Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32332e302f32342d3234203d3e20323135363732.roa
File: 38372e3235342e32332e302f32342d3234203d3e20323135363732.roa (raw, json)
Hash identifier: /+BmUmf76rxab9lMUlp4SDJKTX/siHkrnlzW84acgzo=
Subject key identifier: 37:B8:6D:DD:57:8B:EB:82:B8:7F:A3:34:F9:36:93:22:C2:A9:89:D7
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 1B86EF9F84140766A543D6AE5AEC3C6CF54CBF6C
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32332e302f32342d3234203d3e20323135363732.roa
Signing time: Mon 02 Mar 2026 11:38:36 +0000
ROA not before: Mon 02 Mar 2026 11:33:36 +0000
ROA not after: Mon 01 Mar 2027 11:38:36 +0000
asID: 215672
IP address blocks: 87.254.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:86:ef:9f:84:14:07:66:a5:43:d6:ae:5a:ec:3c:6c:f5:4c:bf:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: Mar 2 11:33:36 2026 GMT
Not After : Mar 1 11:38:36 2027 GMT
Subject: CN=37B86DDD578BEB82B87FA334F9369322C2A989D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:30:26:cf:35:93:c1:a4:0a:04:b9:58:bf:b3:
be:46:f7:5f:5a:6e:df:b7:99:df:ee:e7:fe:09:c4:
f3:95:b4:be:25:2b:bb:5a:47:48:37:cb:9b:8a:07:
ea:21:95:47:f4:f5:93:e5:5e:df:0b:7d:ca:88:7b:
25:4a:50:96:3c:05:a6:bc:3c:80:19:ea:f5:5a:31:
23:fc:63:dc:32:e5:c6:aa:89:22:52:e7:ad:45:86:
07:be:6c:16:71:6c:bb:7e:d0:53:9b:56:ea:0b:4d:
1a:cf:12:2a:4f:9d:e9:9e:e6:65:75:35:28:70:23:
e6:8d:ca:d2:ad:45:b6:b3:fc:e5:2a:0f:6f:0a:9d:
46:a2:c6:bc:fe:72:51:15:b5:94:56:80:ea:39:44:
ff:73:b8:14:98:79:c5:9f:1d:4b:54:f2:99:48:7c:
e0:eb:20:36:7c:f7:26:ca:4f:5e:c4:b5:cc:20:43:
94:c5:54:57:2b:a0:ef:0a:4a:c8:d9:75:15:a3:d3:
c4:b6:a7:bd:32:0d:c1:ad:8c:2d:30:93:0b:b1:02:
c4:39:cc:8e:b0:85:37:e8:71:df:4e:3c:73:71:16:
e9:86:c2:59:d7:f6:4c:3a:42:84:e2:0c:d7:14:c5:
74:14:fe:e0:97:c5:57:4b:05:2f:fd:4a:29:af:0f:
b5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B8:6D:DD:57:8B:EB:82:B8:7F:A3:34:F9:36:93:22:C2:A9:89:D7
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32332e302f32342d3234203d3e20323135363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.23.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:fb:73:7b:71:94:7c:3e:4a:30:ec:81:ee:2c:d6:49:21:96:
1e:75:cf:9f:15:34:66:9b:fc:a5:61:4c:25:ba:ec:f3:20:83:
89:bf:b6:5b:81:e8:36:01:6f:9a:d4:bd:cc:39:6a:3d:3b:49:
f9:81:c5:01:30:4b:ea:8b:64:fc:12:4e:33:67:f4:10:62:ed:
0b:35:0d:64:e4:9b:00:62:2f:c2:df:ba:a4:52:4b:f5:a2:9b:
04:e4:0b:db:bf:4e:fc:af:27:70:cc:c8:80:cb:7e:36:ab:8f:
d4:48:bc:5a:5e:a0:db:43:cd:d2:1c:bb:bc:00:ad:23:3f:f5:
8b:9f:e5:00:37:c2:06:74:d7:c3:26:76:f5:cf:30:66:2e:7b:
51:4c:9b:e2:bb:ec:cb:8c:45:3e:2d:00:7b:97:17:0a:91:51:
38:df:99:01:6d:8d:ef:8c:1d:76:17:f2:50:36:3f:4b:83:39:
8d:3f:43:02:0c:bd:25:33:7e:00:55:3c:b9:e7:40:c1:30:08:
f0:3c:47:87:e0:d8:16:5e:83:98:87:9a:f0:24:0c:c3:91:33:
82:54:13:b5:c9:91:61:3a:ae:a3:7e:a2:30:61:ab:db:91:30:
4a:dd:68:5e:01:3a:0b:83:5b:46:35:74:42:55:43:f1:b9:68:
98:15:cd:52
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUG4bvn4QUB2alQ9auWuw8bPVMv2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjAzMDIxMTMzMzZaFw0yNzAzMDExMTM4MzZaMDMxMTAvBgNV
BAMTKDM3Qjg2RERENTc4QkVCODJCODdGQTMzNEY5MzY5MzIyQzJBOTg5RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFMCbPNZPBpAoEuVi/s75G919a
bt+3md/u5/4JxPOVtL4lK7taR0g3y5uKB+ohlUf09ZPlXt8LfcqIeyVKUJY8Baa8
PIAZ6vVaMSP8Y9wy5caqiSJS561Fhge+bBZxbLt+0FObVuoLTRrPEipPneme5mV1
NShwI+aNytKtRbaz/OUqD28KnUaixrz+clEVtZRWgOo5RP9zuBSYecWfHUtU8plI
fODrIDZ89ybKT17EtcwgQ5TFVFcroO8KSsjZdRWj08S2p70yDcGtjC0wkwuxAsQ5
zI6whTfocd9OPHNxFumGwlnX9kw6QoTiDNcUxXQU/uCXxVdLBS/9SimvD7WBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUN7ht3VeL64K4f6M0+TaTIsKpidcwHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzgzNzJlMzIzNTM0MmUzMjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzYzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
V/4XMA0GCSqGSIb3DQEBCwUAA4IBAQA6+3N7cZR8Pkow7IHuLNZJIZYedc+fFTRm
m/ylYUwluuzzIIOJv7Zbgeg2AW+a1L3MOWo9O0n5gcUBMEvqi2T8Ek4zZ/QQYu0L
NQ1k5JsAYi/C37qkUkv1opsE5Avbv078rydwzMiAy342q4/USLxaXqDbQ83SHLu8
AK0jP/WLn+UAN8IGdNfDJnb1zzBmLntRTJviu+zLjEU+LQB7lxcKkVE435kBbY3v
jB12F/JQNj9LgzmNP0MCDL0lM34AVTy550DBMAjwPEeH4NgWXoOYh5rwJAzDkTOC
VBO1yZFhOq6jfqIwYavbkTBK3WheAToLg1tGNXRCVUPxuWiYFc1S
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:32:39 2026 by rpki-client