Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3139312e302f32342d3234203d3e20313335343032.roa
File: 3137382e3230382e3139312e302f32342d3234203d3e20313335343032.roa (raw, json)
Hash identifier: 9qacimTthQ5Twy/Pjmy+M53K7ZLDuhaiugfZtrDjHRI=
Subject key identifier: 48:7C:4B:43:EC:15:DB:FE:AD:79:E9:48:91:7F:8D:71:AD:03:82:B0
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 4C6FD03CEDE0EE69A74058869F869E6D195AB997
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3139312e302f32342d3234203d3e20313335343032.roa
Signing time: Tue 03 Feb 2026 06:13:58 +0000
ROA not before: Tue 03 Feb 2026 06:08:58 +0000
ROA not after: Tue 02 Feb 2027 06:13:58 +0000
asID: 135402
IP address blocks: 178.208.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:6f:d0:3c:ed:e0:ee:69:a7:40:58:86:9f:86:9e:6d:19:5a:b9:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Feb 3 06:08:58 2026 GMT
Not After : Feb 2 06:13:58 2027 GMT
Subject: CN=487C4B43EC15DBFEAD79E948917F8D71AD0382B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fa:2d:7f:f4:7d:ef:b3:50:95:bb:16:6d:9e:
dd:ed:5e:3d:42:c9:16:63:32:1c:20:78:6b:f2:4d:
9f:ca:93:3f:ec:20:a3:cd:0a:a2:80:56:44:53:26:
94:16:ef:6f:e8:f5:c7:7e:a9:c6:ea:fc:28:b0:39:
75:7f:b3:a5:6f:4c:3b:38:96:b7:67:71:e3:ab:ff:
74:5f:7c:38:51:cf:c6:10:5e:4a:02:73:5e:81:3f:
e1:e0:8f:88:78:81:0b:be:21:32:47:e0:54:b5:97:
c9:50:36:44:f0:99:ab:59:0d:f5:0f:05:ec:b7:1e:
3d:30:8b:21:64:69:7f:51:37:18:3f:12:c8:cb:c3:
07:eb:5c:23:42:08:eb:b2:7a:6f:ee:8e:c1:ac:62:
38:50:30:e5:05:45:e1:cd:07:e7:f9:ae:48:b4:d5:
40:00:73:24:96:4a:0f:f6:c0:f0:d1:af:80:51:1b:
cd:3b:70:32:a2:a5:7a:72:74:8d:78:39:1b:9e:df:
8b:dc:68:f5:21:7b:b5:2d:bb:0d:f7:73:8d:f1:fa:
ca:3f:39:9e:bf:c8:19:df:28:fe:82:40:eb:4f:e6:
5a:11:ce:d2:2e:55:5f:44:02:e7:ff:3a:7d:c4:82:
70:98:a6:61:35:48:1c:ac:df:d4:a0:43:31:5a:47:
20:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:7C:4B:43:EC:15:DB:FE:AD:79:E9:48:91:7F:8D:71:AD:03:82:B0
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3139312e302f32342d3234203d3e20313335343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.191.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:9c:2c:5a:5c:ba:65:28:c7:38:92:b9:ac:cc:66:52:19:8d:
af:36:0d:c5:74:26:ae:f0:1f:da:d9:14:3a:b5:b5:c2:e7:f1:
45:a8:3d:bf:bf:76:27:c2:f4:e8:d6:1c:c4:e8:2c:03:19:dd:
22:d2:98:42:85:19:e2:eb:52:25:fd:f2:d3:91:1b:5b:7e:79:
2e:93:9b:aa:82:7e:74:32:2d:03:09:dd:16:d8:7b:95:c9:8f:
90:85:2a:c5:8f:92:ad:7d:18:9a:9a:1b:11:c9:af:98:17:b8:
c2:3e:66:7d:fb:a7:bd:79:ca:c3:7d:35:55:f6:51:a3:5d:00:
cc:6a:39:73:86:b1:66:f0:a1:75:d4:24:71:31:0d:88:df:6c:
37:d5:c8:ae:a4:f5:67:b6:fe:ee:e4:31:bc:00:c2:5a:1e:93:
32:83:20:d5:58:f2:de:5b:45:c3:1d:32:80:1c:b8:df:50:09:
e5:7c:8f:c1:9f:15:f8:09:29:3a:2c:79:aa:e0:f0:3e:05:3f:
ed:25:2c:a9:98:9a:bb:11:ab:24:e0:48:05:f9:07:2c:df:b9:
d4:9a:cb:82:db:78:0a:6c:e3:c8:24:5e:0f:bc:bd:ab:b3:b1:
ae:0c:15:b6:ac:29:0a:ef:44:44:97:22:74:e3:45:a8:06:4f:
8f:7a:4c:00
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTG/QPO3g7mmnQFiGn4aebRlauZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNjAyMDMwNjA4NThaFw0yNzAyMDIwNjEzNThaMDMxMTAvBgNV
BAMTKDQ4N0M0QjQzRUMxNURCRkVBRDc5RTk0ODkxN0Y4RDcxQUQwMzgyQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ+i1/9H3vs1CVuxZtnt3tXj1C
yRZjMhwgeGvyTZ/Kkz/sIKPNCqKAVkRTJpQW72/o9cd+qcbq/CiwOXV/s6VvTDs4
lrdnceOr/3RffDhRz8YQXkoCc16BP+Hgj4h4gQu+ITJH4FS1l8lQNkTwmatZDfUP
Bey3Hj0wiyFkaX9RNxg/EsjLwwfrXCNCCOuyem/ujsGsYjhQMOUFReHNB+f5rki0
1UAAcySWSg/2wPDRr4BRG807cDKipXpydI14ORue34vcaPUhe7Utuw33c43x+so/
OZ6/yBnfKP6CQOtP5loRztIuVV9EAuf/On3EgnCYpmE1SBys39SgQzFaRyCXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUSHxLQ+wV2/6teelIkX+Nca0DgrAwHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzkzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNTM0MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALLQvzANBgkqhkiG9w0BAQsFAAOCAQEAepwsWly6ZSjHOJK5rMxmUhmNrzYN
xXQmrvAf2tkUOrW1wufxRag9v792J8L06NYcxOgsAxndItKYQoUZ4utSJf3y05Eb
W355LpObqoJ+dDItAwndFth7lcmPkIUqxY+SrX0YmpobEcmvmBe4wj5mffunvXnK
w301VfZRo10AzGo5c4axZvChddQkcTENiN9sN9XIrqT1Z7b+7uQxvADCWh6TMoMg
1Vjy3ltFwx0ygBy431AJ5XyPwZ8V+AkpOix5quDwPgU/7SUsqZiauxGrJOBIBfkH
LN+51JrLgtt4CmzjyCReD7y9q7OxrgwVtqwpCu9ERJcidONFqAZPj3pMAA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:41:51 2026 by rpki-client