Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33302e302f32342d3234203d3e20323036313530.roa
File: 38322e3131382e33302e302f32342d3234203d3e20323036313530.roa (raw, json)
Hash identifier: kMPtJcjG9tfatTfMeU7MeMrJk9DMb6WVWPy6p9Bto5Q=
Subject key identifier: 80:FD:7F:0B:CE:5B:84:2B:09:78:DA:80:AE:4A:BB:8D:BD:C4:0A:BB
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 4BAE780EEACFA5A11F0EA426359EF5AF022D2E2E
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33302e302f32342d3234203d3e20323036313530.roa
Signing time: Thu 05 Feb 2026 11:55:37 +0000
ROA not before: Thu 05 Feb 2026 11:50:37 +0000
ROA not after: Thu 04 Feb 2027 11:55:37 +0000
asID: 206150
IP address blocks: 82.118.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:ae:78:0e:ea:cf:a5:a1:1f:0e:a4:26:35:9e:f5:af:02:2d:2e:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 5 11:50:37 2026 GMT
Not After : Feb 4 11:55:37 2027 GMT
Subject: CN=80FD7F0BCE5B842B0978DA80AE4ABB8DBDC40ABB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:da:7f:86:1a:ab:98:3a:0a:56:55:c6:89:c6:
11:79:47:15:5b:85:7b:15:d2:cd:af:27:a3:b2:12:
c2:ee:37:c6:2a:5b:84:e9:5b:9b:50:b1:dc:7b:dc:
d7:47:8d:09:f1:ac:4f:e4:ee:91:35:86:1f:f6:97:
5b:37:0c:f3:6a:fa:ad:e6:27:4e:90:ad:f4:44:51:
ad:71:f0:84:d2:0a:94:5f:6e:9a:b2:83:a0:ec:50:
f9:8b:d7:0a:6c:d9:7a:9e:54:1e:c6:52:a6:f8:88:
ce:88:55:2a:3e:c6:f1:ef:56:91:7a:b8:a6:2f:88:
fd:17:0c:45:03:1d:4c:7a:b7:3b:4b:3d:9a:a3:7f:
34:41:fc:ee:aa:23:af:5b:1c:1d:52:73:db:e5:e7:
08:68:69:ff:30:87:e5:3f:46:41:61:5e:c1:ee:0c:
b1:19:b4:af:e3:23:3b:8e:98:0c:c6:6e:ce:87:dd:
93:bd:62:d9:d1:3b:67:20:e0:12:17:92:bd:21:8c:
35:b3:90:7c:62:df:f0:91:b7:5b:19:35:4f:c3:f5:
c3:52:df:0d:02:b7:cc:dc:40:7b:36:04:c3:9e:e9:
ce:cc:0e:e2:e6:0e:33:3e:dc:f8:4c:a8:08:30:82:
b3:6f:99:45:86:20:c0:8c:d5:05:af:5e:15:2c:9d:
ed:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:FD:7F:0B:CE:5B:84:2B:09:78:DA:80:AE:4A:BB:8D:BD:C4:0A:BB
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33302e302f32342d3234203d3e20323036313530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.30.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:d7:ab:be:ba:1e:94:ec:eb:35:37:d5:24:2e:21:4e:08:52:
32:a9:bd:be:57:37:2f:7d:3a:06:58:a8:ff:d2:7d:60:8d:85:
15:cc:e6:7f:37:69:79:87:3b:23:23:1d:a7:4e:fd:b6:33:cf:
37:f2:7b:a0:c8:c4:d5:d6:cf:7f:37:64:eb:27:07:4a:ea:1d:
6f:16:11:5f:e4:cc:04:7c:14:3c:66:cc:40:2e:a4:65:d4:c5:
e6:78:15:e5:3d:46:7c:5e:6f:71:37:68:b4:5a:9e:3d:27:0e:
d7:8d:8f:13:f9:7e:d4:c8:9b:f1:92:26:3b:76:c6:48:2d:a9:
e6:d9:c8:64:f8:9f:38:7c:95:de:fe:71:34:c7:32:8d:08:73:
5d:b6:32:3a:37:6f:f6:16:8e:4b:b1:0c:24:f2:76:fa:26:12:
6f:26:c7:23:80:f5:ad:06:7e:0e:94:d6:0c:c9:95:f1:5e:46:
a2:22:ce:9d:b1:5e:69:5a:65:cd:6c:a0:c7:3e:86:a0:1e:1c:
34:72:0f:fa:6f:80:6f:5f:02:b5:90:eb:06:cb:24:d9:cf:c2:
66:3c:09:e2:2b:73:04:95:e5:cc:41:77:26:cc:78:a7:66:7c:
1b:4b:08:6e:3c:a4:f1:2a:aa:c9:1b:86:49:00:65:d8:76:53:
75:61:18:61
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUS654DurPpaEfDqQmNZ71rwItLi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAyMDUxMTUwMzdaFw0yNzAyMDQxMTU1MzdaMDMxMTAvBgNV
BAMTKDgwRkQ3RjBCQ0U1Qjg0MkIwOTc4REE4MEFFNEFCQjhEQkRDNDBBQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC52n+GGquYOgpWVcaJxhF5RxVb
hXsV0s2vJ6OyEsLuN8YqW4TpW5tQsdx73NdHjQnxrE/k7pE1hh/2l1s3DPNq+q3m
J06QrfREUa1x8ITSCpRfbpqyg6DsUPmL1wps2XqeVB7GUqb4iM6IVSo+xvHvVpF6
uKYviP0XDEUDHUx6tztLPZqjfzRB/O6qI69bHB1Sc9vl5whoaf8wh+U/RkFhXsHu
DLEZtK/jIzuOmAzGbs6H3ZO9YtnRO2cg4BIXkr0hjDWzkHxi3/CRt1sZNU/D9cNS
3w0Ct8zcQHs2BMOe6c7MDuLmDjM+3PhMqAgwgrNvmUWGIMCM1QWvXhUsne0jAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgP1/C85bhCsJeNqArkq7jb3ECrswHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzEzNTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYeMA0GCSqGSIb3DQEBCwUAA4IBAQCn16u+uh6U7Os1N9UkLiFOCFIyqb2+Vzcv
fToGWKj/0n1gjYUVzOZ/N2l5hzsjIx2nTv22M8838nugyMTV1s9/N2TrJwdK6h1v
FhFf5MwEfBQ8ZsxALqRl1MXmeBXlPUZ8Xm9xN2i0Wp49Jw7XjY8T+X7UyJvxkiY7
dsZILanm2chk+J84fJXe/nE0xzKNCHNdtjI6N2/2Fo5LsQwk8nb6JhJvJscjgPWt
Bn4OlNYMyZXxXkaiIs6dsV5pWmXNbKDHPoagHhw0cg/6b4BvXwK1kOsGyyTZz8Jm
PAniK3MEleXMQXcmzHinZnwbSwhuPKTxKqrJG4ZJAGXYdlN1YRhh
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:50:24 2026 by rpki-client