Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e33302e302f32342d3234203d3e20343031323933.roa
File: 38372e3235342e33302e302f32342d3234203d3e20343031323933.roa (raw, json)
Hash identifier: cG6Y2sScw5gP4svJgcfFkXsy8sYFo7Vgb9i6WanPeyc=
Subject key identifier: 13:18:BF:9F:34:91:1F:96:6A:F1:08:AE:6C:9E:4B:36:D1:9A:B9:6A
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 135820EC7DB17295368779C926C217C99571D150
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e33302e302f32342d3234203d3e20343031323933.roa
Signing time: Thu 02 Apr 2026 10:22:06 +0000
ROA not before: Thu 02 Apr 2026 10:17:06 +0000
ROA not after: Thu 01 Apr 2027 10:22:06 +0000
asID: 401293
IP address blocks: 87.254.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 Apr 2026 16:20:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:58:20:ec:7d:b1:72:95:36:87:79:c9:26:c2:17:c9:95:71:d1:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: Apr 2 10:17:06 2026 GMT
Not After : Apr 1 10:22:06 2027 GMT
Subject: CN=1318BF9F34911F966AF108AE6C9E4B36D19AB96A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:22:ea:45:2d:62:c6:24:01:01:44:85:96:be:
cd:4b:43:dd:f8:87:82:c4:97:57:32:e4:a4:0f:70:
0d:bc:e5:e4:8d:5f:d1:32:32:de:af:b1:08:ac:04:
c3:5a:49:6c:93:88:93:d1:22:4a:6c:84:28:e1:0b:
5c:23:89:e6:4a:82:d1:c8:3b:34:98:71:0c:f1:ad:
f5:fb:a7:ff:4a:3a:67:47:0a:af:9e:e7:3e:9a:fe:
69:9d:b5:ac:ed:0c:89:7b:16:0b:47:2c:e5:1c:e4:
17:d1:7e:d3:a2:9a:9b:88:03:f0:f8:f5:e1:d1:bc:
64:71:c6:cb:82:8d:44:05:10:22:74:a7:c0:4b:45:
ad:e9:8d:23:1e:e7:f5:17:89:23:be:2a:9c:c4:26:
5e:72:bb:f5:f6:5d:22:e9:06:a0:22:a3:fc:a5:f5:
77:6a:49:3c:fe:c6:be:b2:f1:db:f5:7d:77:eb:d8:
16:2c:88:4a:07:8c:3d:c1:1a:18:a3:09:ae:3c:56:
18:17:8c:f6:83:9a:79:f1:f5:8d:8c:05:88:41:1d:
4c:7c:a5:94:bc:ee:1a:b6:16:b4:e1:d2:56:29:2a:
24:e7:0d:c5:ff:cd:26:d2:36:d1:24:f8:06:9c:64:
53:35:2b:ff:bf:3e:8a:20:ae:ad:26:98:6b:ac:67:
44:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:18:BF:9F:34:91:1F:96:6A:F1:08:AE:6C:9E:4B:36:D1:9A:B9:6A
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/38372e3235342e33302e302f32342d3234203d3e20343031323933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.30.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:da:ff:18:8b:32:19:b5:60:41:bd:cb:f0:cb:a8:15:18:4e:
e9:03:27:5e:a6:48:46:fb:c0:2a:5b:f4:f1:1b:ca:8a:fe:4c:
b6:ad:29:20:c4:ba:91:2b:04:da:64:25:d1:2b:c6:00:9f:a4:
f2:d0:98:84:ca:21:ab:0d:e2:ed:79:23:5a:cc:fb:df:38:e6:
f5:40:c9:92:b8:1c:1c:89:c6:36:07:cd:ef:da:ae:9e:47:96:
64:90:2e:9e:b6:59:fc:df:ef:04:4e:9e:3c:5a:85:28:0e:f8:
b0:bf:ca:49:f2:92:49:e4:56:f4:e1:d0:73:a1:91:9b:21:b8:
6d:74:da:63:58:cf:a0:2f:00:69:18:9b:9f:7c:b3:8b:e9:c8:
e8:56:a0:4a:a1:c7:d9:1b:d9:64:c9:2b:7d:e1:b7:9e:47:bf:
c8:8d:c8:c9:72:cd:c9:39:ed:ea:95:c0:b7:b5:76:34:24:02:
81:de:9a:26:7c:47:89:25:57:66:6b:1d:fa:a5:12:18:04:c0:
41:12:a8:64:31:bd:97:46:f6:89:af:4f:c1:9f:38:cd:69:a9:
5c:34:bd:6c:05:2e:ac:b5:d7:c4:24:e0:72:b0:0a:07:ca:b7:
57:68:02:86:ae:22:fd:cd:43:72:36:42:7b:f7:d1:77:e2:87:
b8:cd:55:86
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUE1gg7H2xcpU2h3nJJsIXyZVx0VAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjA0MDIxMDE3MDZaFw0yNzA0MDExMDIyMDZaMDMxMTAvBgNV
BAMTKDEzMThCRjlGMzQ5MTFGOTY2QUYxMDhBRTZDOUU0QjM2RDE5QUI5NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHIupFLWLGJAEBRIWWvs1LQ934
h4LEl1cy5KQPcA285eSNX9EyMt6vsQisBMNaSWyTiJPRIkpshCjhC1wjieZKgtHI
OzSYcQzxrfX7p/9KOmdHCq+e5z6a/mmdtaztDIl7FgtHLOUc5BfRftOimpuIA/D4
9eHRvGRxxsuCjUQFECJ0p8BLRa3pjSMe5/UXiSO+KpzEJl5yu/X2XSLpBqAio/yl
9XdqSTz+xr6y8dv1fXfr2BYsiEoHjD3BGhijCa48VhgXjPaDmnnx9Y2MBYhBHUx8
pZS87hq2FrTh0lYpKiTnDcX/zSbSNtEk+AacZFM1K/+/Poogrq0mmGusZ0TbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUExi/nzSRH5Zq8QiubJ5LNtGauWowHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzgzNzJlMzIzNTM0MmUzMzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMxMzIzOTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
V/4eMA0GCSqGSIb3DQEBCwUAA4IBAQAM2v8YizIZtWBBvcvwy6gVGE7pAydepkhG
+8AqW/TxG8qK/ky2rSkgxLqRKwTaZCXRK8YAn6Ty0JiEyiGrDeLteSNazPvfOOb1
QMmSuBwcicY2B83v2q6eR5ZkkC6etln83+8ETp48WoUoDviwv8pJ8pJJ5Fb04dBz
oZGbIbhtdNpjWM+gLwBpGJuffLOL6cjoVqBKocfZG9lkySt94beeR7/IjcjJcs3J
Oe3qlcC3tXY0JAKB3pomfEeJJVdmax36pRIYBMBBEqhkMb2XRvaJr0/BnzjNaalc
NL1sBS6stdfEJOBysAoHyrdXaAKGriL9zUNyNkJ799F34oe4zVWG
-----END CERTIFICATE-----
Generated at Sat Apr 11 01:28:57 2026 by rpki-client