Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138382e302f32322d3234203d3e20323039323432.roa
File: 38302e38332e3138382e302f32322d3234203d3e20323039323432.roa (raw, json)
Hash identifier: wR1ots0KV1BStFiGqKk2l3iZgyPIrhhcn8rzZHOEx3E=
Subject key identifier: D1:DE:B3:11:40:E1:4B:FE:A2:0D:9E:83:56:30:BE:45:42:EC:03:CF
Certificate issuer: /CN=78d65d4a22df705beed7b3432fbe48a356597724
Certificate serial: 58580007AFA0126D346A43DC055F4C497A0BA4FC
Authority key identifier: 78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138382e302f32322d3234203d3e20323039323432.roa
Signing time: Fri 06 Mar 2026 22:10:30 +0000
ROA not before: Fri 06 Mar 2026 22:05:30 +0000
ROA not after: Fri 05 Mar 2027 22:10:30 +0000
asID: 209242
IP address blocks: 80.83.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.mft
rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Mar 2026 23:10:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:58:00:07:af:a0:12:6d:34:6a:43:dc:05:5f:4c:49:7a:0b:a4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d65d4a22df705beed7b3432fbe48a356597724
Validity
Not Before: Mar 6 22:05:30 2026 GMT
Not After : Mar 5 22:10:30 2027 GMT
Subject: CN=D1DEB31140E14BFEA20D9E835630BE4542EC03CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ee:cf:12:d9:f1:10:00:1d:99:8c:09:b9:41:
d6:2b:a0:cc:cb:5f:66:21:f9:8f:ba:d5:c9:6c:0c:
17:2e:e4:af:3c:10:d3:c0:6b:75:84:b7:f6:15:d1:
12:43:95:8b:11:d9:34:ab:08:3f:d9:c1:ff:28:e6:
26:69:3a:3b:e2:89:71:71:ab:dd:6e:54:17:39:55:
36:35:3a:6e:ca:7c:0c:c9:23:1f:af:e7:cc:7c:bc:
62:c4:6b:bc:5c:5d:06:9d:a5:d6:7a:62:2e:d4:66:
1f:02:b2:3d:41:65:db:6b:92:13:d6:c5:62:fe:6f:
75:be:a7:2f:40:66:4a:6d:df:47:46:fb:2f:31:41:
9f:66:1e:52:73:34:12:17:71:65:17:70:76:a2:06:
ad:2e:ec:2d:cc:75:44:ae:24:ba:ff:e9:8d:d7:1e:
56:13:20:cb:d1:94:c5:67:6e:11:23:67:e4:46:1d:
40:57:ca:9f:9b:92:97:cf:53:cc:5a:f5:04:10:f1:
76:66:71:52:42:72:ad:55:46:90:96:c9:a3:2c:bd:
04:42:60:eb:f8:09:d8:60:d1:5a:a7:21:95:f9:d1:
3e:17:f4:69:56:43:96:3e:d8:31:0e:be:70:9d:c0:
43:db:c9:ee:e3:71:95:1d:16:94:9f:6e:65:33:50:
72:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DE:B3:11:40:E1:4B:FE:A2:0D:9E:83:56:30:BE:45:42:EC:03:CF
X509v3 Authority Key Identifier:
keyid:78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138382e302f32322d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.188.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:2d:2d:e9:e0:89:34:50:5c:40:98:f8:2e:c0:e8:63:5b:66:
03:fc:2d:55:6f:b1:b1:fa:fe:35:6e:81:1b:4e:fa:cd:6a:fa:
68:86:0e:7d:b7:e6:50:ba:e6:49:ae:74:ae:e5:ae:1b:b0:ba:
c4:03:08:e8:63:26:e4:15:9a:f8:21:8f:1a:4d:c5:2a:da:28:
08:92:12:69:29:d6:0f:ae:de:d8:de:1d:6b:88:dc:89:ae:3f:
51:1a:e9:a9:a9:5c:4b:5a:3c:f9:36:cc:fd:9c:7f:e4:a7:ad:
1c:53:69:89:c6:6c:9f:b9:23:af:d2:ee:cf:5f:96:66:b8:41:
34:bc:b0:4e:85:d2:93:cf:62:ec:8a:bb:1b:4d:66:4a:5b:94:
97:b9:cd:06:73:8d:36:8e:60:e0:f7:23:8d:54:ee:64:3d:f9:
40:75:16:19:e6:97:ca:77:f6:06:e2:0a:57:d0:bf:9b:96:43:
83:02:22:29:38:34:ca:df:f3:c1:d9:59:87:c3:84:e9:f9:33:
55:5f:6e:75:43:aa:22:c0:65:31:05:36:d7:0c:6d:17:9e:8c:
4e:18:ad:c8:0f:6d:a9:ad:22:df:cf:96:35:56:27:d3:22:2e:
af:bb:92:50:b6:2d:50:bc:81:c2:86:57:ca:78:15:3c:a6:a9:
3c:01:97:ce
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWFgAB6+gEm00akPcBV9MSXoLpPwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzhkNjVkNGEyMmRmNzA1YmVlZDdiMzQzMmZiZTQ4YTM1
NjU5NzcyNDAeFw0yNjAzMDYyMjA1MzBaFw0yNzAzMDUyMjEwMzBaMDMxMTAvBgNV
BAMTKEQxREVCMzExNDBFMTRCRkVBMjBEOUU4MzU2MzBCRTQ1NDJFQzAzQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO7s8S2fEQAB2ZjAm5QdYroMzL
X2Yh+Y+61clsDBcu5K88ENPAa3WEt/YV0RJDlYsR2TSrCD/Zwf8o5iZpOjviiXFx
q91uVBc5VTY1Om7KfAzJIx+v58x8vGLEa7xcXQadpdZ6Yi7UZh8Csj1BZdtrkhPW
xWL+b3W+py9AZkpt30dG+y8xQZ9mHlJzNBIXcWUXcHaiBq0u7C3MdUSuJLr/6Y3X
HlYTIMvRlMVnbhEjZ+RGHUBXyp+bkpfPU8xa9QQQ8XZmcVJCcq1VRpCWyaMsvQRC
YOv4Cdhg0VqnIZX50T4X9GlWQ5Y+2DEOvnCdwEPbye7jcZUdFpSfbmUzUHINAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0d6zEUDhS/6iDZ6DVjC+RULsA88wHwYDVR0j
BBgwFoAUeNZdSiLfcFvu17NDL75Io1ZZdyQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNWFkMTUtYWYwYi00NWNkLWI4ODMtMWEwNThmYTBl
YmExLzAvNzhENjVENEEyMkRGNzA1QkVFRDdCMzQzMkZCRTQ4QTM1NjU5NzcyNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VOWmRTaUxmY0Z2dTE3TkRMNzVJbzFa
WmR5US5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNWFkMTUt
YWYwYi00NWNkLWI4ODMtMWEwNThmYTBlYmExLzAvMzgzMDJlMzgzMzJlMzEzODM4
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDM5MzIzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
UFO8MA0GCSqGSIb3DQEBCwUAA4IBAQBqLS3p4Ik0UFxAmPguwOhjW2YD/C1Vb7Gx
+v41boEbTvrNavpohg59t+ZQuuZJrnSu5a4bsLrEAwjoYybkFZr4IY8aTcUq2igI
khJpKdYPrt7Y3h1riNyJrj9RGumpqVxLWjz5Nsz9nH/kp60cU2mJxmyfuSOv0u7P
X5ZmuEE0vLBOhdKTz2LsirsbTWZKW5SXuc0Gc402jmDg9yONVO5kPflAdRYZ5pfK
d/YG4gpX0L+blkODAiIpODTK3/PB2VmHw4Tp+TNVX251Q6oiwGUxBTbXDG0XnoxO
GK3ID22prSLfz5Y1VifTIi6vu5JQti1QvIHChlfKeBU8pqk8AZfO
-----END CERTIFICATE-----
Generated at Wed Mar 25 11:49:36 2026 by rpki-client