Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32322e302f32332d3234203d3e20323735373134.roa
File: 38372e3235342e32322e302f32332d3234203d3e20323735373134.roa (raw, json)
Hash identifier: Q017uW83uFb8COwcV2Dq8d6iP2iHdliF99e4gCzHkCU=
Subject key identifier: 82:E6:3B:75:9D:10:43:97:33:E1:83:45:BA:FD:A0:8F:0D:75:A3:AC
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 48049166DE12BF3515A843FFE9A9F6DB8120473C
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32322e302f32332d3234203d3e20323735373134.roa
Signing time: Mon 01 Jun 2026 15:19:18 +0000
ROA not before: Mon 01 Jun 2026 15:14:18 +0000
ROA not after: Mon 31 May 2027 15:19:18 +0000
asID: 275714
IP address blocks: 87.254.22.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 20:36:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:04:91:66:de:12:bf:35:15:a8:43:ff:e9:a9:f6:db:81:20:47:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: Jun 1 15:14:18 2026 GMT
Not After : May 31 15:19:18 2027 GMT
Subject: CN=82E63B759D10439733E18345BAFDA08F0D75A3AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:49:62:64:21:eb:b0:9e:00:78:16:7d:3a:60:
d0:4d:db:0d:a4:0c:6e:90:fd:87:99:dc:ed:1a:f8:
70:69:2b:48:ba:20:0e:fe:60:52:4a:b4:9e:19:6e:
38:0a:2d:96:0b:94:3b:e3:fe:2b:0b:ef:a1:d4:56:
4a:4f:0a:24:34:4d:33:22:5e:99:8a:70:b4:54:4d:
af:a8:ce:03:ff:ce:7c:cd:99:3d:9a:2c:a3:15:b0:
94:74:31:cb:0d:2f:35:a5:44:20:81:8d:4a:db:60:
07:65:6d:c1:0b:19:33:54:16:c8:64:39:ee:57:76:
71:5b:d5:73:64:c2:96:2b:e3:89:7a:96:1c:cb:1a:
18:fd:88:0f:72:b1:48:f4:17:5c:91:4f:d3:9f:a3:
a6:ac:b3:2e:af:8e:63:7f:c3:75:f7:09:f7:58:60:
e8:8d:6f:45:ba:57:ec:7e:15:2a:40:a1:29:d5:5e:
b6:da:82:c7:ba:c6:8a:11:dc:ec:94:62:42:4f:30:
a6:bf:1d:fb:43:e2:53:1a:5c:45:05:6a:84:9e:e4:
82:22:f8:2a:1e:c5:4e:c0:3d:6f:7a:36:84:19:7b:
48:01:5b:f0:7f:2f:d0:31:5b:96:fd:30:6a:83:4c:
6b:d8:2b:c0:9f:2b:7c:dd:21:30:d6:4d:f2:f5:61:
b3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E6:3B:75:9D:10:43:97:33:E1:83:45:BA:FD:A0:8F:0D:75:A3:AC
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32322e302f32332d3234203d3e20323735373134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.22.0/23
Signature Algorithm: sha256WithRSAEncryption
05:f7:20:ab:cf:18:fb:10:c9:65:9d:ac:7a:77:66:17:0c:e3:
26:fe:a9:d0:08:b7:ac:37:40:ae:08:f3:e9:be:41:29:7f:13:
63:51:fb:25:83:76:3f:f4:ea:10:54:84:3e:c8:e9:0e:a6:db:
34:66:00:1b:ac:79:68:47:a4:c7:3e:87:a4:85:a3:de:12:41:
6b:78:3f:5c:b5:e5:57:19:bf:92:5f:aa:ca:e9:9c:a9:7a:6f:
be:d7:50:7c:26:15:01:ef:58:c5:0f:c2:6d:f1:05:0b:cd:c5:
0f:a8:0c:7d:29:0e:57:35:44:e8:19:17:5d:ad:05:02:5f:0b:
b7:be:d7:87:57:77:e0:a4:13:06:5f:85:c0:38:33:ab:89:83:
d6:66:06:d4:c3:2b:bb:e4:00:98:a2:7f:be:8d:cf:0c:fb:1b:
65:78:4a:cc:d6:1d:9f:3f:1c:74:1c:d6:df:f6:a3:ea:18:8c:
26:50:8e:72:51:d8:86:24:26:ef:e4:96:56:a2:83:fd:d9:4c:
5f:8e:6e:f0:21:95:9a:85:c7:11:d9:a3:72:37:65:57:df:dd:
24:f9:0a:ed:e6:8f:58:88:e3:dc:3b:a6:18:ff:36:18:04:06:
b4:20:e0:42:ea:2a:aa:5f:51:31:f6:24:eb:59:57:c0:73:0d:
0f:1a:11:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSASRZt4SvzUVqEP/6an224EgRzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjA2MDExNTE0MThaFw0yNzA1MzExNTE5MThaMDMxMTAvBgNV
BAMTKDgyRTYzQjc1OUQxMDQzOTczM0UxODM0NUJBRkRBMDhGMEQ3NUEzQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzSWJkIeuwngB4Fn06YNBN2w2k
DG6Q/YeZ3O0a+HBpK0i6IA7+YFJKtJ4ZbjgKLZYLlDvj/isL76HUVkpPCiQ0TTMi
XpmKcLRUTa+ozgP/znzNmT2aLKMVsJR0McsNLzWlRCCBjUrbYAdlbcELGTNUFshk
Oe5XdnFb1XNkwpYr44l6lhzLGhj9iA9ysUj0F1yRT9Ofo6assy6vjmN/w3X3CfdY
YOiNb0W6V+x+FSpAoSnVXrbagse6xooR3OyUYkJPMKa/HftD4lMaXEUFaoSe5IIi
+CoexU7APW96NoQZe0gBW/B/L9AxW5b9MGqDTGvYK8CfK3zdITDWTfL1YbPlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUguY7dZ0QQ5cz4YNFuv2gjw11o6wwHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzgzNzJlMzIzNTM0MmUzMjMy
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNzM1MzczMTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
V/4WMA0GCSqGSIb3DQEBCwUAA4IBAQAF9yCrzxj7EMllnax6d2YXDOMm/qnQCLes
N0CuCPPpvkEpfxNjUfslg3Y/9OoQVIQ+yOkOpts0ZgAbrHloR6THPoekhaPeEkFr
eD9cteVXGb+SX6rK6Zypem++11B8JhUB71jFD8Jt8QULzcUPqAx9KQ5XNUToGRdd
rQUCXwu3vteHV3fgpBMGX4XAODOriYPWZgbUwyu75ACYon++jc8M+xtleErM1h2f
Pxx0HNbf9qPqGIwmUI5yUdiGJCbv5JZWooP92Uxfjm7wIZWahccR2aNyN2VX390k
+Qrt5o9YiOPcO6YY/zYYBAa0IOBC6iqqX1Ex9iTrWVfAcw0PGhHH
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:00:05 2026 by rpki-client