Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32342e302f32342d3234203d3e20323036313336.roa
File: 38372e3235342e32342e302f32342d3234203d3e20323036313336.roa (raw, json)
Hash identifier: bbQ31pjEJ7Unv83rj6JC1Rwyv1NsZ2cXmXyZK0zpF/s=
Subject key identifier: 21:40:3B:63:9B:85:B8:B6:0F:2D:68:C9:E4:50:16:0A:87:01:13:CB
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 4694079156C5E2DF20275A9A8EFEF7ADA75657BE
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32342e302f32342d3234203d3e20323036313336.roa
Signing time: Thu 14 May 2026 07:44:27 +0000
ROA not before: Thu 14 May 2026 07:39:27 +0000
ROA not after: Thu 13 May 2027 07:44:27 +0000
asID: 206136
IP address blocks: 87.254.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:94:07:91:56:c5:e2:df:20:27:5a:9a:8e:fe:f7:ad:a7:56:57:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: May 14 07:39:27 2026 GMT
Not After : May 13 07:44:27 2027 GMT
Subject: CN=21403B639B85B8B60F2D68C9E450160A870113CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:20:89:d1:42:c4:74:3a:5d:b7:e6:c4:04:52:
55:3b:19:85:79:92:48:71:e2:f1:8e:49:ee:c4:bd:
be:d0:ef:58:f0:ce:5d:ea:58:50:4f:2d:fd:a0:6b:
b2:b1:f8:77:85:e4:1a:92:f0:e3:ad:dd:d4:95:9e:
55:5e:f8:5c:26:ee:ca:1f:7d:95:df:49:b3:d0:a8:
d6:67:e5:1b:53:7d:2f:94:84:c3:b0:bc:96:0e:c2:
fb:f3:be:89:94:5a:44:fa:97:29:1f:fc:bd:fd:a5:
bc:1b:2d:fc:56:ee:fc:f7:59:54:79:67:48:62:04:
d3:ed:8f:8e:c1:41:b6:3c:88:76:a8:d1:34:ed:d2:
a4:29:f6:ff:33:cb:11:b9:85:5c:de:cc:0e:5b:14:
21:4f:a5:bb:d7:e9:3c:75:e9:1e:7b:80:a5:57:93:
c3:05:6e:96:ca:56:95:87:cf:1f:52:d2:69:87:7d:
4f:59:e2:d0:40:15:84:6e:4d:72:12:89:44:62:5c:
19:40:94:99:66:a2:e1:8d:aa:97:56:73:1d:27:44:
9d:0a:2f:01:53:63:6b:0a:22:80:19:bf:5c:9b:53:
37:f5:74:db:a9:dc:aa:be:4d:21:19:c0:0e:21:53:
d2:d3:67:7a:ff:36:e1:ef:cf:91:3c:63:6e:64:42:
01:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:40:3B:63:9B:85:B8:B6:0F:2D:68:C9:E4:50:16:0A:87:01:13:CB
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32342e302f32342d3234203d3e20323036313336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.24.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ff:ed:f5:ea:8c:ad:d8:b6:36:42:3a:36:cb:00:95:2b:78:
65:e2:f8:58:66:9d:12:e1:c5:ff:f3:8e:0f:d2:67:d0:22:4a:
fe:ba:2b:e9:2c:80:6d:77:2a:38:26:95:f8:c1:8f:a1:63:81:
cd:55:9c:af:83:60:96:76:42:87:f6:ce:c9:14:b6:68:5a:0a:
48:54:97:0d:ff:00:f1:99:b8:13:bf:d8:bf:54:d7:47:21:31:
31:4a:f3:f5:76:6e:39:7a:69:9f:6b:45:0b:8c:b4:cb:79:ee:
28:f9:19:2c:da:67:24:cb:0d:83:e9:7b:47:68:fb:ae:63:c6:
56:4f:f5:b6:07:c1:8c:c8:04:59:53:8d:45:9d:84:c2:54:c6:
8a:a4:e9:74:1b:f6:1f:62:cd:8b:ed:ba:d7:b1:f8:69:8a:f2:
8e:66:49:42:2f:45:e5:00:14:48:07:9a:37:40:89:e5:e6:9a:
d1:04:76:67:e0:44:92:54:7e:4b:56:2d:14:d2:88:db:db:21:
92:ca:43:4b:c3:0f:f8:8f:25:04:b6:0d:4f:71:e5:04:1b:79:
c0:0a:fb:3e:d3:e4:7d:37:e5:28:62:04:f1:07:5d:66:f6:9a:
d1:6f:aa:25:50:99:8b:82:d2:02:bc:9d:9d:54:32:63:c8:57:
78:ec:dd:20
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURpQHkVbF4t8gJ1qajv73radWV74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjA1MTQwNzM5MjdaFw0yNzA1MTMwNzQ0MjdaMDMxMTAvBgNV
BAMTKDIxNDAzQjYzOUI4NUI4QjYwRjJENjhDOUU0NTAxNjBBODcwMTEzQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwIInRQsR0Ol235sQEUlU7GYV5
kkhx4vGOSe7Evb7Q71jwzl3qWFBPLf2ga7Kx+HeF5BqS8OOt3dSVnlVe+Fwm7sof
fZXfSbPQqNZn5RtTfS+UhMOwvJYOwvvzvomUWkT6lykf/L39pbwbLfxW7vz3WVR5
Z0hiBNPtj47BQbY8iHao0TTt0qQp9v8zyxG5hVzezA5bFCFPpbvX6Tx16R57gKVX
k8MFbpbKVpWHzx9S0mmHfU9Z4tBAFYRuTXISiURiXBlAlJlmouGNqpdWcx0nRJ0K
LwFTY2sKIoAZv1ybUzf1dNup3Kq+TSEZwA4hU9LTZ3r/NuHvz5E8Y25kQgEZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIUA7Y5uFuLYPLWjJ5FAWCocBE8swHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzgzNzJlMzIzNTM0MmUzMjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzEzMzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
V/4YMA0GCSqGSIb3DQEBCwUAA4IBAQAj/+316oyt2LY2Qjo2ywCVK3hl4vhYZp0S
4cX/844P0mfQIkr+uivpLIBtdyo4JpX4wY+hY4HNVZyvg2CWdkKH9s7JFLZoWgpI
VJcN/wDxmbgTv9i/VNdHITExSvP1dm45emmfa0ULjLTLee4o+Rks2mckyw2D6XtH
aPuuY8ZWT/W2B8GMyARZU41FnYTCVMaKpOl0G/YfYs2L7brXsfhpivKOZklCL0Xl
ABRIB5o3QInl5prRBHZn4ESSVH5LVi0U0ojb2yGSykNLww/4jyUEtg1PceUEG3nA
Cvs+0+R9N+UoYgTxB11m9prRb6olUJmLgtICvJ2dVDJjyFd47N0g
-----END CERTIFICATE-----
Generated at Wed Jun 3 08:49:49 2026 by rpki-client