Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32392e302f32342d3234203d3e20323036313530.roa
File: 38322e3131382e32392e302f32342d3234203d3e20323036313530.roa (raw, json)
Hash identifier: g5RZ2zBNk+trtkyb9Rf7BXLU9n0Q1hk7LEirQx9bPLk=
Subject key identifier: F5:2F:99:1D:45:08:D4:8C:6A:E2:2E:F0:04:01:06:07:D9:4C:39:7A
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 619EB73E6297AF2F274020C055CC217FD1C727A7
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32392e302f32342d3234203d3e20323036313530.roa
Signing time: Thu 05 Feb 2026 11:55:36 +0000
ROA not before: Thu 05 Feb 2026 11:50:36 +0000
ROA not after: Thu 04 Feb 2027 11:55:36 +0000
asID: 206150
IP address blocks: 82.118.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 16:28:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:9e:b7:3e:62:97:af:2f:27:40:20:c0:55:cc:21:7f:d1:c7:27:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 5 11:50:36 2026 GMT
Not After : Feb 4 11:55:36 2027 GMT
Subject: CN=F52F991D4508D48C6AE22EF004010607D94C397A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ff:1f:65:b6:d5:c8:2d:ae:52:2a:31:fc:ce:
55:08:f8:ff:bf:8a:94:8a:9d:5c:97:cc:8b:f2:3a:
b6:ac:7f:c0:59:94:cf:67:c0:07:70:63:68:54:97:
87:90:74:3a:a7:84:36:f1:f6:ad:a0:7c:3a:e5:ed:
03:05:92:64:ca:2a:27:d3:a5:2f:02:0a:fc:58:dd:
29:f4:d0:6d:e2:ec:df:95:66:6f:16:95:f6:b3:31:
cc:4b:3a:eb:4c:0d:72:5f:f2:fb:10:fd:bb:62:eb:
92:37:0f:2a:82:68:94:c5:8e:c0:68:37:98:c6:2a:
93:f5:47:38:9d:48:e7:33:30:58:3a:f2:e0:5d:c4:
8e:59:05:3f:e0:d3:c9:92:89:6b:6c:d6:56:55:c2:
e7:c3:20:e9:c5:b9:35:a2:f2:df:32:73:bd:05:c4:
a9:e1:a1:fa:89:ef:fa:e1:e6:93:b4:a3:94:f5:5b:
a3:b4:5e:3f:43:4b:73:09:76:3c:78:0d:6a:f8:f6:
5a:05:39:2a:56:86:2b:21:53:d2:ce:a7:54:63:54:
b7:c0:82:59:45:5a:01:0e:a1:e0:f8:e7:7d:ab:e6:
9d:60:b8:c6:b4:c5:81:0f:56:aa:14:e0:2a:46:aa:
02:86:72:b0:00:50:72:3b:d3:85:d6:46:85:56:fc:
75:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2F:99:1D:45:08:D4:8C:6A:E2:2E:F0:04:01:06:07:D9:4C:39:7A
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32392e302f32342d3234203d3e20323036313530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.29.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:b4:2c:78:3d:8a:0a:b3:1a:5d:25:96:69:1f:bd:9a:5d:16:
e8:12:e1:32:aa:02:18:f9:6b:ce:c0:96:9c:bd:38:13:47:e9:
a4:4f:90:08:e7:93:84:63:0a:97:fd:81:96:3e:df:27:41:1c:
13:58:92:a6:50:36:65:39:a9:78:34:9d:4a:2c:d3:47:f7:e3:
51:43:39:02:3f:72:8e:8f:e2:47:48:e7:23:d5:17:e8:46:eb:
eb:5f:52:7a:01:73:ec:7a:49:d9:a4:6c:77:84:51:e2:37:89:
0c:c6:03:97:b0:a5:fe:7c:dc:3b:2b:47:20:7a:7d:85:b1:7d:
73:b7:10:39:79:41:8b:0d:52:ce:e8:3e:3f:a0:0e:d7:59:62:
9a:c1:87:a9:96:ee:fc:68:30:ea:29:80:88:ce:f4:58:34:1f:
16:c5:d2:b3:2a:ed:3c:96:2c:77:de:78:dc:50:85:8a:d9:e6:
75:3f:f3:ea:16:29:8b:0d:5a:d0:c6:c8:d7:2e:4e:f5:31:8a:
da:87:2f:90:70:4c:94:87:e3:a3:eb:97:78:ae:57:2d:50:82:
a8:cb:a4:a6:70:6e:c7:4e:6b:2a:44:c4:e1:c6:db:2e:aa:85:
30:c7:b9:50:f5:3a:93:0c:4c:65:92:e8:01:81:48:c9:42:2e:
1f:03:1a:00
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYZ63PmKXry8nQCDAVcwhf9HHJ6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNjAyMDUxMTUwMzZaFw0yNzAyMDQxMTU1MzZaMDMxMTAvBgNV
BAMTKEY1MkY5OTFENDUwOEQ0OEM2QUUyMkVGMDA0MDEwNjA3RDk0QzM5N0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI/x9lttXILa5SKjH8zlUI+P+/
ipSKnVyXzIvyOrasf8BZlM9nwAdwY2hUl4eQdDqnhDbx9q2gfDrl7QMFkmTKKifT
pS8CCvxY3Sn00G3i7N+VZm8WlfazMcxLOutMDXJf8vsQ/bti65I3DyqCaJTFjsBo
N5jGKpP1RzidSOczMFg68uBdxI5ZBT/g08mSiWts1lZVwufDIOnFuTWi8t8yc70F
xKnhofqJ7/rh5pO0o5T1W6O0Xj9DS3MJdjx4DWr49loFOSpWhishU9LOp1RjVLfA
gllFWgEOoeD4532r5p1guMa0xYEPVqoU4CpGqgKGcrAAUHI704XWRoVW/HUhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU9S+ZHUUI1Ixq4i7wBAEGB9lMOXowHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzEzNTMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYdMA0GCSqGSIb3DQEBCwUAA4IBAQB8tCx4PYoKsxpdJZZpH72aXRboEuEyqgIY
+WvOwJacvTgTR+mkT5AI55OEYwqX/YGWPt8nQRwTWJKmUDZlOal4NJ1KLNNH9+NR
QzkCP3KOj+JHSOcj1RfoRuvrX1J6AXPseknZpGx3hFHiN4kMxgOXsKX+fNw7K0cg
en2FsX1ztxA5eUGLDVLO6D4/oA7XWWKawYeplu78aDDqKYCIzvRYNB8WxdKzKu08
lix33njcUIWK2eZ1P/PqFimLDVrQxsjXLk71MYrahy+QcEyUh+Oj65d4rlctUIKo
y6SmcG7HTmsqRMThxtsuqoUwx7lQ9TqTDExlkugBgUjJQi4fAxoA
-----END CERTIFICATE-----
Generated at Mon Feb 23 02:44:50 2026 by rpki-client