Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231362e302f32342d3234203d3e203630353538.roa
File: 38332e3135302e3231362e302f32342d3234203d3e203630353538.roa (raw, json)
Hash identifier: CNBsLk3b8bUsaLSMZ5OmCj7rjJ6VgS1iooePZAAZtvw=
Subject key identifier: B8:B9:36:0D:E9:08:CB:9C:C7:24:55:84:78:E1:F7:BF:B1:9B:8A:8D
Certificate issuer: /CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Certificate serial: 27854C9D2160CC9E400B3D9E77792E070FEF1547
Authority key identifier: 5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231362e302f32342d3234203d3e203630353538.roa
Signing time: Fri 31 Oct 2025 15:55:11 +0000
ROA not before: Fri 31 Oct 2025 15:50:11 +0000
ROA not after: Fri 30 Oct 2026 15:55:11 +0000
asID: 60558
IP address blocks: 83.150.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.mft
rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:85:4c:9d:21:60:cc:9e:40:0b:3d:9e:77:79:2e:07:0f:ef:15:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Validity
Not Before: Oct 31 15:50:11 2025 GMT
Not After : Oct 30 15:55:11 2026 GMT
Subject: CN=B8B9360DE908CB9CC724558478E1F7BFB19B8A8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:80:e0:13:7e:7a:c0:46:6c:a5:0f:34:55:d3:
6c:4c:60:76:6e:c3:64:ba:19:d1:c2:41:b1:79:af:
67:db:31:e2:ad:07:d9:3e:cc:84:71:d8:3f:70:84:
73:19:ee:48:1d:48:9e:b4:18:3e:e5:00:27:cc:9e:
2c:e6:a9:5b:31:06:1f:02:4c:ac:aa:ec:3e:70:58:
c9:77:0b:8f:f7:f4:eb:24:e0:8e:6e:77:5b:86:ab:
f6:f0:02:b3:05:53:07:75:31:60:9e:e7:7d:e1:9b:
9a:0c:5c:b1:50:63:b7:d6:86:03:a4:dc:c2:15:ff:
ee:31:42:c6:a1:95:6d:7e:9e:11:da:8c:e1:c2:19:
ec:c6:49:a2:41:28:ac:b1:12:df:25:ca:32:dc:35:
86:9f:f9:c6:f3:9e:94:a5:bb:b8:2f:d4:75:14:90:
d3:af:14:74:f4:a5:2b:e5:f9:a3:5e:fe:88:4c:eb:
43:4e:54:ed:a4:08:f3:fd:e3:94:2d:0d:dc:f8:d5:
47:73:78:7e:3a:ea:e2:f0:97:74:ad:08:b9:3e:65:
bf:58:da:57:ef:0a:1e:5f:78:0f:5f:99:c2:97:8a:
1c:4d:c1:93:8b:a1:b9:36:d9:02:95:53:e9:7f:6c:
d5:3a:af:70:2d:f5:20:53:49:67:44:9b:cb:5c:47:
f5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B9:36:0D:E9:08:CB:9C:C7:24:55:84:78:E1:F7:BF:B1:9B:8A:8D
X509v3 Authority Key Identifier:
keyid:5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231362e302f32342d3234203d3e203630353538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.216.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:2b:6d:15:57:d9:5c:8b:5c:11:5c:fa:e1:a3:2b:5f:be:5a:
23:5d:a4:ab:68:14:06:2b:7d:b0:d8:c2:f1:3a:5a:fa:e1:d2:
08:a1:cd:20:42:3b:d5:f0:9c:69:a4:bf:f4:cd:cf:0b:1c:e8:
5a:fd:22:36:1a:82:8c:66:6e:54:09:fa:f5:62:70:fb:14:70:
c8:24:b9:e0:cd:0d:39:8a:60:b7:9f:e4:c9:0c:18:d1:78:f5:
83:49:3c:d8:0f:89:3d:fd:8e:af:a4:ee:17:f1:49:2c:53:a6:
17:74:84:ac:80:81:43:cd:e2:75:ee:32:50:8f:c3:6d:f5:e3:
b6:fd:f8:f9:e5:3d:c7:81:1b:10:c2:1a:04:91:59:0b:d9:ac:
42:78:ab:a0:18:45:eb:30:aa:78:bd:63:03:91:40:96:c6:5e:
6b:e6:3e:33:f0:1d:be:d9:5e:f3:bc:a7:17:c8:41:d0:57:3b:
ab:87:1f:f6:fd:b9:eb:cb:6a:8f:e5:5b:87:5a:bf:95:32:66:
3b:f3:54:16:6f:f0:eb:30:39:ab:46:c9:19:41:17:86:e3:42:
c2:b5:0e:8c:8f:eb:57:38:5b:59:2b:73:96:e7:ea:2e:78:2c:
0a:cd:32:c6:c4:e0:ec:f8:02:fe:a6:60:cb:f7:76:f4:46:51:
d2:0e:89:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJ4VMnSFgzJ5ACz2ed3kuBw/vFUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWU1MTc5YmIxNzU3MDY4ZDcwMjg1MTBmZWViMTE3N2Fh
N2NjODgxODAeFw0yNTEwMzExNTUwMTFaFw0yNjEwMzAxNTU1MTFaMDMxMTAvBgNV
BAMTKEI4QjkzNjBERTkwOENCOUNDNzI0NTU4NDc4RTFGN0JGQjE5QjhBOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdgOATfnrARmylDzRV02xMYHZu
w2S6GdHCQbF5r2fbMeKtB9k+zIRx2D9whHMZ7kgdSJ60GD7lACfMnizmqVsxBh8C
TKyq7D5wWMl3C4/39Osk4I5ud1uGq/bwArMFUwd1MWCe533hm5oMXLFQY7fWhgOk
3MIV/+4xQsahlW1+nhHajOHCGezGSaJBKKyxEt8lyjLcNYaf+cbznpSlu7gv1HUU
kNOvFHT0pSvl+aNe/ohM60NOVO2kCPP945QtDdz41UdzeH466uLwl3StCLk+Zb9Y
2lfvCh5feA9fmcKXihxNwZOLobk22QKVU+l/bNU6r3At9SBTSWdEm8tcR/XtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUuLk2DekIy5zHJFWEeOH3v7Gbio0wHwYDVR0j
BBgwFoAUXlF5uxdXBo1wKFEP7rEXeqfMiBgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODNlNDc1N2YtZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4
N2RjLzAvNUU1MTc5QkIxNzU3MDY4RDcwMjg1MTBGRUVCMTE3N0FBN0NDODgxOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hsRjV1eGRYQm8xd0tGRVA3ckVYZXFm
TWlCZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODNlNDc1N2Yt
ZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4N2RjLzAvMzgzMzJlMzEzNTMwMmUzMjMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzUzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
U5bYMA0GCSqGSIb3DQEBCwUAA4IBAQAdK20VV9lci1wRXPrhoytfvlojXaSraBQG
K32w2MLxOlr64dIIoc0gQjvV8JxppL/0zc8LHOha/SI2GoKMZm5UCfr1YnD7FHDI
JLngzQ05imC3n+TJDBjRePWDSTzYD4k9/Y6vpO4X8UksU6YXdISsgIFDzeJ17jJQ
j8Nt9eO2/fj55T3HgRsQwhoEkVkL2axCeKugGEXrMKp4vWMDkUCWxl5r5j4z8B2+
2V7zvKcXyEHQVzurhx/2/bnry2qP5VuHWr+VMmY781QWb/DrMDmrRskZQReG40LC
tQ6Mj+tXOFtZK3OW5+oueCwKzTLGxODs+AL+pmDL93b0RlHSDolI
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:45:13 2025 by rpki-client