Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3138392e302f32342d3234203d3e20313335333931.roa
File: 3137382e3230382e3138392e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: S3Q96syRkqRO68ZEFUXPklBGTR1v1HlovZuo9m2KLpw=
Subject key identifier: BE:BF:B3:1B:1A:57:03:85:C7:33:8F:4B:59:D1:17:80:38:9F:39:7D
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 3A46EF839D5D3808A6709A1BBE869B9108B3339B
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3138392e302f32342d3234203d3e20313335333931.roa
Signing time: Mon 02 Feb 2026 03:55:36 +0000
ROA not before: Mon 02 Feb 2026 03:50:36 +0000
ROA not after: Mon 01 Feb 2027 03:55:36 +0000
asID: 135391
IP address blocks: 178.208.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 19:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:46:ef:83:9d:5d:38:08:a6:70:9a:1b:be:86:9b:91:08:b3:33:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: Feb 2 03:50:36 2026 GMT
Not After : Feb 1 03:55:36 2027 GMT
Subject: CN=BEBFB31B1A570385C7338F4B59D11780389F397D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:99:78:82:32:86:07:c2:ed:07:ea:ef:c5:f6:
2b:cb:21:44:35:d0:22:ca:f4:f1:b2:1f:fc:39:c2:
24:8c:46:f8:25:38:9c:ae:08:b7:96:f0:18:5f:1e:
26:27:48:be:a1:4a:58:b1:7d:b5:ab:ee:25:26:01:
64:61:1a:4c:90:1d:ea:4d:12:6a:b6:26:b6:1f:8f:
d7:91:41:f0:da:5f:67:ff:6b:cf:f0:8e:5a:93:74:
23:2a:10:77:4b:fd:aa:7c:2f:b0:c7:58:7a:7c:47:
b0:0e:d0:94:f3:52:25:76:f3:f4:78:4c:79:ce:39:
5e:f5:b0:55:19:a7:65:63:97:35:ac:27:9e:84:42:
ce:84:a1:68:13:3a:bc:0d:d0:8b:d6:a4:e4:a4:25:
79:21:29:56:18:25:25:95:ff:9f:fc:64:97:78:90:
68:29:24:14:be:5d:88:cd:b6:12:56:79:38:65:b0:
30:80:00:0d:71:cc:e9:47:c4:f2:1d:9c:3a:4d:90:
ca:b7:58:fe:c2:f3:25:61:08:38:de:39:2a:e5:cb:
45:dd:5f:37:03:b6:c9:5e:3d:4d:6b:71:5b:cb:55:
41:fa:bc:14:b1:5e:0e:60:ca:c1:4c:57:09:2d:6e:
65:3a:69:2e:63:f4:2d:11:16:60:ac:54:5e:c9:ad:
4d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:BF:B3:1B:1A:57:03:85:C7:33:8F:4B:59:D1:17:80:38:9F:39:7D
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3138392e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.189.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:93:97:55:36:fe:ec:c0:67:e8:66:eb:96:b4:ec:8d:8a:2c:
b8:8c:e4:3f:eb:4d:b2:cc:7d:5b:50:19:35:c3:44:16:29:2e:
1b:cd:c3:89:c3:6a:3e:9b:3b:d3:4e:49:b0:c9:56:95:a8:13:
8e:59:03:2b:98:f4:70:0d:53:d6:23:10:73:17:d1:90:9f:6c:
90:f6:a9:60:69:5f:1a:fb:29:e5:9a:35:8c:ed:75:8d:9b:d3:
98:b8:55:38:f6:23:ff:15:ae:48:13:1a:2c:b7:61:9c:ee:02:
f8:49:b7:8d:86:2b:99:99:1b:a2:c6:ef:b6:a0:3e:83:d5:27:
68:22:be:a9:b1:07:24:09:91:cb:b7:28:b5:a7:3d:d6:21:98:
49:a1:bc:6e:3b:91:1a:1e:c5:af:be:a3:cc:de:db:ab:16:63:
57:7b:2b:2c:6f:72:49:3f:24:7d:a4:c9:14:cf:a8:78:bb:08:
b0:c1:58:f0:bb:9d:24:b6:2f:09:fb:2e:13:c0:d6:15:fd:50:
24:19:00:ab:44:b5:c0:9d:69:6e:97:66:33:49:82:09:54:e7:
c8:c4:54:7b:ac:ef:11:46:e7:8f:78:34:1c:d5:a0:ac:2d:05:
e8:9f:d7:21:16:c6:31:bf:1f:db:0f:cb:30:15:bd:c3:33:06:
c7:fe:28:7e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOkbvg51dOAimcJobvoabkQizM5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNjAyMDIwMzUwMzZaFw0yNzAyMDEwMzU1MzZaMDMxMTAvBgNV
BAMTKEJFQkZCMzFCMUE1NzAzODVDNzMzOEY0QjU5RDExNzgwMzg5RjM5N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDImXiCMoYHwu0H6u/F9ivLIUQ1
0CLK9PGyH/w5wiSMRvglOJyuCLeW8BhfHiYnSL6hSlixfbWr7iUmAWRhGkyQHepN
Emq2JrYfj9eRQfDaX2f/a8/wjlqTdCMqEHdL/ap8L7DHWHp8R7AO0JTzUiV28/R4
THnOOV71sFUZp2VjlzWsJ56EQs6EoWgTOrwN0IvWpOSkJXkhKVYYJSWV/5/8ZJd4
kGgpJBS+XYjNthJWeThlsDCAAA1xzOlHxPIdnDpNkMq3WP7C8yVhCDjeOSrly0Xd
XzcDtslePU1rcVvLVUH6vBSxXg5gysFMVwktbmU6aS5j9C0RFmCsVF7JrU1pAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUvr+zGxpXA4XHM49LWdEXgDifOX0wHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzgzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNTMzMzkzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALLQvTANBgkqhkiG9w0BAQsFAAOCAQEAHJOXVTb+7MBn6GbrlrTsjYosuIzk
P+tNssx9W1AZNcNEFikuG83DicNqPps7005JsMlWlagTjlkDK5j0cA1T1iMQcxfR
kJ9skPapYGlfGvsp5Zo1jO11jZvTmLhVOPYj/xWuSBMaLLdhnO4C+Em3jYYrmZkb
osbvtqA+g9UnaCK+qbEHJAmRy7cotac91iGYSaG8bjuRGh7Fr76jzN7bqxZjV3sr
LG9yST8kfaTJFM+oeLsIsMFY8LudJLYvCfsuE8DWFf1QJBkAq0S1wJ1pbpdmM0mC
CVTnyMRUe6zvEUbnj3g0HNWgrC0F6J/XIRbGMb8f2w/LMBW9wzMGx/4ofg==
-----END CERTIFICATE-----
Generated at Mon Feb 23 02:44:50 2026 by rpki-client