Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234392e302f32342d3234203d3e20323035353438.roa
File: 37382e33312e3234392e302f32342d3234203d3e20323035353438.roa (raw, json)
Hash identifier: 5fpmYZRzBvkFKdsnyMVxjLpy6cIEbT9Xls3K1PEUuAQ=
Subject key identifier: BC:64:A5:35:3A:BB:5A:63:BE:82:68:E7:0C:2B:08:42:44:44:DB:5B
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4EAAAB310881D371642856425675459263B4D2F4
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234392e302f32342d3234203d3e20323035353438.roa
Signing time: Thu 11 Jun 2026 17:19:19 +0000
ROA not before: Thu 11 Jun 2026 17:14:19 +0000
ROA not after: Thu 10 Jun 2027 17:19:19 +0000
asID: 205548
IP address blocks: 78.31.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:aa:ab:31:08:81:d3:71:64:28:56:42:56:75:45:92:63:b4:d2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jun 11 17:14:19 2026 GMT
Not After : Jun 10 17:19:19 2027 GMT
Subject: CN=BC64A5353ABB5A63BE8268E70C2B08424444DB5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8f:5b:3b:52:77:15:d9:a9:43:30:bf:33:bf:
af:fa:c9:be:3c:27:60:53:c8:2a:79:ac:52:99:ed:
c3:62:d8:a0:c6:f0:22:50:ff:0e:4c:24:4d:8c:b4:
e3:1d:b1:2e:a1:6a:eb:d7:bb:3d:45:1f:70:f9:f9:
c0:c0:83:08:6b:62:ce:3c:79:c1:c3:a7:cf:f1:ff:
4c:ae:28:cf:94:95:e4:82:13:2e:02:21:01:a4:0d:
56:05:b3:fa:aa:c1:e8:ff:f7:ac:a5:ae:d9:cb:86:
58:db:65:00:4d:fc:67:87:5b:65:d3:79:ba:d6:e9:
17:00:16:86:34:3f:24:b6:cf:b3:16:1a:18:0f:5a:
0c:ce:4a:5a:36:b7:7a:1b:3b:07:98:6d:c1:7c:99:
32:24:5c:fa:50:ff:62:02:78:e0:aa:ee:23:e2:5f:
a3:39:37:a9:6e:85:df:f3:8f:9d:ce:e1:f4:67:4d:
49:9d:6e:0a:7a:d3:d0:f6:38:88:eb:79:04:df:98:
52:9b:7e:00:60:99:1d:30:9b:16:e7:f3:e4:55:54:
5e:d4:cc:74:b4:b2:e8:58:70:ad:59:0a:1d:01:11:
55:58:5f:e7:5b:a0:75:ea:97:a0:78:7e:d3:e2:7d:
16:ba:02:07:93:66:3a:de:09:a3:ff:36:dc:07:53:
93:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:64:A5:35:3A:BB:5A:63:BE:82:68:E7:0C:2B:08:42:44:44:DB:5B
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234392e302f32342d3234203d3e20323035353438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.249.0/24
Signature Algorithm: sha256WithRSAEncryption
53:b6:8d:47:3e:80:5c:b9:27:b0:36:c8:59:7e:7a:14:70:1c:
7f:3d:d2:d2:a9:23:d6:a4:ef:89:c3:63:de:4d:8e:3b:aa:ce:
cc:bf:c4:e0:78:f1:8e:3a:50:1e:59:af:9f:4a:da:54:96:2d:
18:86:d9:ee:c8:56:c5:42:27:ad:01:48:5c:de:07:dc:86:a5:
8f:f3:fa:fe:d2:ec:a8:d8:e1:2f:4a:df:8b:97:0e:e9:88:b0:
73:6b:a1:59:39:5f:6e:7a:ef:16:05:0c:60:c3:0b:b3:7d:3c:
d0:1c:7e:80:bc:d8:79:7b:df:34:73:c1:8a:d3:38:28:58:71:
e6:f3:33:0e:55:88:b0:73:c9:2f:24:cf:3f:60:6a:2f:39:26:
bf:20:be:23:c0:a9:e8:05:37:07:93:db:2f:fe:0c:5f:e6:ba:
f5:3e:97:ae:86:39:96:d8:1d:27:1c:3f:29:bb:30:c7:07:c4:
a7:f7:43:ab:b4:76:61:4a:90:b1:34:e7:79:43:4b:cb:a2:3d:
46:da:f4:8a:2b:2c:8a:16:bc:a6:3a:4d:45:c0:69:17:fc:7a:
c7:18:1e:3f:13:47:72:2c:a5:5e:50:b2:52:aa:d5:89:0b:07:
21:91:8f:f5:c6:7f:f0:c9:85:e8:bd:aa:2c:d1:45:36:96:db:
c5:e0:79:2f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTqqrMQiB03FkKFZCVnVFkmO00vQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNjA2MTExNzE0MTlaFw0yNzA2MTAxNzE5MTlaMDMxMTAvBgNV
BAMTKEJDNjRBNTM1M0FCQjVBNjNCRTgyNjhFNzBDMkIwODQyNDQ0NERCNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrj1s7UncV2alDML8zv6/6yb48
J2BTyCp5rFKZ7cNi2KDG8CJQ/w5MJE2MtOMdsS6hauvXuz1FH3D5+cDAgwhrYs48
ecHDp8/x/0yuKM+UleSCEy4CIQGkDVYFs/qqwej/96ylrtnLhljbZQBN/GeHW2XT
ebrW6RcAFoY0PyS2z7MWGhgPWgzOSlo2t3obOweYbcF8mTIkXPpQ/2ICeOCq7iPi
X6M5N6luhd/zj53O4fRnTUmdbgp609D2OIjreQTfmFKbfgBgmR0wmxbn8+RVVF7U
zHS0suhYcK1ZCh0BEVVYX+dboHXql6B4ftPifRa6AgeTZjreCaP/NtwHU5N3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvGSlNTq7WmO+gmjnDCsIQkRE21swHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzczODJlMzMzMTJlMzIzNDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM1MzUzNDM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Th/5MA0GCSqGSIb3DQEBCwUAA4IBAQBTto1HPoBcuSewNshZfnoUcBx/PdLSqSPW
pO+Jw2PeTY47qs7Mv8TgePGOOlAeWa+fStpUli0YhtnuyFbFQietAUhc3gfchqWP
8/r+0uyo2OEvSt+Llw7piLBza6FZOV9ueu8WBQxgwwuzfTzQHH6AvNh5e980c8GK
0zgoWHHm8zMOVYiwc8kvJM8/YGovOSa/IL4jwKnoBTcHk9sv/gxf5rr1PpeuhjmW
2B0nHD8puzDHB8Sn90OrtHZhSpCxNOd5Q0vLoj1G2vSKKyyKFrymOk1FwGkX/HrH
GB4/E0dyLKVeULJSqtWJCwchkY/1xn/wyYXovaos0UU2ltvF4Hkv
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:55:16 2026 by rpki-client