Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20323038303633.roa
File: 3138352e35382e3135372e302f32342d3234203d3e20323038303633.roa (raw, json)
Hash identifier: U8pAF8O/Eli71dyqa/IEGmD/EnmCJf29XWZJsJoO2Kw=
Subject key identifier: FE:F9:FF:98:D8:ED:43:6B:99:CC:EF:74:79:E3:F8:15:B1:F7:8B:46
Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8
Certificate serial: 237E609D31B5747E569C3EBDFCD81E07545DF798
Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20323038303633.roa
Signing time: Tue 28 Apr 2026 10:10:46 +0000
ROA not before: Tue 28 Apr 2026 10:05:46 +0000
ROA not after: Tue 27 Apr 2027 10:10:46 +0000
asID: 208063
IP address blocks: 185.58.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 00:58:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:7e:60:9d:31:b5:74:7e:56:9c:3e:bd:fc:d8:1e:07:54:5d:f7:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8
Validity
Not Before: Apr 28 10:05:46 2026 GMT
Not After : Apr 27 10:10:46 2027 GMT
Subject: CN=FEF9FF98D8ED436B99CCEF7479E3F815B1F78B46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:ec:6a:9c:3b:fb:ce:e4:28:b5:dd:88:45:
32:7b:1d:e7:91:55:8a:04:84:c1:ac:46:0c:20:ac:
19:1b:f0:36:27:2c:69:16:ae:e2:79:fc:dd:8f:0b:
20:93:95:83:4a:b6:b5:f2:83:c8:34:81:66:f0:f7:
e8:31:47:4e:50:ba:04:ce:55:40:fa:72:08:ca:bc:
12:e0:e6:ac:7c:52:50:e8:04:d8:bf:f0:51:46:51:
98:05:74:f2:66:c3:67:74:30:bc:e5:b8:86:f6:78:
93:f9:6f:55:d7:ec:cf:25:ce:00:12:18:4e:18:d9:
e7:4c:90:cf:68:7f:f9:53:9e:23:07:1d:7e:ec:05:
01:b0:8f:81:38:04:be:fb:8f:24:5a:5b:aa:0f:75:
af:b9:f4:95:f5:c2:88:ac:73:ee:80:58:eb:80:e4:
69:84:62:76:17:c0:f4:6f:58:ac:9b:4f:b9:df:e9:
da:a4:d4:13:3a:82:b8:3b:c0:83:2e:52:35:99:10:
5b:36:d5:9c:8c:b5:f9:7e:56:a4:00:ad:b4:bd:d8:
b4:0c:ec:16:42:c1:f0:eb:c5:46:74:cb:34:ca:e9:
e6:9e:be:64:dd:30:98:a7:ce:71:19:3a:9b:3a:7f:
9c:b5:20:9f:52:5c:3b:b7:3b:b2:75:53:34:d8:71:
29:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:F9:FF:98:D8:ED:43:6B:99:CC:EF:74:79:E3:F8:15:B1:F7:8B:46
X509v3 Authority Key Identifier:
keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20323038303633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.157.0/24
Signature Algorithm: sha256WithRSAEncryption
18:16:d2:54:20:b5:53:63:e6:59:33:6d:ec:a9:e6:af:ed:be:
a4:a8:08:46:cd:4f:3f:c6:93:4e:65:8a:34:f9:72:b5:e9:13:
f0:13:ed:7c:10:bc:59:7b:0a:4f:82:cd:9f:c7:a7:88:c2:2f:
8d:42:5f:f8:54:2b:55:49:98:b7:e4:83:bb:d6:b2:6f:9d:2f:
00:31:58:fd:84:ff:a8:ab:19:73:c4:54:a3:16:dd:73:1b:69:
36:db:78:7b:2f:a7:ad:9c:89:05:ea:2b:43:44:0e:05:7f:9c:
bb:c0:f0:cd:61:37:eb:d0:00:24:f2:ea:66:58:6e:25:52:ba:
49:a2:f9:1c:f1:2c:e7:87:b1:51:ab:bb:27:80:1f:4f:49:d1:
de:58:23:95:ff:87:95:46:ac:7c:bf:fe:82:73:d5:32:ab:a3:
24:8f:9e:81:64:98:e6:2e:bc:45:31:fa:9a:82:e0:8d:d0:f9:
2f:91:09:98:af:de:13:16:06:d3:17:87:4d:74:68:11:05:28:
18:cf:bc:61:c9:05:4e:0f:27:cc:4a:13:88:b4:21:eb:8c:46:
82:c3:c2:ca:f3:62:cc:1c:4b:2d:f0:c1:3c:a0:04:4b:e0:5a:
fd:4f:8a:49:ca:1f:d5:90:e8:d4:58:d6:a6:4a:a3:29:14:de:
3a:d5:77:24
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUI35gnTG1dH5WnD69/NgeB1Rd95gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx
NTAxMjBmODAeFw0yNjA0MjgxMDA1NDZaFw0yNzA0MjcxMDEwNDZaMDMxMTAvBgNV
BAMTKEZFRjlGRjk4RDhFRDQzNkI5OUNDRUY3NDc5RTNGODE1QjFGNzhCNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtBOxqnDv7zuQotd2IRTJ7HeeR
VYoEhMGsRgwgrBkb8DYnLGkWruJ5/N2PCyCTlYNKtrXyg8g0gWbw9+gxR05QugTO
VUD6cgjKvBLg5qx8UlDoBNi/8FFGUZgFdPJmw2d0MLzluIb2eJP5b1XX7M8lzgAS
GE4Y2edMkM9of/lTniMHHX7sBQGwj4E4BL77jyRaW6oPda+59JX1woisc+6AWOuA
5GmEYnYXwPRvWKybT7nf6dqk1BM6grg7wIMuUjWZEFs21ZyMtfl+VqQArbS92LQM
7BZCwfDrxUZ0yzTK6eaevmTdMJinznEZOps6f5y1IJ9SXDu3O7J1UzTYcSlHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/vn/mNjtQ2uZzO90eeP4FbH3i0YwHwYDVR0j
BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm
OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV
QklQZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt
NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzEzODM1MmUzNTM4MmUzMTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzMDM2MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5Op0wDQYJKoZIhvcNAQELBQADggEBABgW0lQgtVNj5lkzbeyp5q/tvqSoCEbN
Tz/Gk05lijT5crXpE/AT7XwQvFl7Ck+CzZ/Hp4jCL41CX/hUK1VJmLfkg7vWsm+d
LwAxWP2E/6irGXPEVKMW3XMbaTbbeHsvp62ciQXqK0NEDgV/nLvA8M1hN+vQACTy
6mZYbiVSukmi+RzxLOeHsVGruyeAH09J0d5YI5X/h5VGrHy//oJz1TKroySPnoFk
mOYuvEUx+pqC4I3Q+S+RCZiv3hMWBtMXh010aBEFKBjPvGHJBU4PJ8xKE4i0IeuM
RoLDwsrzYswcSy3wwTygBEvgWv1PiknKH9WQ6NRY1qZKoykU3jrVdyQ=
-----END CERTIFICATE-----
Generated at Sun May 3 18:35:51 2026 by rpki-client