Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139322e302f32342d3234203d3e203136353039.roa
File: 3137382e3133322e3139322e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: foBoaKUPeMOXyMdgjQODzIp3g1QrOeZIcU4rmaW6W0Y=
Subject key identifier: DC:C0:5C:66:CB:67:55:AB:E8:A8:0B:63:AE:DA:A6:16:F3:BC:33:9B
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 65BF4510AAB04FDE0732DE9276B8D40FAD348709
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139322e302f32342d3234203d3e203136353039.roa
Signing time: Fri 13 Feb 2026 09:50:36 +0000
ROA not before: Fri 13 Feb 2026 09:45:36 +0000
ROA not after: Fri 12 Feb 2027 09:50:36 +0000
asID: 16509
IP address blocks: 178.132.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:21:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:bf:45:10:aa:b0:4f:de:07:32:de:92:76:b8:d4:0f:ad:34:87:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Feb 13 09:45:36 2026 GMT
Not After : Feb 12 09:50:36 2027 GMT
Subject: CN=DCC05C66CB6755ABE8A80B63AEDAA616F3BC339B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:11:cf:8b:74:7b:0b:5e:4e:2a:b1:cb:e7:b3:
71:75:65:bc:4c:16:70:c4:6d:d8:c9:45:7f:d8:48:
e0:be:fc:0d:0e:c5:d1:f0:94:3e:1b:ea:1e:05:d8:
47:57:0b:39:8d:83:06:97:d5:26:3f:c4:78:f5:1b:
6b:10:90:c5:03:5a:4c:0d:d2:b4:88:8b:58:6d:c3:
57:1d:79:ab:02:7a:69:db:17:4d:82:84:87:80:70:
20:5e:de:5c:46:5e:32:6d:5b:9c:92:48:7f:73:37:
42:48:cf:a6:89:0e:b0:4e:13:64:c2:e3:02:90:7b:
ea:ef:e7:d5:9b:18:cd:ab:14:28:3a:a0:2e:32:18:
69:ca:3a:9b:35:bf:88:fa:7e:cc:27:64:77:d0:ac:
b8:10:47:cb:5b:88:4a:77:eb:9d:23:21:d9:69:21:
2d:32:3e:f1:90:db:9b:4c:5a:b7:1b:f7:e0:d4:da:
5c:f7:d9:fe:31:fc:11:b6:40:f3:7e:f2:33:36:2e:
0b:cc:cf:ad:9a:77:d8:3c:e5:85:14:da:4e:5d:a5:
8c:f0:2e:59:e3:ff:9d:11:10:1f:39:c5:d9:5b:d8:
76:83:05:03:65:d5:35:41:4d:fb:38:68:5a:7c:8a:
f8:02:08:13:e0:c6:cb:df:c9:dd:35:5a:d9:20:9c:
c2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C0:5C:66:CB:67:55:AB:E8:A8:0B:63:AE:DA:A6:16:F3:BC:33:9B
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139322e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.192.0/24
Signature Algorithm: sha256WithRSAEncryption
37:dd:fc:c3:22:64:e0:11:dd:7d:b3:e2:74:f0:10:72:a7:a9:
0d:a9:bf:18:f7:9c:ff:f4:04:03:91:f0:06:36:3c:b2:47:a1:
c1:a7:dd:6c:a9:d0:38:bb:31:db:cd:95:96:9e:9c:ea:f3:a8:
75:2b:34:b3:c2:a6:29:7a:f8:b8:47:b4:13:49:7a:ca:1b:2f:
35:a1:9e:cb:de:f9:f5:41:78:ee:88:78:a4:48:00:84:3c:19:
c0:da:a7:2e:9e:50:d7:50:da:56:bf:0d:4c:f6:3d:18:bb:e8:
27:cf:ba:6d:af:ae:c1:80:31:8b:af:c8:b8:18:62:e7:c1:32:
51:21:b9:11:ef:99:41:cb:7d:6f:d6:c7:04:b3:af:4c:44:fe:
35:e0:5a:e5:86:d6:a3:12:d3:e8:58:99:c8:b1:f7:ef:63:e0:
ee:dd:05:38:37:a0:5c:5a:95:27:d1:f6:67:31:6f:01:e0:ae:
19:83:f7:65:a4:fe:4b:f3:30:3d:5e:54:9b:0d:e3:a5:bf:76:
91:78:de:b3:c5:e8:24:95:45:e9:0a:10:d8:8e:2d:c8:b2:e9:
8b:0e:d1:a4:f7:50:b5:98:c5:ec:9a:ff:f2:da:0c:ed:ac:86:
bd:76:00:80:f4:7c:08:86:21:7e:77:bf:00:0e:f9:7f:7c:4f:
da:21:bc:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZb9FEKqwT94HMt6SdrjUD600hwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNjAyMTMwOTQ1MzZaFw0yNzAyMTIwOTUwMzZaMDMxMTAvBgNV
BAMTKERDQzA1QzY2Q0I2NzU1QUJFOEE4MEI2M0FFREFBNjE2RjNCQzMzOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOEc+LdHsLXk4qscvns3F1ZbxM
FnDEbdjJRX/YSOC+/A0OxdHwlD4b6h4F2EdXCzmNgwaX1SY/xHj1G2sQkMUDWkwN
0rSIi1htw1cdeasCemnbF02ChIeAcCBe3lxGXjJtW5ySSH9zN0JIz6aJDrBOE2TC
4wKQe+rv59WbGM2rFCg6oC4yGGnKOps1v4j6fswnZHfQrLgQR8tbiEp3650jIdlp
IS0yPvGQ25tMWrcb9+DU2lz32f4x/BG2QPN+8jM2LgvMz62ad9g85YUU2k5dpYzw
Llnj/50REB85xdlb2HaDBQNl1TVBTfs4aFp8ivgCCBPgxsvfyd01WtkgnMJ9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3MBcZstnVavoqAtjrtqmFvO8M5swHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACyhMAwDQYJKoZIhvcNAQELBQADggEBADfd/MMiZOAR3X2z4nTwEHKnqQ2pvxj3
nP/0BAOR8AY2PLJHocGn3Wyp0Di7MdvNlZaenOrzqHUrNLPCpil6+LhHtBNJesob
LzWhnsve+fVBeO6IeKRIAIQ8GcDapy6eUNdQ2la/DUz2PRi76CfPum2vrsGAMYuv
yLgYYufBMlEhuRHvmUHLfW/WxwSzr0xE/jXgWuWG1qMS0+hYmcix9+9j4O7dBTg3
oFxalSfR9mcxbwHgrhmD92Wk/kvzMD1eVJsN46W/dpF43rPF6CSVRekKENiOLciy
6YsO0aT3ULWYxeya//LaDO2shr12AID0fAiGIX53vwAO+X98T9ohvCs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:30:05 2026 by rpki-client