Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32352e302f32342d3234203d3e20323030303137.roa
File: 38322e3131382e32352e302f32342d3234203d3e20323030303137.roa (raw, json)
Hash identifier: sViFIZ6OozSjA5pHbhyv+L6dE4R+g28oMJzVvvg6Z8A=
Subject key identifier: 96:31:5E:24:21:C7:AC:45:01:C0:F7:82:8C:EA:33:61:28:16:BF:83
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 03C9E5B1F78DEFBEAD3DDCDD9E4066F4011E1A4C
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32352e302f32342d3234203d3e20323030303137.roa
Signing time: Mon 26 Jan 2026 11:55:35 +0000
ROA not before: Mon 26 Jan 2026 11:50:35 +0000
ROA not after: Mon 25 Jan 2027 11:55:35 +0000
asID: 200017
IP address blocks: 82.118.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:50:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c9:e5:b1:f7:8d:ef:be:ad:3d:dc:dd:9e:40:66:f4:01:1e:1a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Jan 26 11:50:35 2026 GMT
Not After : Jan 25 11:55:35 2027 GMT
Subject: CN=96315E2421C7AC4501C0F7828CEA33612816BF83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:51:8c:e2:3c:e1:fc:c2:ae:a7:4c:2e:bb:2a:
26:6e:33:15:5b:50:a0:0c:0a:8e:04:1a:5d:4f:e3:
a7:77:f8:a8:91:93:4f:bd:67:93:b6:1c:d5:f2:81:
30:b0:3a:03:4e:84:eb:c4:33:b0:22:84:9c:e3:b8:
63:c0:a9:bd:6c:98:11:56:34:45:01:be:2d:d2:77:
2f:07:ce:4c:aa:1c:59:ed:e4:d4:2e:50:ee:dd:a8:
17:86:59:8d:2c:59:b0:87:88:e4:37:8c:c6:70:cf:
d9:0b:e3:ee:56:e2:41:c0:3e:cb:06:bb:46:56:05:
4e:01:f0:47:11:a3:e4:c3:4c:80:1c:09:32:a8:5e:
3f:40:3a:66:4f:ed:d8:b0:c0:3b:e4:08:f8:8c:58:
c0:3a:4f:00:91:84:f8:9d:86:76:4e:3f:45:7d:91:
6b:b2:38:b4:64:41:27:3f:41:6a:9d:63:8f:4a:c0:
06:f8:34:d1:35:a1:c1:ec:a6:3b:d0:c5:1b:02:e0:
d3:db:db:76:ab:25:73:cc:55:e4:07:c7:05:69:0c:
af:99:c1:61:eb:d8:a9:02:57:f6:37:d9:e2:38:15:
c6:1c:74:73:87:fd:84:f6:cc:59:bf:e5:c1:5f:3b:
ad:8f:fe:bb:3b:83:21:47:ee:fc:01:2e:7b:54:99:
73:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:31:5E:24:21:C7:AC:45:01:C0:F7:82:8C:EA:33:61:28:16:BF:83
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32352e302f32342d3234203d3e20323030303137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.25.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ae:13:3d:50:9b:d7:ab:91:cf:f8:e3:f1:d9:07:ae:d4:9c:
c2:7e:d1:23:54:f6:f7:96:48:a4:65:54:b7:88:0d:a7:f4:bb:
9c:68:f0:b2:a6:8a:80:85:02:60:da:49:e4:57:82:11:0f:b9:
3a:e9:7e:2c:75:bf:2c:89:55:a8:5d:d7:ba:95:8c:ad:2d:f6:
32:ba:41:55:a3:0c:c4:09:7f:5f:c4:45:32:c1:74:cd:ee:97:
8f:66:93:2c:3e:23:6a:38:2a:9d:35:7b:11:1e:c5:24:3d:46:
01:f0:ac:ac:d4:78:90:88:ed:f9:a8:02:79:63:0c:43:a0:e5:
c3:89:a7:63:ed:3c:bd:32:2f:50:a8:33:5e:db:8d:66:b6:ea:
ca:7f:63:63:b8:c4:6b:19:a8:cf:49:e4:c9:91:28:33:71:b0:
30:a6:10:3a:6b:c6:4d:6c:11:10:18:39:ed:79:e0:71:41:15:
8c:ad:d7:dd:1d:34:69:8e:ef:d7:62:19:79:e1:81:97:9b:3a:
95:23:d0:5e:74:b1:ec:cc:8a:19:e6:60:59:ed:16:c1:b5:45:
cc:28:bd:a0:dd:53:ae:59:37:3c:f4:91:bb:4f:16:a7:1c:0d:
2c:fa:3e:8c:e9:04:fc:35:dd:20:d8:b2:55:c8:cb:a7:59:3b:
78:22:aa:bc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUA8nlsfeN776tPdzdnkBm9AEeGkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAxMjYxMTUwMzVaFw0yNzAxMjUxMTU1MzVaMDMxMTAvBgNV
BAMTKDk2MzE1RTI0MjFDN0FDNDUwMUMwRjc4MjhDRUEzMzYxMjgxNkJGODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVUYziPOH8wq6nTC67KiZuMxVb
UKAMCo4EGl1P46d3+KiRk0+9Z5O2HNXygTCwOgNOhOvEM7AihJzjuGPAqb1smBFW
NEUBvi3Sdy8HzkyqHFnt5NQuUO7dqBeGWY0sWbCHiOQ3jMZwz9kL4+5W4kHAPssG
u0ZWBU4B8EcRo+TDTIAcCTKoXj9AOmZP7diwwDvkCPiMWMA6TwCRhPidhnZOP0V9
kWuyOLRkQSc/QWqdY49KwAb4NNE1ocHspjvQxRsC4NPb23arJXPMVeQHxwVpDK+Z
wWHr2KkCV/Y32eI4FcYcdHOH/YT2zFm/5cFfO62P/rs7gyFH7vwBLntUmXNJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUljFeJCHHrEUBwPeCjOozYSgWv4MwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzAzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYZMA0GCSqGSIb3DQEBCwUAA4IBAQCZrhM9UJvXq5HP+OPx2Qeu1JzCftEjVPb3
lkikZVS3iA2n9LucaPCypoqAhQJg2knkV4IRD7k66X4sdb8siVWoXde6lYytLfYy
ukFVowzECX9fxEUywXTN7pePZpMsPiNqOCqdNXsRHsUkPUYB8Kys1HiQiO35qAJ5
YwxDoOXDiadj7Ty9Mi9QqDNe241mturKf2NjuMRrGajPSeTJkSgzcbAwphA6a8ZN
bBEQGDnteeBxQRWMrdfdHTRpju/XYhl54YGXmzqVI9BedLHszIoZ5mBZ7RbBtUXM
KL2g3VOuWTc89JG7TxanHA0s+j6M6QT8Nd0g2LJVyMunWTt4Iqq8
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:33:32 2026 by rpki-client