Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33312e302f32342d3234203d3e20313431313538.roa
File: 38322e3131382e33312e302f32342d3234203d3e20313431313538.roa (raw, json)
Hash identifier: OTAxxu80qZiAdbkhEohivnmoAej12d8cy3FA1djbGTU=
Subject key identifier: 36:06:E4:50:56:78:27:D8:C0:6B:21:15:71:94:FD:5C:68:76:12:D4
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 66F925421E0198BB0B9DBFE58AA0E257B8438A90
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33312e302f32342d3234203d3e20313431313538.roa
Signing time: Thu 05 Feb 2026 11:55:37 +0000
ROA not before: Thu 05 Feb 2026 11:50:37 +0000
ROA not after: Thu 04 Feb 2027 11:55:37 +0000
asID: 141158
IP address blocks: 82.118.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f9:25:42:1e:01:98:bb:0b:9d:bf:e5:8a:a0:e2:57:b8:43:8a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 5 11:50:37 2026 GMT
Not After : Feb 4 11:55:37 2027 GMT
Subject: CN=3606E450567827D8C06B21157194FD5C687612D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3e:50:bc:59:4f:19:2d:cc:4e:17:b8:8c:df:
31:25:51:ea:e4:a3:b3:43:c2:28:e9:c7:81:79:70:
1f:1b:ea:77:f3:a7:8a:2e:31:3b:32:2b:2d:32:ca:
ff:47:1f:cf:e7:0c:65:c9:7a:2d:71:71:aa:48:ff:
81:b4:64:62:75:24:65:31:33:c7:91:31:0f:15:a6:
ca:b5:cf:20:f0:1b:89:72:fb:63:4b:29:14:fe:56:
52:b7:8c:33:ba:66:1e:d8:1f:7a:be:34:07:58:80:
58:4f:60:3b:27:bb:1d:6e:cc:4e:b9:f9:dc:ae:4a:
78:e9:17:57:81:f7:c7:e0:37:a3:89:90:bf:2e:47:
ad:10:65:0c:c6:c4:e7:ec:6c:53:13:41:23:d9:76:
8e:e0:4f:b0:ce:98:d4:06:e4:a1:cb:d9:da:50:46:
cf:41:53:ee:2a:5d:13:2c:7b:42:f6:fb:00:1f:1e:
df:fa:62:41:54:98:db:96:ab:3c:a5:4d:ce:d3:3c:
a9:37:f5:67:2e:a8:05:55:a6:06:a4:08:83:6b:e9:
d0:36:f1:36:71:c5:06:b0:32:17:f7:52:84:0f:22:
22:94:57:29:4a:8c:2f:cd:1c:e7:1d:b5:13:39:49:
1c:62:cb:b4:b9:f5:99:84:c2:0c:0d:ff:1c:0d:cf:
dc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:06:E4:50:56:78:27:D8:C0:6B:21:15:71:94:FD:5C:68:76:12:D4
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e33312e302f32342d3234203d3e20313431313538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.31.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:6d:64:36:99:65:9e:49:3a:5f:66:72:24:8d:eb:17:c2:9d:
d1:f1:92:0a:b2:61:31:1c:77:b0:26:35:db:28:7e:05:a7:e5:
c3:a9:c3:31:e3:f2:c0:7a:0c:e2:41:c3:21:d0:8b:c6:8a:af:
46:ac:28:3a:af:9e:88:eb:45:22:c6:4a:23:1a:12:0e:ae:ca:
fb:6b:e8:29:aa:2a:97:f2:11:cc:7c:c4:a6:28:45:1c:42:6b:
69:16:4a:f9:3d:87:cd:ed:51:cc:f3:26:52:0f:4c:af:53:a0:
02:57:a4:44:0f:b5:99:73:59:4c:2a:8d:af:0b:ba:51:5f:d7:
91:d6:2c:8c:9c:9c:ea:a2:1d:9b:1b:f4:68:03:4d:01:68:b5:
17:a3:52:28:66:f2:e9:2d:2e:b9:7a:bd:0d:1b:77:06:af:8c:
2c:28:ae:69:fc:1c:cc:8d:c0:8f:8c:32:3c:96:a7:e7:5b:83:
04:e1:14:63:bf:f2:64:c6:2d:10:4c:9a:ab:f0:9b:a2:f9:d7:
e8:5c:8a:bb:3c:1b:2f:5c:97:b0:eb:c0:69:3a:e0:25:8e:7f:
12:30:36:d2:d7:38:6d:e4:85:76:9d:c8:88:3f:6b:de:37:2f:
ff:f3:98:81:8d:0b:96:c8:7f:80:48:e5:54:25:d8:a8:96:01:
d7:18:9f:08
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZvklQh4BmLsLnb/liqDiV7hDipAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAyMDUxMTUwMzdaFw0yNzAyMDQxMTU1MzdaMDMxMTAvBgNV
BAMTKDM2MDZFNDUwNTY3ODI3RDhDMDZCMjExNTcxOTRGRDVDNjg3NjEyRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtPlC8WU8ZLcxOF7iM3zElUerk
o7NDwijpx4F5cB8b6nfzp4ouMTsyKy0yyv9HH8/nDGXJei1xcapI/4G0ZGJ1JGUx
M8eRMQ8Vpsq1zyDwG4ly+2NLKRT+VlK3jDO6Zh7YH3q+NAdYgFhPYDsnux1uzE65
+dyuSnjpF1eB98fgN6OJkL8uR60QZQzGxOfsbFMTQSPZdo7gT7DOmNQG5KHL2dpQ
Rs9BU+4qXRMse0L2+wAfHt/6YkFUmNuWqzylTc7TPKk39WcuqAVVpgakCINr6dA2
8TZxxQawMhf3UoQPIiKUVylKjC/NHOcdtRM5SRxiy7S59ZmEwgwN/xwNz9yBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNgbkUFZ4J9jAayEVcZT9XGh2EtQwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMzMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMxMzEzNTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYfMA0GCSqGSIb3DQEBCwUAA4IBAQC7bWQ2mWWeSTpfZnIkjesXwp3R8ZIKsmEx
HHewJjXbKH4Fp+XDqcMx4/LAegziQcMh0IvGiq9GrCg6r56I60UixkojGhIOrsr7
a+gpqiqX8hHMfMSmKEUcQmtpFkr5PYfN7VHM8yZSD0yvU6ACV6RED7WZc1lMKo2v
C7pRX9eR1iyMnJzqoh2bG/RoA00BaLUXo1IoZvLpLS65er0NG3cGr4wsKK5p/BzM
jcCPjDI8lqfnW4ME4RRjv/Jkxi0QTJqr8Jui+dfoXIq7PBsvXJew68BpOuAljn8S
MDbS1zht5IV2nciIP2veNy//85iBjQuWyH+ASOVUJdiolgHXGJ8I
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:44:13 2026 by rpki-client