Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133352e302f32342d3234203d3e203136353039.roa
File: 3138382e3230392e3133352e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: MR78t/01g1zw2lIVYUFZqhiiSmRh3nMhe5yPeb1TK5M=
Subject key identifier: 1F:22:FF:A6:A2:1A:DF:F6:B2:1C:31:4B:3C:96:76:96:C1:71:F5:AA
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 472F74FDA51B638C41EF08D88754473831923E30
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133352e302f32342d3234203d3e203136353039.roa
Signing time: Mon 13 Apr 2026 07:51:33 +0000
ROA not before: Mon 13 Apr 2026 07:46:33 +0000
ROA not after: Mon 12 Apr 2027 07:51:33 +0000
asID: 16509
IP address blocks: 188.209.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:2f:74:fd:a5:1b:63:8c:41:ef:08:d8:87:54:47:38:31:92:3e:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Apr 13 07:46:33 2026 GMT
Not After : Apr 12 07:51:33 2027 GMT
Subject: CN=1F22FFA6A21ADFF6B21C314B3C967696C171F5AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:00:d8:35:db:35:8a:ae:74:6e:5b:26:91:c5:
9a:85:54:c3:90:87:69:49:26:0b:46:73:1b:dd:36:
46:bb:7f:4f:98:a7:52:03:60:c7:35:7b:97:00:17:
22:2d:fd:18:c3:3b:b8:1e:f7:25:a9:a5:bd:da:07:
eb:f8:c5:41:9b:64:5e:e1:54:85:ba:a8:12:93:82:
52:91:a6:8c:d3:57:e7:99:8c:e4:2e:b6:83:2e:2b:
f1:6c:b1:ce:c4:45:17:8e:0c:7d:90:28:82:93:40:
a2:3f:40:c1:a5:69:95:2b:46:04:d7:5b:70:51:94:
ee:2e:64:a6:da:37:28:72:4d:30:48:f4:d0:eb:9e:
40:a6:a5:a9:7a:8e:f0:c1:79:fc:b5:8d:b5:83:30:
a1:7e:aa:97:c6:d1:31:7a:71:ac:5c:69:b3:c5:bd:
ee:54:87:a6:09:54:2e:47:b6:64:0b:d7:75:63:05:
83:06:48:59:bc:cd:02:86:24:9f:76:da:3d:f0:d0:
28:db:3b:b5:10:48:46:01:87:75:f6:4d:ce:11:8f:
89:7f:f8:56:31:2b:d6:c8:50:d4:6a:e5:a3:14:4b:
68:51:e8:33:a6:2d:46:d5:95:e3:c0:a8:31:96:b7:
1f:50:c8:a2:25:45:c4:f6:13:7b:a2:33:f3:5e:46:
a8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:22:FF:A6:A2:1A:DF:F6:B2:1C:31:4B:3C:96:76:96:C1:71:F5:AA
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133352e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.135.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:db:99:35:80:24:94:90:8b:c0:42:ed:8a:7e:2d:53:17:b4:
7c:4e:2a:fe:ed:1d:bd:27:ee:8c:b8:1f:a3:ab:42:b5:e6:6d:
75:69:36:9e:56:e1:5f:d5:bc:75:03:42:f6:e4:be:62:3d:55:
93:9e:6c:f5:bd:cf:97:fc:9f:69:1a:50:b9:47:7f:7b:c1:b8:
0f:b0:9f:ad:92:17:10:4a:76:06:27:67:f1:ab:43:e9:f8:6c:
22:09:c2:2c:8e:df:59:33:1e:03:9f:5d:a1:9a:d2:97:07:cc:
83:31:40:bc:c3:af:33:8a:91:ed:ff:be:24:da:28:41:83:0a:
47:93:b8:78:2c:45:3e:08:53:e9:5d:de:0c:02:e6:73:45:2e:
7a:f4:d5:92:b8:b0:be:9e:7e:f9:18:b4:ea:a3:90:55:9a:f8:
dd:44:fa:95:97:e5:68:d7:4b:f1:b6:8e:25:e1:f8:cf:e2:28:
06:ea:ce:9e:e0:2b:02:a0:63:a3:38:67:f8:cc:b1:ac:46:a0:
fa:ad:d3:00:ad:e0:a0:31:c7:32:61:50:e6:ff:1f:1f:8f:5f:
9f:f2:f3:ef:22:ca:4a:b7:0b:41:b2:c6:c3:c8:33:c3:67:67:
e6:67:97:f7:7f:3d:4a:0c:87:06:ce:6e:4e:56:ce:1b:74:f1:
6b:5f:af:8f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURy90/aUbY4xB7wjYh1RHODGSPjAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjA0MTMwNzQ2MzNaFw0yNzA0MTIwNzUxMzNaMDMxMTAvBgNV
BAMTKDFGMjJGRkE2QTIxQURGRjZCMjFDMzE0QjNDOTY3Njk2QzE3MUY1QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ANg12zWKrnRuWyaRxZqFVMOQ
h2lJJgtGcxvdNka7f0+Yp1IDYMc1e5cAFyIt/RjDO7ge9yWppb3aB+v4xUGbZF7h
VIW6qBKTglKRpozTV+eZjOQutoMuK/Fssc7ERReODH2QKIKTQKI/QMGlaZUrRgTX
W3BRlO4uZKbaNyhyTTBI9NDrnkCmpal6jvDBefy1jbWDMKF+qpfG0TF6caxcabPF
ve5Uh6YJVC5HtmQL13VjBYMGSFm8zQKGJJ922j3w0CjbO7UQSEYBh3X2Tc4Rj4l/
+FYxK9bIUNRq5aMUS2hR6DOmLUbVlePAqDGWtx9QyKIlRcT2E3uiM/NeRqgxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHyL/pqIa3/ayHDFLPJZ2lsFx9aowHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC80YcwDQYJKoZIhvcNAQELBQADggEBAH7bmTWAJJSQi8BC7Yp+LVMXtHxOKv7t
Hb0n7oy4H6OrQrXmbXVpNp5W4V/VvHUDQvbkvmI9VZOebPW9z5f8n2kaULlHf3vB
uA+wn62SFxBKdgYnZ/GrQ+n4bCIJwiyO31kzHgOfXaGa0pcHzIMxQLzDrzOKke3/
viTaKEGDCkeTuHgsRT4IU+ld3gwC5nNFLnr01ZK4sL6efvkYtOqjkFWa+N1E+pWX
5WjXS/G2jiXh+M/iKAbqzp7gKwKgY6M4Z/jMsaxGoPqt0wCt4KAxxzJhUOb/Hx+P
X5/y8+8iykq3C0GyxsPIM8NnZ+Znl/d/PUoMhwbObk5Wzht08Wtfr48=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:50:11 2026 by rpki-client