Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32372e302f32342d3234203d3e20323036313336.roa
File: 38372e3235342e32372e302f32342d3234203d3e20323036313336.roa (raw, json)
Hash identifier: JzFwyOYzVK25Z09X3NCkKQHCSO5Wep/1CMAuENJROT8=
Subject key identifier: 39:35:CD:51:DA:BC:66:6B:0C:0B:08:10:1E:62:D2:60:51:AA:07:3E
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 2EFCA3AFEEBC14DF32A218E125727039A5A5559A
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32372e302f32342d3234203d3e20323036313336.roa
Signing time: Thu 14 May 2026 07:44:28 +0000
ROA not before: Thu 14 May 2026 07:39:28 +0000
ROA not after: Thu 13 May 2027 07:44:28 +0000
asID: 206136
IP address blocks: 87.254.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:fc:a3:af:ee:bc:14:df:32:a2:18:e1:25:72:70:39:a5:a5:55:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: May 14 07:39:28 2026 GMT
Not After : May 13 07:44:28 2027 GMT
Subject: CN=3935CD51DABC666B0C0B08101E62D26051AA073E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:43:bf:94:92:8d:77:68:95:b3:03:3b:e6:22:
2e:cf:90:99:54:63:13:5d:13:83:78:7f:9f:42:4d:
e8:81:b6:9e:92:2f:de:34:50:2a:d3:8d:11:4d:13:
6e:3d:6c:af:ca:04:86:97:0e:d0:a2:1c:28:27:c7:
20:84:95:7b:08:7c:1d:4c:62:df:de:8d:a4:e4:bf:
a7:46:db:c0:79:90:a3:58:17:66:e1:6a:d1:72:b4:
fc:83:7d:6e:7d:cc:56:32:1a:9a:11:59:c7:aa:2a:
03:2e:f6:80:36:d6:10:32:6a:0d:69:12:c7:bc:95:
d7:40:84:7f:2d:be:e5:a2:57:f4:2b:ca:b4:32:19:
8b:6c:58:29:10:a1:06:f3:ed:61:ca:c9:0e:e0:fe:
9a:d3:44:e9:ee:ed:03:d6:cb:ba:db:d9:96:7f:1c:
4e:c7:e6:d7:9f:c8:46:d2:3e:e2:09:0c:6b:45:1f:
61:9e:2a:ab:15:0a:66:a9:e1:54:f3:48:32:1e:ea:
12:c8:c3:80:39:2b:95:33:d6:c4:67:06:b9:9e:6c:
d5:a0:41:41:39:84:0a:8e:31:74:33:ff:b3:9d:71:
60:b4:01:d5:7a:c7:46:88:e0:c0:77:01:2d:6b:2a:
50:8f:02:52:2f:a9:3a:4c:da:7c:c5:31:12:66:4f:
eb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:35:CD:51:DA:BC:66:6B:0C:0B:08:10:1E:62:D2:60:51:AA:07:3E
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e32372e302f32342d3234203d3e20323036313336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.27.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:23:75:2d:b6:ad:7f:e6:0b:c3:83:fc:b8:1c:b1:88:90:a4:
ff:e9:c4:4b:22:c1:0c:ab:27:8f:9f:93:e6:14:fe:26:37:c3:
49:da:df:37:37:76:fb:36:90:4e:cd:a4:50:24:70:4a:1b:12:
3c:fe:d5:ce:c7:13:8a:9e:a3:72:38:b5:17:78:19:18:3e:bd:
d5:88:4a:4e:18:78:49:e1:9d:58:1a:8e:f3:fb:e2:24:97:09:
de:b0:f4:84:66:d6:41:ec:41:d1:cd:36:07:ce:71:f1:03:25:
aa:ac:8f:a8:31:57:6d:6d:e7:60:00:45:9e:0f:f5:cf:7e:79:
94:52:d3:59:e8:3d:2d:08:47:6c:95:ee:20:78:ee:60:88:73:
e7:49:41:bc:2f:bf:81:d6:36:fe:f4:ff:0d:c4:61:a5:fa:b9:
c3:ec:52:a4:f5:b2:81:86:33:78:fa:96:1a:e6:c1:ee:8f:65:
60:31:1a:f3:b1:cf:fb:7e:08:2d:b3:8f:50:9f:f2:f8:29:e2:
36:cf:59:c5:95:ad:ff:6f:c6:ef:d5:81:9a:5b:79:f5:f2:de:
14:17:55:f4:d5:3f:38:55:a5:0c:cf:cc:c4:f5:51:f3:1a:75:
53:50:ea:9c:19:f7:f9:96:22:d7:14:d8:f5:c0:45:74:7c:f4:
f9:bd:41:93
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULvyjr+68FN8yohjhJXJwOaWlVZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjA1MTQwNzM5MjhaFw0yNzA1MTMwNzQ0MjhaMDMxMTAvBgNV
BAMTKDM5MzVDRDUxREFCQzY2NkIwQzBCMDgxMDFFNjJEMjYwNTFBQTA3M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVQ7+Uko13aJWzAzvmIi7PkJlU
YxNdE4N4f59CTeiBtp6SL940UCrTjRFNE249bK/KBIaXDtCiHCgnxyCElXsIfB1M
Yt/ejaTkv6dG28B5kKNYF2bhatFytPyDfW59zFYyGpoRWceqKgMu9oA21hAyag1p
Ese8lddAhH8tvuWiV/QryrQyGYtsWCkQoQbz7WHKyQ7g/prTROnu7QPWy7rb2ZZ/
HE7H5tefyEbSPuIJDGtFH2GeKqsVCmap4VTzSDIe6hLIw4A5K5Uz1sRnBrmebNWg
QUE5hAqOMXQz/7OdcWC0AdV6x0aI4MB3AS1rKlCPAlIvqTpM2nzFMRJmT+vBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOTXNUdq8ZmsMCwgQHmLSYFGqBz4wHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzgzNzJlMzIzNTM0MmUzMjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzEzMzM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
V/4bMA0GCSqGSIb3DQEBCwUAA4IBAQAOI3Uttq1/5gvDg/y4HLGIkKT/6cRLIsEM
qyePn5PmFP4mN8NJ2t83N3b7NpBOzaRQJHBKGxI8/tXOxxOKnqNyOLUXeBkYPr3V
iEpOGHhJ4Z1YGo7z++IklwnesPSEZtZB7EHRzTYHznHxAyWqrI+oMVdtbedgAEWe
D/XPfnmUUtNZ6D0tCEdsle4geO5giHPnSUG8L7+B1jb+9P8NxGGl+rnD7FKk9bKB
hjN4+pYa5sHuj2VgMRrzsc/7fggts49Qn/L4KeI2z1nFla3/b8bv1YGaW3n18t4U
F1X01T84VaUMz8zE9VHzGnVTUOqcGff5liLXFNj1wEV0fPT5vUGT
-----END CERTIFICATE-----
Generated at Wed Jun 3 08:51:00 2026 by rpki-client