Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33302e302f32342d3234203d3e20323036303932.roa
File: 38322e3131382e33302e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: wL/aEFW/10+Xf1wWCXVTzJ5EPb98oEAIceQ47oaOw4Q=
Subject key identifier: EA:E5:2D:17:0D:58:3A:E0:C0:C7:EE:5F:97:70:ED:FE:45:18:74:03
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 790E397821C582905ED82DF4B59EA07CB2044B65
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33302e302f32342d3234203d3e20323036303932.roa
Signing time: Thu 05 Feb 2026 11:55:36 +0000
ROA not before: Thu 05 Feb 2026 11:50:36 +0000
ROA not after: Thu 04 Feb 2027 11:55:36 +0000
asID: 206092
IP address blocks: 82.118.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:0e:39:78:21:c5:82:90:5e:d8:2d:f4:b5:9e:a0:7c:b2:04:4b:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 5 11:50:36 2026 GMT
Not After : Feb 4 11:55:36 2027 GMT
Subject: CN=EAE52D170D583AE0C0C7EE5F9770EDFE45187403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:06:26:ad:7d:cb:40:75:9d:08:cf:3c:6a:
03:30:0b:17:57:3c:43:c5:d7:e6:0e:ad:3f:c3:dd:
c7:e7:ce:9d:8e:5c:64:ec:84:b3:3b:02:47:ab:17:
72:ea:e0:86:58:00:40:8b:c3:4e:cf:50:95:e3:a7:
b8:bf:14:5c:45:c1:53:fb:78:57:77:c8:f8:70:d9:
31:56:a9:09:5a:2c:36:8b:4a:a6:9c:82:29:4c:07:
37:5a:4e:db:3c:d4:f0:97:5c:a8:60:0b:e6:83:72:
93:79:84:c8:a5:b3:d4:bd:af:28:5d:53:3c:8d:d1:
a9:25:97:c0:47:f8:ca:b8:6c:97:b2:1b:26:d4:2a:
11:07:5a:1f:91:96:70:2e:47:ee:05:32:9a:ed:4c:
bd:fb:43:9f:e1:72:63:66:40:58:9b:6c:98:1e:ca:
d0:0c:df:9a:39:e9:2a:a2:40:53:b7:23:73:83:5a:
71:b9:70:2d:5d:56:0b:03:51:2c:f8:d4:62:34:fa:
ca:e7:cc:42:c1:d4:d6:d5:4d:0c:0b:6f:7d:c1:9b:
4f:71:4c:b3:07:ea:a2:12:1b:38:47:c9:77:7a:38:
be:bf:1d:74:9e:0d:b0:c3:e1:ae:14:bd:13:04:3a:
4e:b5:36:79:7b:d0:e0:15:ef:5e:42:25:97:c7:0f:
8b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:E5:2D:17:0D:58:3A:E0:C0:C7:EE:5F:97:70:ED:FE:45:18:74:03
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33302e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.30.0/24
Signature Algorithm: sha256WithRSAEncryption
65:4f:b4:eb:a1:41:ad:27:48:ac:89:54:36:31:d8:2c:3b:bf:
e4:6a:16:6a:a8:ff:3a:94:d3:9d:c9:1f:97:a6:47:cb:7a:17:
eb:85:d4:b1:51:f5:d5:b6:6d:64:c3:e9:f4:4f:14:aa:2a:2b:
91:40:d0:01:fc:22:8c:42:c2:db:cf:00:29:4f:16:2d:80:48:
9f:a6:b7:26:c2:ff:6d:c1:c2:86:63:9e:e9:57:e8:c1:92:2e:
c2:e1:67:ce:34:48:51:d2:b9:a3:6d:db:75:21:3c:26:ed:9f:
7b:53:87:7b:f0:18:6e:22:33:14:b2:7d:d8:a2:a1:14:9a:57:
1a:d6:5d:89:13:fb:11:29:5f:7f:f3:b5:c7:4d:5f:c4:93:ca:
58:34:1a:94:9e:7b:a2:9c:56:57:b9:0c:e7:e1:31:df:61:53:
6e:63:78:0b:0e:e6:8b:2a:ae:4a:79:93:7f:0f:ff:1f:00:0a:
a3:92:b6:56:70:64:17:53:96:8b:fb:80:db:1a:76:52:7e:48:
ad:02:0f:bb:e5:1b:f8:6b:0a:e8:18:96:43:7f:41:c0:ca:54:
99:bd:dc:99:ab:41:d5:cb:81:07:3b:33:6f:3b:cc:c8:c3:fd:
c0:2c:a0:0a:11:c6:cb:ee:bd:b9:a5:43:eb:74:af:20:d2:d0:
a9:a3:91:55
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeQ45eCHFgpBe2C30tZ6gfLIES2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAyMDUxMTUwMzZaFw0yNzAyMDQxMTU1MzZaMDMxMTAvBgNV
BAMTKEVBRTUyRDE3MEQ1ODNBRTBDMEM3RUU1Rjk3NzBFREZFNDUxODc0MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8nQYmrX3LQHWdCM88agMwCxdX
PEPF1+YOrT/D3cfnzp2OXGTshLM7AkerF3Lq4IZYAECLw07PUJXjp7i/FFxFwVP7
eFd3yPhw2TFWqQlaLDaLSqacgilMBzdaTts81PCXXKhgC+aDcpN5hMils9S9ryhd
UzyN0akll8BH+Mq4bJeyGybUKhEHWh+RlnAuR+4FMprtTL37Q5/hcmNmQFibbJge
ytAM35o56SqiQFO3I3ODWnG5cC1dVgsDUSz41GI0+srnzELB1NbVTQwLb33Bm09x
TLMH6qISGzhHyXd6OL6/HXSeDbDD4a4UvRMEOk61Nnl70OAV715CJZfHD4sNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU6uUtFw1YOuDAx+5fl3Dt/kUYdAMwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzAzOTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYeMA0GCSqGSIb3DQEBCwUAA4IBAQBlT7TroUGtJ0isiVQ2MdgsO7/kahZqqP86
lNOdyR+XpkfLehfrhdSxUfXVtm1kw+n0TxSqKiuRQNAB/CKMQsLbzwApTxYtgEif
prcmwv9twcKGY57pV+jBki7C4WfONEhR0rmjbdt1ITwm7Z97U4d78BhuIjMUsn3Y
oqEUmlca1l2JE/sRKV9/87XHTV/Ek8pYNBqUnnuinFZXuQzn4THfYVNuY3gLDuaL
Kq5KeZN/D/8fAAqjkrZWcGQXU5aL+4DbGnZSfkitAg+75Rv4awroGJZDf0HAylSZ
vdyZq0HVy4EHOzNvO8zIw/3ALKAKEcbL7r25pUPrdK8g0tCpo5FV
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:30:24 2026 by rpki-client