Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133352e302f32342d3234203d3e203134363138.roa
File: 3138382e3230392e3133352e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: gnKaj0ulvDkVF6dp+oe4/6dsEbjVXj58x7lHPBto7QA=
Subject key identifier: C3:EE:38:D1:AF:CD:41:C9:D6:FB:E1:C1:8D:75:52:F3:03:F3:EA:3D
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 404D7FC482135818F399587830E19E890634F062
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133352e302f32342d3234203d3e203134363138.roa
Signing time: Mon 13 Apr 2026 07:51:32 +0000
ROA not before: Mon 13 Apr 2026 07:46:32 +0000
ROA not after: Mon 12 Apr 2027 07:51:32 +0000
asID: 14618
IP address blocks: 188.209.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:4d:7f:c4:82:13:58:18:f3:99:58:78:30:e1:9e:89:06:34:f0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Apr 13 07:46:32 2026 GMT
Not After : Apr 12 07:51:32 2027 GMT
Subject: CN=C3EE38D1AFCD41C9D6FBE1C18D7552F303F3EA3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:25:af:ec:15:51:e0:3f:01:cc:81:1f:ef:6c:
b0:7d:37:21:bf:09:76:00:f4:56:84:f3:3a:5d:b8:
a4:c1:a3:5d:80:ad:ac:85:84:81:f3:5e:29:75:4d:
85:16:23:68:71:d7:b3:fc:45:c3:c6:70:7a:80:8f:
fe:22:e9:c1:66:ff:ed:c2:51:26:05:ed:f3:c0:6f:
a8:03:ed:31:2f:d0:d3:f2:a3:9c:73:59:62:b4:13:
53:25:04:aa:3e:e5:3f:56:48:7e:06:43:8e:25:15:
eb:0b:a5:5b:38:74:0b:47:b6:e5:ba:bf:83:8d:2a:
f2:b3:90:90:70:77:7c:08:31:34:b0:ec:40:16:f6:
e0:90:21:93:c2:f1:9c:8c:e5:4b:d5:ed:68:5f:9f:
46:25:2d:0e:d4:a9:cb:d6:9f:49:b5:52:ce:69:03:
36:eb:42:24:a4:57:51:81:08:f5:ab:5d:a9:61:dd:
2b:80:00:fd:a1:0e:5a:e4:c8:96:b1:0e:0a:20:2c:
2f:e4:32:4e:04:63:f1:72:cd:60:8f:8a:a1:39:db:
5a:53:a1:66:e3:e9:8b:f3:13:db:34:0f:84:15:c2:
2c:d7:45:13:47:42:42:63:04:8b:ba:81:d1:78:a1:
ff:22:2f:60:54:d1:1a:a7:a0:06:1d:88:99:fe:ae:
8d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:EE:38:D1:AF:CD:41:C9:D6:FB:E1:C1:8D:75:52:F3:03:F3:EA:3D
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133352e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
58:01:e4:1c:9a:03:eb:65:1d:84:89:be:77:16:f7:46:ae:31:
e2:d9:8d:e4:17:d5:b9:75:dd:63:77:99:89:c5:52:57:5d:ae:
49:76:9f:a6:e9:e0:a0:09:39:56:23:da:f7:c3:37:dd:07:77:
99:de:42:89:3e:cb:73:b8:7d:e4:74:33:37:00:8c:04:cc:1c:
48:83:97:b9:f0:78:39:04:66:f5:c7:fd:9c:4b:13:15:0c:fa:
e2:ec:77:88:0a:da:17:fc:fe:5b:9c:b6:1e:1d:97:85:8e:56:
b0:91:14:31:21:aa:3f:15:71:d0:ee:ec:95:c4:c7:18:a5:51:
d7:c3:fa:bb:7f:94:4f:80:04:13:d6:a3:fb:c0:67:c1:0f:a8:
6f:63:9a:fd:eb:fd:e8:bc:c9:6c:8d:7b:f7:09:46:68:4c:6e:
6c:d9:ce:d9:1a:1d:56:a4:61:29:3c:8a:f4:d3:48:9d:68:57:
64:70:8b:66:c1:69:2e:b3:e5:be:cd:cb:b1:ea:89:08:b5:16:
99:7d:bc:a8:e1:2f:82:65:4d:d3:54:30:57:5b:49:59:aa:c7:
b2:21:c5:be:e0:29:eb:fb:e3:b7:94:b1:0c:b3:f9:0e:83:a1:
ee:fb:ae:50:75:5e:ee:18:be:8e:d2:a9:05:26:49:29:cf:df:
bc:3a:08:3e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQE1/xIITWBjzmVh4MOGeiQY08GIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjA0MTMwNzQ2MzJaFw0yNzA0MTIwNzUxMzJaMDMxMTAvBgNV
BAMTKEMzRUUzOEQxQUZDRDQxQzlENkZCRTFDMThENzU1MkYzMDNGM0VBM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIJa/sFVHgPwHMgR/vbLB9NyG/
CXYA9FaE8zpduKTBo12ArayFhIHzXil1TYUWI2hx17P8RcPGcHqAj/4i6cFm/+3C
USYF7fPAb6gD7TEv0NPyo5xzWWK0E1MlBKo+5T9WSH4GQ44lFesLpVs4dAtHtuW6
v4ONKvKzkJBwd3wIMTSw7EAW9uCQIZPC8ZyM5UvV7Whfn0YlLQ7UqcvWn0m1Us5p
AzbrQiSkV1GBCPWrXalh3SuAAP2hDlrkyJaxDgogLC/kMk4EY/FyzWCPiqE521pT
oWbj6YvzE9s0D4QVwizXRRNHQkJjBIu6gdF4of8iL2BU0RqnoAYdiJn+ro2xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUw+440a/NQcnW++HBjXVS8wPz6j0wHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC80YcwDQYJKoZIhvcNAQELBQADggEBAFgB5ByaA+tlHYSJvncW90auMeLZjeQX
1bl13WN3mYnFUlddrkl2n6bp4KAJOVYj2vfDN90Hd5neQok+y3O4feR0MzcAjATM
HEiDl7nweDkEZvXH/ZxLExUM+uLsd4gK2hf8/lucth4dl4WOVrCRFDEhqj8VcdDu
7JXExxilUdfD+rt/lE+ABBPWo/vAZ8EPqG9jmv3r/ei8yWyNe/cJRmhMbmzZztka
HVakYSk8ivTTSJ1oV2Rwi2bBaS6z5b7Ny7HqiQi1Fpl9vKjhL4JlTdNUMFdbSVmq
x7Ihxb7gKev747eUsQyz+Q6Doe77rlB1Xu4Yvo7SqQUmSSnP37w6CD4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:51:39 2026 by rpki-client