Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133392e302f32342d3234203d3e20323134303235.roa
File: 3138382e3230392e3133392e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: J3Bx8WZhfGDHdr2It9Q5zzfpBXAPULNHfeGeOlWYDQA=
Subject key identifier: 99:0E:E0:C8:B4:87:4B:EC:FC:09:C1:D1:65:07:E9:64:86:84:5B:25
Certificate issuer: /CN=7374bc6d025135bed9539779a03fdd64abeba11f
Certificate serial: 72125A86BCA7F22DCA0208F603CB75CFB318A7A8
Authority key identifier: 73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133392e302f32342d3234203d3e20323134303235.roa
Signing time: Mon 30 Mar 2026 04:20:55 +0000
ROA not before: Mon 30 Mar 2026 04:15:55 +0000
ROA not after: Mon 29 Mar 2027 04:20:55 +0000
asID: 214025
IP address blocks: 188.209.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.mft
rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:12:5a:86:bc:a7:f2:2d:ca:02:08:f6:03:cb:75:cf:b3:18:a7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7374bc6d025135bed9539779a03fdd64abeba11f
Validity
Not Before: Mar 30 04:15:55 2026 GMT
Not After : Mar 29 04:20:55 2027 GMT
Subject: CN=990EE0C8B4874BECFC09C1D16507E96486845B25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e6:34:ae:b5:c4:60:1b:12:bf:8b:d7:3c:a5:
44:d0:e5:a2:87:79:b1:e1:d2:5d:64:c8:e2:5a:fa:
8c:09:77:9d:bc:00:ce:6c:21:54:7c:d7:ba:8c:ef:
af:1a:54:d7:65:12:c9:8a:f6:88:fa:f4:6b:9a:c2:
0d:66:71:db:c3:b3:4d:31:49:8e:b4:76:c5:43:97:
8b:34:28:f9:c4:36:b5:67:f2:f0:4e:f4:e7:35:16:
b0:85:76:ff:06:cf:14:d7:c0:b0:4b:25:a6:52:9b:
1f:24:23:a0:0a:3c:69:4f:49:9a:e0:31:11:51:21:
9d:2b:29:48:2e:32:59:1f:df:9f:3d:90:79:0b:0d:
51:8c:4f:d7:ab:bc:da:ac:41:46:e3:8d:a3:96:aa:
51:28:b3:92:ec:d3:f9:9f:52:45:e2:fd:61:bc:19:
af:a8:59:30:97:93:53:dc:b3:ec:db:03:15:36:44:
0c:d7:44:b0:ef:ff:31:a9:09:a5:49:90:e6:87:c7:
68:87:87:59:16:91:9b:fc:d9:64:2f:b7:0a:0e:39:
65:f2:32:e8:d1:60:3b:7d:b5:01:d6:38:22:d2:6a:
36:f2:2d:78:e8:40:a8:fc:d4:52:b1:a5:4a:8b:37:
4a:65:6e:f3:b6:65:ed:ec:84:d6:22:80:60:29:42:
e9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:0E:E0:C8:B4:87:4B:EC:FC:09:C1:D1:65:07:E9:64:86:84:5B:25
X509v3 Authority Key Identifier:
keyid:73:74:BC:6D:02:51:35:BE:D9:53:97:79:A0:3F:DD:64:AB:EB:A1:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/7374BC6D025135BED9539779A03FDD64ABEBA11F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3S8bQJRNb7ZU5d5oD_dZKvroR8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e42585f7-bc1b-4970-bd34-dbfd2b2147d2/0/3138382e3230392e3133392e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.139.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:54:00:16:63:08:1f:7b:c2:91:f2:a8:92:93:c1:67:c4:98:
bb:c5:a0:57:52:c2:b0:d1:60:0a:a4:45:37:f7:2c:4c:65:a3:
0e:9f:bb:7d:ce:f8:9d:a0:56:c4:9f:e2:b4:a6:b8:ba:0b:3b:
ab:ac:5d:ab:cd:e5:62:ce:89:a2:67:98:0e:02:f0:7b:36:3e:
04:73:1b:e6:d2:b4:e4:e6:54:ad:d6:ba:68:c4:75:f4:2c:a8:
ce:80:0a:86:30:09:c3:25:99:18:79:c5:25:c9:d4:e4:47:02:
19:a3:ea:ad:87:c4:30:35:ee:91:de:4f:25:93:3e:ee:fb:8b:
e5:f5:b1:d2:5b:fb:8d:bb:e0:7e:6a:61:37:a6:a7:e4:8d:f3:
ad:83:b3:42:6f:6b:dd:de:81:b4:4c:19:bf:f1:39:48:31:33:
1a:72:94:d8:4c:2c:06:ce:9e:35:5e:91:b7:02:97:b0:7e:05:
f1:0d:2b:c5:4b:c1:eb:05:1e:ea:ec:e8:86:cc:44:7f:b5:26:
54:11:dd:99:c0:e2:18:03:48:ff:f6:cd:df:4b:ac:4f:29:7f:
85:66:ba:ea:b7:a7:cd:48:0f:6b:1b:25:ce:89:fc:6e:b2:f1:
21:56:b6:47:8c:89:0c:60:4f:a1:85:c4:0d:55:68:a3:d6:7f:
45:49:f6:4e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUchJahryn8i3KAgj2A8t1z7MYp6gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM3NGJjNmQwMjUxMzViZWQ5NTM5Nzc5YTAzZmRkNjRh
YmViYTExZjAeFw0yNjAzMzAwNDE1NTVaFw0yNzAzMjkwNDIwNTVaMDMxMTAvBgNV
BAMTKDk5MEVFMEM4QjQ4NzRCRUNGQzA5QzFEMTY1MDdFOTY0ODY4NDVCMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc5jSutcRgGxK/i9c8pUTQ5aKH
ebHh0l1kyOJa+owJd528AM5sIVR817qM768aVNdlEsmK9oj69Guawg1mcdvDs00x
SY60dsVDl4s0KPnENrVn8vBO9Oc1FrCFdv8GzxTXwLBLJaZSmx8kI6AKPGlPSZrg
MRFRIZ0rKUguMlkf3589kHkLDVGMT9ervNqsQUbjjaOWqlEos5Ls0/mfUkXi/WG8
Ga+oWTCXk1Pcs+zbAxU2RAzXRLDv/zGpCaVJkOaHx2iHh1kWkZv82WQvtwoOOWXy
MujRYDt9tQHWOCLSajbyLXjoQKj81FKxpUqLN0plbvO2Ze3shNYigGApQun9AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUmQ7gyLSHS+z8CcHRZQfpZIaEWyUwHwYDVR0j
BBgwFoAUc3S8bQJRNb7ZU5d5oD/dZKvroR8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTQyNTg1ZjctYmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0
N2QyLzAvNzM3NEJDNkQwMjUxMzVCRUQ5NTM5Nzc5QTAzRkRENjRBQkVCQTExRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MzUzhiUUpSTmI3WlU1ZDVvRF9kWkt2
cm9SOC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTQyNTg1Zjct
YmMxYi00OTcwLWJkMzQtZGJmZDJiMjE0N2QyLzAvMzEzODM4MmUzMjMwMzkyZTMx
MzMzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDMwMzIzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALzRizANBgkqhkiG9w0BAQsFAAOCAQEAC1QAFmMIH3vCkfKokpPBZ8SYu8Wg
V1LCsNFgCqRFN/csTGWjDp+7fc74naBWxJ/itKa4ugs7q6xdq83lYs6JomeYDgLw
ezY+BHMb5tK05OZUrda6aMR19CyozoAKhjAJwyWZGHnFJcnU5EcCGaPqrYfEMDXu
kd5PJZM+7vuL5fWx0lv7jbvgfmphN6an5I3zrYOzQm9r3d6BtEwZv/E5SDEzGnKU
2EwsBs6eNV6RtwKXsH4F8Q0rxUvB6wUe6uzohsxEf7UmVBHdmcDiGANI//bN30us
Tyl/hWa66renzUgPaxslzon8brLxIVa2R4yJDGBPoYXEDVVoo9Z/RUn2Tg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:14:04 2026 by rpki-client