Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32392e302f32342d3234203d3e20323036303932.roa
File: 38322e3131382e32392e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: wVyOrO0P1oozn0Q2ajYhvKJnhXudTg7Oa3BgjMasSeY=
Subject key identifier: D7:F5:24:8A:DE:FF:B0:9F:3D:A4:82:3F:FF:E7:29:27:05:80:87:3B
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 108300DABAD1154A9ACDCA549B5D5111F66AE53D
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32392e302f32342d3234203d3e20323036303932.roa
Signing time: Thu 05 Feb 2026 11:55:37 +0000
ROA not before: Thu 05 Feb 2026 11:50:37 +0000
ROA not after: Thu 04 Feb 2027 11:55:37 +0000
asID: 206092
IP address blocks: 82.118.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:83:00:da:ba:d1:15:4a:9a:cd:ca:54:9b:5d:51:11:f6:6a:e5:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 5 11:50:37 2026 GMT
Not After : Feb 4 11:55:37 2027 GMT
Subject: CN=D7F5248ADEFFB09F3DA4823FFFE729270580873B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5a:a2:5d:0d:b1:d0:68:f4:bf:8f:1a:e0:ce:
11:5d:8d:73:11:51:05:c6:a4:e5:56:79:21:88:6f:
0f:0d:7e:bd:65:8a:41:16:f6:c8:e3:b1:30:ac:af:
51:37:55:bc:5a:3a:4a:cc:e5:f3:13:b8:56:98:a1:
87:32:ea:80:2c:35:e3:42:77:89:b1:5a:d4:7b:6d:
2b:cb:39:cd:9a:f0:ed:07:eb:8b:77:dd:15:f9:a1:
cc:70:9c:38:22:f0:54:7f:13:72:5a:01:e4:e7:0b:
10:de:eb:8d:2d:53:6b:13:b1:ef:07:00:37:8b:9c:
30:1e:20:36:8e:0b:73:58:79:54:cf:8e:3f:94:f6:
80:05:df:0e:2b:5e:73:25:3c:86:82:8d:49:da:fe:
56:62:2f:66:48:3c:5c:67:b4:42:09:04:1b:1c:f9:
3c:20:5c:1b:be:b7:a5:22:84:0b:4c:89:70:52:3c:
9e:44:b2:83:64:ba:09:50:12:6f:56:d8:34:da:a3:
fc:5c:2f:89:1e:50:7a:15:cf:69:5a:45:2b:91:5f:
4d:db:6a:69:72:91:49:7a:ef:cd:ee:2f:03:3d:c5:
ed:75:69:ff:95:8d:c5:28:1f:b1:20:3b:cc:f6:bd:
96:ea:76:9b:36:db:e5:36:9f:86:61:5f:f9:6d:c9:
de:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F5:24:8A:DE:FF:B0:9F:3D:A4:82:3F:FF:E7:29:27:05:80:87:3B
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32392e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.29.0/24
Signature Algorithm: sha256WithRSAEncryption
70:54:3b:3c:99:54:33:23:bd:9f:1d:c1:f8:7f:85:4a:2b:5d:
c2:d7:cf:f7:25:7b:0b:b9:15:c8:a6:20:14:b0:bf:36:d9:89:
54:a3:fa:2b:66:f0:83:78:bd:ac:c1:c5:68:18:e4:a9:f9:aa:
96:84:b5:6f:b9:1c:c6:18:b6:fb:22:32:97:46:f1:22:b8:b8:
72:e0:ea:b9:a9:fa:50:82:cf:72:64:55:99:d4:90:b5:23:2a:
c7:6a:e8:07:6d:23:01:e4:06:1f:3e:31:58:b6:65:ed:03:07:
e4:d5:33:7d:4c:3f:c9:53:76:d8:84:23:b9:a0:8d:72:43:b8:
02:ed:f5:45:68:4b:f0:0f:75:43:2a:e8:58:72:77:87:39:e4:
b1:3e:db:5a:7e:1a:a6:d0:9f:a1:bd:5f:e7:3b:6e:14:02:ec:
ac:fa:8f:ff:50:5f:66:ab:3c:7e:1d:f1:64:d1:89:06:a5:aa:
55:c3:dc:2b:1b:e0:81:64:44:0b:93:94:5c:3f:13:f6:40:24:
c1:67:ec:99:a9:c1:6a:93:d8:ad:4c:9f:c6:cf:34:04:d4:ef:
56:6f:82:59:f0:97:51:76:30:31:fb:2d:9c:39:85:1c:22:52:
09:0e:fa:9e:5b:b9:78:da:2f:36:b1:5d:2c:b6:31:53:96:c7:
54:18:55:8b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEIMA2rrRFUqazcpUm11REfZq5T0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAyMDUxMTUwMzdaFw0yNzAyMDQxMTU1MzdaMDMxMTAvBgNV
BAMTKEQ3RjUyNDhBREVGRkIwOUYzREE0ODIzRkZGRTcyOTI3MDU4MDg3M0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEWqJdDbHQaPS/jxrgzhFdjXMR
UQXGpOVWeSGIbw8Nfr1likEW9sjjsTCsr1E3VbxaOkrM5fMTuFaYoYcy6oAsNeNC
d4mxWtR7bSvLOc2a8O0H64t33RX5ocxwnDgi8FR/E3JaAeTnCxDe640tU2sTse8H
ADeLnDAeIDaOC3NYeVTPjj+U9oAF3w4rXnMlPIaCjUna/lZiL2ZIPFxntEIJBBsc
+TwgXBu+t6UihAtMiXBSPJ5EsoNkuglQEm9W2DTao/xcL4keUHoVz2laRSuRX03b
amlykUl6783uLwM9xe11af+VjcUoH7EgO8z2vZbqdps22+U2n4ZhX/ltyd7dAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1/Ukit7/sJ89pII//+cpJwWAhzswHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzAzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYdMA0GCSqGSIb3DQEBCwUAA4IBAQBwVDs8mVQzI72fHcH4f4VKK13C18/3JXsL
uRXIpiAUsL822YlUo/orZvCDeL2swcVoGOSp+aqWhLVvuRzGGLb7IjKXRvEiuLhy
4Oq5qfpQgs9yZFWZ1JC1IyrHaugHbSMB5AYfPjFYtmXtAwfk1TN9TD/JU3bYhCO5
oI1yQ7gC7fVFaEvwD3VDKuhYcneHOeSxPttafhqm0J+hvV/nO24UAuys+o//UF9m
qzx+HfFk0YkGpapVw9wrG+CBZEQLk5RcPxP2QCTBZ+yZqcFqk9itTJ/GzzQE1O9W
b4JZ8JdRdjAx+y2cOYUcIlIJDvqeW7l42i82sV0stjFTlsdUGFWL
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:43:37 2026 by rpki-client