdS6pAFWijxoVZnqcqctEbyJiFL3sabFZonm6
hGqF/kD38j0LOB+3tfodpP4zpMLBpsBCGuMGpwf51jt1EQYTXm2KQRczeVogfHV/
NGAycosNTF49UgTd92QvWlRmG3ZOGeNOou8vKt9Ry1UamQwG/SYxRDI8nhy3SCEL
vfa+lP2IEL2q+1MwhZi3jK+tNGD0P/+WUFM2MPpepp3FmV1sGkPPbIhRf81pAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULT+ebhiJBmgFpwawSXQVdXllLZIwHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzMjJlMzEzNDMwMmUzMTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Uoy9MA0GCSqGSIb3DQEBCwUAA4IBAQCXAs1zpdrcMgreF4Jd7fLVC7OkJK4Uwbzw
UG/lf01AxSX7cxN+gyk31G1mQi1MdmruXC8ziH9oE773uKZD80LAV/roQZ2X7KtD
kO02lketupQGZWLHwud94mnMz905wtvT0QFXfFX9TtSCty+xdmGeS5A0DfZc4Wa2
ifxSmS090ZYhfljnK3ESNBGdAQFWgFmrhOXso+ecOxjrALvAFBpY9zuNxUoa8cHn
+Vm2ZEXX5wCMoCMygJiG1CSActPVgQkFYMjegKk4yqtqAJKGtk96HzV8HbMiBLST
SXrO+pfwDuNathqVFatH7zz5/tueXKp8ZRE+weZikaADWybT6U0/
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:56:21 2026 by rpki-client