Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230332e302f32342d3234203d3e20323031303032.roa
File: 3138352e38332e3230332e302f32342d3234203d3e20323031303032.roa (raw, json)
Hash identifier: HJSVke2XKj8QC8oRNnJzLzOQEVtBVxyBfLeL/0uTdwE=
Subject key identifier: E8:1A:C7:6E:B1:3C:C8:06:2D:39:50:A2:2D:1E:A0:45:87:98:C9:2F
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 319AA076CF23C56D0DE2F316ECC9923CC67D1F8D
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230332e302f32342d3234203d3e20323031303032.roa
Signing time: Tue 14 Apr 2026 05:08:48 +0000
ROA not before: Tue 14 Apr 2026 05:03:48 +0000
ROA not after: Tue 13 Apr 2027 05:08:48 +0000
asID: 201002
IP address blocks: 185.83.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:9a:a0:76:cf:23:c5:6d:0d:e2:f3:16:ec:c9:92:3c:c6:7d:1f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Apr 14 05:03:48 2026 GMT
Not After : Apr 13 05:08:48 2027 GMT
Subject: CN=E81AC76EB13CC8062D3950A22D1EA0458798C92F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:eb:0c:37:2f:c7:c8:d9:63:0d:ce:54:32:18:
e9:5b:13:42:4d:f4:86:97:e4:99:74:40:43:47:b0:
11:dc:8b:be:ac:d6:2b:50:e9:b1:91:c0:07:08:ff:
6e:8a:b5:d5:f0:06:15:5c:e1:10:b2:4b:76:2d:68:
bc:b9:76:a6:8d:47:db:b7:30:e4:f5:30:e8:f2:e1:
d2:92:ec:3a:16:15:27:e6:95:75:54:07:7b:a3:b2:
c5:78:50:cb:b5:8e:84:01:ec:eb:db:5b:4e:b4:9a:
08:ff:02:09:6e:52:09:12:6c:29:8a:f7:16:8e:00:
14:c1:ca:36:7f:63:e3:72:67:41:7d:9e:12:8c:7d:
52:c2:41:7d:af:01:4c:80:a4:c2:80:a6:3a:f6:7f:
74:7f:31:87:a3:a8:bc:3a:f6:d2:4e:df:37:df:3b:
fc:b4:8d:99:d0:3c:2f:11:a6:59:ad:13:05:85:d0:
a8:f7:de:ae:2b:e8:53:47:08:14:13:89:c7:4e:2f:
df:21:94:c5:28:e7:a7:be:da:1a:79:8c:d8:cd:da:
e3:e1:74:45:09:14:74:a7:57:3b:30:9a:5a:b4:92:
dd:96:4a:cb:02:92:36:22:5a:8d:5d:c9:50:28:7c:
4e:28:b8:06:9d:76:e1:a6:e7:21:f2:97:91:0d:39:
81:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:1A:C7:6E:B1:3C:C8:06:2D:39:50:A2:2D:1E:A0:45:87:98:C9:2F
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138352e38332e3230332e302f32342d3234203d3e20323031303032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.83.203.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:51:24:8c:2f:94:b3:d7:02:eb:d5:10:b1:af:d1:11:1e:6c:
25:76:f4:24:b5:c3:f4:35:2e:bd:22:0a:4b:c1:a1:41:e5:e6:
e4:07:3f:cc:86:0a:88:41:a2:c2:f8:f5:6a:74:45:ab:ca:47:
92:ca:34:9a:62:b4:5c:2a:70:c9:ae:1a:49:60:ba:4e:86:44:
d6:6b:86:0a:9d:e0:1c:f8:09:8a:03:e5:9f:87:60:a3:5f:e4:
8c:27:ce:d0:0a:24:68:ab:bd:58:57:cb:e4:38:6a:3c:30:81:
51:e9:bf:4f:b9:8b:cd:b5:9c:b9:9a:e5:27:b8:1a:63:47:5d:
13:d0:0e:eb:e2:e8:3f:b0:95:b0:38:19:dd:92:fb:ce:63:99:
65:31:4d:8e:4b:f8:83:3c:5a:2e:aa:b9:b5:be:69:e5:01:61:
0d:42:6a:dd:f5:3f:a5:d6:80:68:d1:0b:b2:5b:cb:89:30:61:
56:8e:2d:b5:20:df:51:55:75:84:97:8b:f9:69:75:16:d2:bb:
ec:11:15:bb:7e:c0:6f:cf:24:a6:a5:08:5e:62:94:18:2d:80:
57:c6:4e:a8:77:6c:79:89:9f:0b:a3:e3:b4:99:d8:e3:45:da:
f4:e3:ed:41:de:7a:ac:0d:d1:50:28:2b:68:d2:ba:80:7b:63:
19:11:e4:95
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMZqgds8jxW0N4vMW7MmSPMZ9H40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjA0MTQwNTAzNDhaFw0yNzA0MTMwNTA4NDhaMDMxMTAvBgNV
BAMTKEU4MUFDNzZFQjEzQ0M4MDYyRDM5NTBBMjJEMUVBMDQ1ODc5OEM5MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL6ww3L8fI2WMNzlQyGOlbE0JN
9IaX5Jl0QENHsBHci76s1itQ6bGRwAcI/26KtdXwBhVc4RCyS3YtaLy5dqaNR9u3
MOT1MOjy4dKS7DoWFSfmlXVUB3ujssV4UMu1joQB7OvbW060mgj/AgluUgkSbCmK
9xaOABTByjZ/Y+NyZ0F9nhKMfVLCQX2vAUyApMKApjr2f3R/MYejqLw69tJO3zff
O/y0jZnQPC8RplmtEwWF0Kj33q4r6FNHCBQTicdOL98hlMUo56e+2hp5jNjN2uPh
dEUJFHSnVzswmlq0kt2WSssCkjYiWo1dyVAofE4ouAadduGm5yHyl5ENOYFvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU6BrHbrE8yAYtOVCiLR6gRYeYyS8wHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM1MmUzODMzMmUzMjMw
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMDMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5U8swDQYJKoZIhvcNAQELBQADggEBAD5RJIwvlLPXAuvVELGv0REebCV29CS1
w/Q1Lr0iCkvBoUHl5uQHP8yGCohBosL49Wp0RavKR5LKNJpitFwqcMmuGklguk6G
RNZrhgqd4Bz4CYoD5Z+HYKNf5IwnztAKJGirvVhXy+Q4ajwwgVHpv0+5i821nLma
5Se4GmNHXRPQDuvi6D+wlbA4Gd2S+85jmWUxTY5L+IM8Wi6qubW+aeUBYQ1Cat31
P6XWgGjRC7Jby4kwYVaOLbUg31FVdYSXi/lpdRbSu+wRFbt+wG/PJKalCF5ilBgt
gFfGTqh3bHmJnwuj47SZ2ONF2vTj7UHeeqwN0VAoK2jSuoB7YxkR5JU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:14:59 2026 by rpki-client