Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31372e302f32342d3234203d3e2038313030.roa
File: 38352e3230392e31372e302f32342d3234203d3e2038313030.roa (raw, json)
Hash identifier: k9/Ch376K2xC47DoFkOrbQT45cHpJzonkazNFrVSeRg=
Subject key identifier: 27:DC:B7:54:CB:D0:41:B9:87:F9:8C:36:CF:A6:A2:CB:97:54:1D:F2
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 1C87E6291878787EDEB495FC27D610459A7DF62C
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31372e302f32342d3234203d3e2038313030.roa
Signing time: Sun 17 May 2026 11:47:14 +0000
ROA not before: Sun 17 May 2026 11:42:14 +0000
ROA not after: Sun 16 May 2027 11:47:14 +0000
asID: 8100
IP address blocks: 85.209.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 18:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:87:e6:29:18:78:78:7e:de:b4:95:fc:27:d6:10:45:9a:7d:f6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: May 17 11:42:14 2026 GMT
Not After : May 16 11:47:14 2027 GMT
Subject: CN=27DCB754CBD041B987F98C36CFA6A2CB97541DF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c7:2e:c3:f4:c2:6a:5b:a7:2d:e9:cf:b1:4e:
e6:5b:c2:01:9f:69:de:9e:41:b6:e2:26:64:a2:88:
5b:2f:1f:a4:0e:c0:4a:e7:16:2d:e1:f7:08:e0:c0:
c5:98:70:ba:56:19:76:ea:23:f8:d9:c1:63:08:d3:
4d:a3:50:17:a4:d0:d6:9e:78:08:30:d6:b9:56:86:
ea:0f:f7:e9:6d:58:ff:d2:cc:87:9a:25:e0:3c:e3:
de:81:f7:26:ef:96:77:5b:aa:e7:40:64:52:00:94:
b0:f5:9c:0f:58:d7:6d:69:88:c3:e0:ea:5b:13:cc:
bd:7f:8a:6c:64:0f:7d:62:f4:e6:44:4d:67:34:b1:
f2:b8:95:3f:6a:3a:72:8b:b7:b8:1a:1a:6f:42:11:
ec:e7:b1:8d:b3:4d:f7:3d:6b:55:25:14:12:8e:08:
22:88:20:9b:f7:7f:15:9a:75:8b:80:b9:9c:17:71:
a9:27:b9:8f:5e:70:a3:6d:b3:59:b6:ba:aa:94:f8:
d5:e0:ad:82:29:16:dc:97:6c:08:6d:fc:00:de:3c:
80:0c:2d:46:65:68:27:82:7e:52:bd:08:82:11:ee:
60:e2:9b:e0:32:83:3e:70:55:d0:60:a6:2e:20:a6:
0d:77:db:03:6b:9f:b5:68:59:03:8b:c8:05:fd:4e:
ad:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:DC:B7:54:CB:D0:41:B9:87:F9:8C:36:CF:A6:A2:CB:97:54:1D:F2
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31372e302f32342d3234203d3e2038313030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.17.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:82:f8:7a:b6:07:5a:28:bc:03:a7:45:5d:91:df:2c:4d:1b:
26:9f:09:5e:47:8e:40:32:23:89:61:9d:9c:f2:d7:44:57:11:
48:b1:9a:12:4b:04:1e:e5:3c:af:cb:af:16:89:ab:9b:f0:f0:
cd:e3:92:4a:6b:28:0c:62:b1:c0:06:4a:d0:a6:2c:eb:b1:c2:
8b:60:20:d0:b4:eb:75:02:93:b8:e8:43:96:57:96:28:d5:c0:
9f:b5:42:79:92:45:38:fd:b2:16:55:c9:b0:c5:25:44:ac:7f:
57:a3:0f:17:2e:d7:c2:aa:e9:56:d0:99:72:31:8c:0e:e0:a6:
50:b9:5e:64:24:3d:64:4e:80:51:f2:07:9f:65:28:79:21:64:
e5:a5:34:e7:cf:38:68:7c:b4:a5:04:de:38:6b:70:52:9b:2e:
49:6a:9a:59:ff:7a:0d:cc:5e:bc:3f:97:bd:88:45:fc:2a:47:
a5:c9:96:be:0a:e7:1d:9e:53:1a:ab:74:24:15:27:fd:e0:83:
6c:19:fb:eb:a4:d0:16:3c:20:bf:50:db:18:8c:01:3c:85:69:
ea:3d:4f:cd:b5:9e:d0:ca:25:4f:d0:0b:b6:74:72:aa:2e:ca:
bc:f5:66:96:3e:73:5f:1d:cb:5c:fb:16:c3:9c:fe:31:1f:0e:
df:6c:f0:bf
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUHIfmKRh4eH7etJX8J9YQRZp99iwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNjA1MTcxMTQyMTRaFw0yNzA1MTYxMTQ3MTRaMDMxMTAvBgNV
BAMTKDI3RENCNzU0Q0JEMDQxQjk4N0Y5OEMzNkNGQTZBMkNCOTc1NDFERjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNxy7D9MJqW6ct6c+xTuZbwgGf
ad6eQbbiJmSiiFsvH6QOwErnFi3h9wjgwMWYcLpWGXbqI/jZwWMI002jUBek0Nae
eAgw1rlWhuoP9+ltWP/SzIeaJeA8496B9ybvlndbqudAZFIAlLD1nA9Y121piMPg
6lsTzL1/imxkD31i9OZETWc0sfK4lT9qOnKLt7gaGm9CEeznsY2zTfc9a1UlFBKO
CCKIIJv3fxWadYuAuZwXcaknuY9ecKNts1m2uqqU+NXgrYIpFtyXbAht/ADePIAM
LUZlaCeCflK9CIIR7mDim+Aygz5wVdBgpi4gpg132wNrn7VoWQOLyAX9Tq1ZAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUJ9y3VMvQQbmH+Yw2z6aiy5dUHfIwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzgzNTJlMzIzMDM5MmUzMTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMTMwMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV0REw
DQYJKoZIhvcNAQELBQADggEBAIyC+Hq2B1oovAOnRV2R3yxNGyafCV5HjkAyI4lh
nZzy10RXEUixmhJLBB7lPK/LrxaJq5vw8M3jkkprKAxiscAGStCmLOuxwotgINC0
63UCk7joQ5ZXlijVwJ+1QnmSRTj9shZVybDFJUSsf1ejDxcu18Kq6VbQmXIxjA7g
plC5XmQkPWROgFHyB59lKHkhZOWlNOfPOGh8tKUE3jhrcFKbLklqmln/eg3MXrw/
l72IRfwqR6XJlr4K5x2eUxqrdCQVJ/3gg2wZ++uk0BY8IL9Q2xiMATyFaeo9T821
ntDKJU/QC7Z0cqouyrz1ZpY+c18dy1z7FsOc/jEfDt9s8L8=
-----END CERTIFICATE-----
Generated at Fri Jun 12 08:32:10 2026 by rpki-client