Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37342e302f32342d3234203d3e20323039313831.roa
File: 3137382e3234382e37342e302f32342d3234203d3e20323039313831.roa (raw, json)
Hash identifier: b86TJ/eicDu3L39UHlXUFvq/1qF9nZUOZYH3MsfWUIw=
Subject key identifier: 00:0F:6D:34:E6:08:DB:E3:F5:37:01:7F:4C:46:2F:49:01:3F:B1:E4
Certificate issuer: /CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Certificate serial: 66156C4FFA857AF096E63A0DFF0AE053AB0BFA77
Authority key identifier: BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37342e302f32342d3234203d3e20323039313831.roa
Signing time: Wed 04 Feb 2026 13:55:36 +0000
ROA not before: Wed 04 Feb 2026 13:50:36 +0000
ROA not after: Wed 03 Feb 2027 13:55:36 +0000
asID: 209181
IP address blocks: 178.248.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.mft
rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:15:6c:4f:fa:85:7a:f0:96:e6:3a:0d:ff:0a:e0:53:ab:0b:fa:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Validity
Not Before: Feb 4 13:50:36 2026 GMT
Not After : Feb 3 13:55:36 2027 GMT
Subject: CN=000F6D34E608DBE3F537017F4C462F49013FB1E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:84:c6:29:fe:48:30:ad:93:53:e6:96:ff:bd:
6e:93:fa:95:b0:c0:f2:0a:d1:a9:18:ce:7e:d3:68:
c2:63:5f:bf:d0:56:6c:c7:be:c9:89:33:bd:b8:1a:
ea:13:2a:67:86:af:97:d7:7e:4d:50:9d:03:f1:33:
e4:2a:ce:f5:45:3f:19:78:54:f0:7b:b8:ff:91:bf:
bb:62:d9:3d:fa:c7:b8:8d:f2:bc:a8:43:de:fa:b4:
ef:1e:ca:e9:4a:da:27:70:05:e7:3d:9d:ed:9a:e2:
69:82:cd:67:21:1d:34:67:ad:71:cf:08:da:69:f8:
fb:c0:81:91:cc:33:cf:35:4b:ce:55:49:1d:57:d4:
49:46:59:53:a0:d3:f9:8b:55:34:9b:16:e6:ba:97:
cf:e9:66:b4:c0:78:85:e3:8a:c4:52:60:4d:a2:c5:
26:18:3d:2e:ad:73:4a:f2:20:c0:ee:53:a6:d7:64:
bb:0a:3e:32:d6:67:d7:06:d6:b3:7b:86:69:6c:62:
ca:11:83:d3:49:8d:94:d3:ca:5d:f0:04:06:ed:44:
60:1e:2f:b0:fc:e4:f3:a5:e3:63:57:a9:ee:98:d0:
53:fe:01:62:69:dc:2d:d3:f8:25:f8:3c:ae:eb:d4:
9e:89:09:26:e7:a3:e1:dc:c2:f4:32:59:f8:36:d5:
39:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:0F:6D:34:E6:08:DB:E3:F5:37:01:7F:4C:46:2F:49:01:3F:B1:E4
X509v3 Authority Key Identifier:
keyid:BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37342e302f32342d3234203d3e20323039313831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.74.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:f1:30:e9:7b:5f:6b:7c:35:9e:bf:af:b8:0f:31:53:80:18:
29:1b:b2:88:56:30:92:49:2b:92:4e:5d:6d:7f:00:c9:0e:ee:
05:77:7d:10:80:38:03:7d:db:7f:b6:4f:16:53:97:8f:4a:31:
69:d1:fb:be:f8:b6:96:64:3c:a2:de:f2:f5:b2:01:75:d4:ac:
ca:82:bf:d6:b3:73:df:cf:06:3c:03:35:88:eb:dc:48:81:2d:
c3:19:7f:e3:f8:75:68:49:33:6a:ad:58:aa:79:55:97:5d:8b:
19:66:2d:86:62:6b:b8:3d:60:b6:24:47:05:05:ca:e2:09:52:
f6:a5:08:8f:b3:a2:59:25:cb:b2:cf:63:e1:e2:91:6f:c0:d0:
98:bd:1a:92:4b:ca:96:f8:20:c2:52:4c:b3:cd:16:bd:ed:70:
e2:6f:96:6d:d3:e0:40:4d:fb:f9:49:89:9e:35:1e:d8:d5:89:
f4:e7:fb:8f:45:71:b7:96:21:27:ef:e3:0f:a6:c6:4c:00:87:
d8:27:6f:6d:f9:60:ed:57:30:46:e5:13:89:a2:a0:fc:1d:dd:
e4:a6:9c:b0:5d:3c:36:83:5b:60:66:ef:49:80:83:cf:43:48:
16:13:b3:4e:64:63:d9:24:84:f0:d9:25:c1:2c:a4:f9:47:db:
31:bb:b0:79
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZhVsT/qFevCW5joN/wrgU6sL+ncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmUwYmI3ODg2OWNkYjJhZDBjOTcxYTZhODU4YTMwMjEz
ZWFlYzQ3ZDAeFw0yNjAyMDQxMzUwMzZaFw0yNzAyMDMxMzU1MzZaMDMxMTAvBgNV
BAMTKDAwMEY2RDM0RTYwOERCRTNGNTM3MDE3RjRDNDYyRjQ5MDEzRkIxRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLhMYp/kgwrZNT5pb/vW6T+pWw
wPIK0akYzn7TaMJjX7/QVmzHvsmJM724GuoTKmeGr5fXfk1QnQPxM+QqzvVFPxl4
VPB7uP+Rv7ti2T36x7iN8ryoQ976tO8eyulK2idwBec9ne2a4mmCzWchHTRnrXHP
CNpp+PvAgZHMM881S85VSR1X1ElGWVOg0/mLVTSbFua6l8/pZrTAeIXjisRSYE2i
xSYYPS6tc0ryIMDuU6bXZLsKPjLWZ9cG1rN7hmlsYsoRg9NJjZTTyl3wBAbtRGAe
L7D85POl42NXqe6Y0FP+AWJp3C3T+CX4PK7r1J6JCSbno+HcwvQyWfg21TkLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAA9tNOYI2+P1NwF/TEYvSQE/seQwHwYDVR0j
BBgwFoAUvgu3iGnNsq0MlxpqhYowIT6uxH0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWMxNDMzODctZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUx
ZTRhLzAvQkUwQkI3ODg2OUNEQjJBRDBDOTcxQTZBODU4QTMwMjEzRUFFQzQ3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZndTNpR25Oc3EwTWx4cHFoWW93SVQ2
dXhIMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMxNDMzODct
ZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUxZTRhLzAvMzEzNzM4MmUzMjM0MzgyZTM3
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMTM4MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy+EowDQYJKoZIhvcNAQELBQADggEBAD/xMOl7X2t8NZ6/r7gPMVOAGCkbsohW
MJJJK5JOXW1/AMkO7gV3fRCAOAN923+2TxZTl49KMWnR+774tpZkPKLe8vWyAXXU
rMqCv9azc9/PBjwDNYjr3EiBLcMZf+P4dWhJM2qtWKp5VZddixlmLYZia7g9YLYk
RwUFyuIJUvalCI+zolkly7LPY+HikW/A0Ji9GpJLypb4IMJSTLPNFr3tcOJvlm3T
4EBN+/lJiZ41HtjVifTn+49FcbeWISfv4w+mxkwAh9gnb235YO1XMEblE4mioPwd
3eSmnLBdPDaDW2Bm70mAg89DSBYTs05kY9kkhPDZJcEspPlH2zG7sHk=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:54:56 2026 by rpki-client