Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3138392e302f32342d3234203d3e20313335343032.roa
File: 3137382e3230382e3138392e302f32342d3234203d3e20313335343032.roa (raw, json)
Hash identifier: tRxIr0DgZDKjAaIO+g99KpRqd6ZB09OxorWydZ2voUY=
Subject key identifier: C5:7B:76:77:7E:1D:64:72:B6:ED:42:01:16:5F:BD:95:A8:C1:5E:6F
Certificate issuer: /CN=048af665bf8b186b70220759d26c578f40b5f3e3
Certificate serial: 6CCF0D1226A8A476A5750C6A0AA6FD71ABF3BED6
Authority key identifier: 04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3138392e302f32342d3234203d3e20313335343032.roa
Signing time: Thu 28 May 2026 09:27:37 +0000
ROA not before: Thu 28 May 2026 09:22:37 +0000
ROA not after: Thu 27 May 2027 09:27:37 +0000
asID: 135402
IP address blocks: 178.208.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.mft
rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 19:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:cf:0d:12:26:a8:a4:76:a5:75:0c:6a:0a:a6:fd:71:ab:f3:be:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048af665bf8b186b70220759d26c578f40b5f3e3
Validity
Not Before: May 28 09:22:37 2026 GMT
Not After : May 27 09:27:37 2027 GMT
Subject: CN=C57B76777E1D6472B6ED4201165FBD95A8C15E6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:61:2c:d0:a5:6e:c7:33:b2:e8:89:e4:0b:34:
79:68:a6:41:2a:44:07:9b:f9:74:76:f6:d8:a6:44:
b2:ad:f8:d6:c7:a2:e8:e7:5d:f7:47:8c:4b:d1:b8:
0e:35:90:68:38:5a:70:40:73:e8:25:b0:42:87:a2:
8e:e9:b3:00:92:7c:89:a7:d8:af:03:8c:7e:09:ea:
57:46:a7:5f:26:b7:c7:62:7b:44:ed:6b:41:97:c5:
da:2b:66:e7:3b:32:a2:73:43:59:c4:3c:43:80:74:
e6:17:b2:f2:eb:d4:d1:b9:02:85:66:9b:51:4e:f2:
8a:7a:9a:48:eb:a2:d4:1d:96:d1:0b:aa:d4:c0:56:
6d:42:98:81:ca:ba:32:7b:59:d9:a5:ca:06:5b:b1:
18:b1:cf:bd:e2:b4:76:0f:e2:ef:b2:f0:7c:b1:b2:
ad:03:86:94:76:24:3b:a5:13:00:d1:ca:1b:aa:54:
d4:fa:1a:33:68:e0:01:61:83:0d:36:1f:c9:9d:e9:
c5:94:5f:82:40:15:6a:99:4e:92:34:bc:99:d9:d6:
8c:0c:a7:ea:52:e0:75:12:c2:19:bd:2c:83:3d:ae:
6a:1b:c7:f4:fa:2f:7b:e3:c2:a8:41:4b:85:5f:03:
5f:89:d6:4d:fe:9d:f4:d2:76:73:57:62:6c:5c:07:
d8:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:7B:76:77:7E:1D:64:72:B6:ED:42:01:16:5F:BD:95:A8:C1:5E:6F
X509v3 Authority Key Identifier:
keyid:04:8A:F6:65:BF:8B:18:6B:70:22:07:59:D2:6C:57:8F:40:B5:F3:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/048AF665BF8B186B70220759D26C578F40B5F3E3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BIr2Zb-LGGtwIgdZ0mxXj0C18-M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/82a9bf5b-39c1-4050-b073-48075b861d87/0/3137382e3230382e3138392e302f32342d3234203d3e20313335343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.189.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:d2:4d:e5:00:a0:8b:08:9c:3c:2c:95:88:48:72:28:5c:09:
af:bc:33:96:cf:a7:f1:93:51:e9:be:6d:1e:b6:ee:3a:6e:66:
d2:46:22:67:ee:1c:d6:a4:50:25:a7:19:64:39:16:98:84:d0:
60:0e:ab:b0:2f:c4:79:b9:e5:13:d5:8c:f8:04:7a:3d:9c:97:
6d:4c:72:c9:2e:f1:42:b5:a4:05:b8:f2:8f:32:5e:91:25:e8:
a1:57:c3:86:18:f0:12:1b:47:67:bd:52:0b:7e:48:07:36:c5:
9e:c6:ee:09:2d:31:54:4b:0c:dc:cf:33:bd:36:c5:ca:ae:28:
d1:5d:a3:59:1c:9d:fa:7e:a1:f2:4a:a8:1a:da:e6:57:b2:2e:
52:24:0b:3f:87:f0:33:4b:bc:11:27:38:57:81:bd:be:92:63:
cb:22:f5:22:3a:5d:0e:4b:a9:4b:15:19:f7:e0:6e:6b:87:de:
bb:ef:f3:32:f1:59:ee:0b:22:3f:d7:3b:62:c8:22:67:ef:b9:
9d:17:de:fc:b7:8c:d7:4c:d4:b9:a9:66:6b:30:62:a9:41:e0:
de:52:ac:28:af:11:ca:f0:ff:3e:73:47:a6:35:90:8a:c5:7e:
a3:95:80:d7:ba:49:5d:4c:53:70:44:2b:54:66:61:3a:ea:bc:
6e:09:c3:bf
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUbM8NEiaopHaldQxqCqb9cavzvtYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4YWY2NjViZjhiMTg2YjcwMjIwNzU5ZDI2YzU3OGY0
MGI1ZjNlMzAeFw0yNjA1MjgwOTIyMzdaFw0yNzA1MjcwOTI3MzdaMDMxMTAvBgNV
BAMTKEM1N0I3Njc3N0UxRDY0NzJCNkVENDIwMTE2NUZCRDk1QThDMTVFNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzYSzQpW7HM7LoieQLNHlopkEq
RAeb+XR29timRLKt+NbHoujnXfdHjEvRuA41kGg4WnBAc+glsEKHoo7pswCSfImn
2K8DjH4J6ldGp18mt8die0Tta0GXxdorZuc7MqJzQ1nEPEOAdOYXsvLr1NG5AoVm
m1FO8op6mkjrotQdltELqtTAVm1CmIHKujJ7WdmlygZbsRixz73itHYP4u+y8Hyx
sq0DhpR2JDulEwDRyhuqVNT6GjNo4AFhgw02H8md6cWUX4JAFWqZTpI0vJnZ1owM
p+pS4HUSwhm9LIM9rmobx/T6L3vjwqhBS4VfA1+J1k3+nfTSdnNXYmxcB9hLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUxXt2d34dZHK27UIBFl+9lajBXm8wHwYDVR0j
BBgwFoAUBIr2Zb+LGGtwIgdZ0mxXj0C18+MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODJhOWJmNWItMzljMS00MDUwLWIwNzMtNDgwNzViODYx
ZDg3LzAvMDQ4QUY2NjVCRjhCMTg2QjcwMjIwNzU5RDI2QzU3OEY0MEI1RjNFMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0JJcjJaYi1MR0d0d0lnZFowbXhYajBD
MTgtTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODJhOWJmNWIt
MzljMS00MDUwLWIwNzMtNDgwNzViODYxZDg3LzAvMzEzNzM4MmUzMjMwMzgyZTMx
MzgzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNTM0MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALLQvTANBgkqhkiG9w0BAQsFAAOCAQEALNJN5QCgiwicPCyViEhyKFwJr7wz
ls+n8ZNR6b5tHrbuOm5m0kYiZ+4c1qRQJacZZDkWmITQYA6rsC/EebnlE9WM+AR6
PZyXbUxyyS7xQrWkBbjyjzJekSXooVfDhhjwEhtHZ71SC35IBzbFnsbuCS0xVEsM
3M8zvTbFyq4o0V2jWRyd+n6h8kqoGtrmV7IuUiQLP4fwM0u8ESc4V4G9vpJjyyL1
IjpdDkupSxUZ9+Bua4feu+/zMvFZ7gsiP9c7YsgiZ++5nRfe/LeM10zUualmazBi
qUHg3lKsKK8RyvD/PnNHpjWQisV+o5WA17pJXUxTcEQrVGZhOuq8bgnDvw==
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:16:56 2026 by rpki-client