Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232352e302f32342d3234203d3e203136353039.roa
File: 3137382e3233362e3232352e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: bVv/8FZz1Mo+LMMAfRoMNi+St0h3DR5SK9VVKl37ktc=
Subject key identifier: 7F:E4:A9:DC:75:5A:92:BB:B2:ED:51:C0:84:AE:F4:A9:D2:18:33:87
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 50073CED5A3B61E9461335BB975BC6085DF34D08
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232352e302f32342d3234203d3e203136353039.roa
Signing time: Wed 08 Apr 2026 11:48:51 +0000
ROA not before: Wed 08 Apr 2026 11:43:51 +0000
ROA not after: Wed 07 Apr 2027 11:48:51 +0000
asID: 16509
IP address blocks: 178.236.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:07:3c:ed:5a:3b:61:e9:46:13:35:bb:97:5b:c6:08:5d:f3:4d:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 8 11:43:51 2026 GMT
Not After : Apr 7 11:48:51 2027 GMT
Subject: CN=7FE4A9DC755A92BBB2ED51C084AEF4A9D2183387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d4:09:a3:75:86:d2:e8:94:d4:cb:0c:6a:d1:
ee:79:ec:7f:cf:d8:f4:40:ab:7d:d3:34:6b:3b:0d:
41:dc:1e:6d:4c:fc:44:82:2f:b2:b8:2c:35:6b:0c:
fd:7a:f3:d0:43:c1:fe:67:56:8a:87:45:21:32:e1:
ac:51:60:d5:38:f2:3d:34:48:98:03:a5:ef:85:69:
7c:3e:e1:ca:93:71:58:6b:91:d1:2f:19:50:be:86:
1d:7e:f1:cd:9c:e0:ac:e7:4f:4e:15:d1:98:c3:50:
a0:fd:89:33:6b:c1:7b:ed:fc:53:1d:4f:15:a4:35:
24:42:64:a1:f4:8f:3b:9a:dc:d9:0c:34:a0:d8:b8:
63:fa:5b:ea:40:f0:75:dd:cb:5f:e0:6b:de:a0:ca:
27:21:c3:22:e0:b8:8b:75:e3:f7:aa:99:3e:12:45:
46:15:3f:23:83:c3:c7:91:6f:54:e2:6b:18:ab:01:
6a:c1:86:3f:84:f2:7f:d5:67:2d:83:1e:c9:28:ff:
21:af:f3:3a:29:b7:0d:ab:d8:97:c8:e1:d5:ee:ae:
6e:c0:af:aa:47:2d:cc:84:f8:1e:8e:f7:63:6e:88:
49:71:71:bb:23:d6:4c:d6:41:24:03:87:16:db:6e:
9d:52:dc:5b:f4:6d:d9:5c:c2:3d:17:c2:85:7b:fc:
23:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E4:A9:DC:75:5A:92:BB:B2:ED:51:C0:84:AE:F4:A9:D2:18:33:87
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232352e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.225.0/24
Signature Algorithm: sha256WithRSAEncryption
31:2a:07:12:61:f1:29:8d:11:be:40:f4:6a:0d:d9:03:65:31:
0a:06:90:e3:46:be:26:7a:98:21:5b:e2:d6:87:95:11:c1:5f:
cc:90:89:2e:0e:7f:26:36:33:88:78:48:95:4e:03:24:2c:42:
9f:56:5f:31:c8:b9:94:ea:82:13:5a:15:eb:00:e1:d0:c4:61:
38:ba:f4:64:4f:76:e4:7d:3d:51:01:75:31:74:d8:ae:b7:a6:
e7:08:d8:a5:0b:a2:fc:34:6e:76:41:4f:38:c8:b8:40:60:3d:
56:0f:f2:a7:a6:92:77:c3:7b:7d:2e:10:68:7c:53:b3:fe:5b:
51:f7:b1:6e:98:1c:d1:a7:4d:f0:08:04:a9:68:eb:e3:33:93:
84:ed:18:4d:1f:b4:72:b8:da:a5:cb:be:1c:45:b5:c6:a1:ac:
e7:3e:32:4a:f0:64:2b:da:18:48:1b:71:6b:09:cf:6b:a6:24:
25:3b:09:5d:30:a7:04:59:55:31:9c:d7:f0:5d:9c:6c:c6:b3:
3f:4d:8b:8a:96:65:8b:6e:39:70:3c:a9:9d:d2:c0:1d:17:f0:
a1:e4:c0:7f:93:e7:f0:b2:2e:77:74:39:c8:b6:36:d7:6a:62:
34:ed:7f:11:15:a8:33:40:0e:81:b6:e3:a8:f1:bc:c2:5a:ba:
96:09:e7:d7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUAc87Vo7YelGEzW7l1vGCF3zTQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDgxMTQzNTFaFw0yNzA0MDcxMTQ4NTFaMDMxMTAvBgNV
BAMTKDdGRTRBOURDNzU1QTkyQkJCMkVENTFDMDg0QUVGNEE5RDIxODMzODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCL1AmjdYbS6JTUywxq0e557H/P
2PRAq33TNGs7DUHcHm1M/ESCL7K4LDVrDP1689BDwf5nVoqHRSEy4axRYNU48j00
SJgDpe+FaXw+4cqTcVhrkdEvGVC+hh1+8c2c4KznT04V0ZjDUKD9iTNrwXvt/FMd
TxWkNSRCZKH0jzua3NkMNKDYuGP6W+pA8HXdy1/ga96gyichwyLguIt14/eqmT4S
RUYVPyODw8eRb1TiaxirAWrBhj+E8n/VZy2DHsko/yGv8zoptw2r2JfI4dXurm7A
r6pHLcyE+B6O92NuiElxcbsj1kzWQSQDhxbbbp1S3Fv0bdlcwj0XwoV7/CPFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUf+Sp3HVakruy7VHAhK70qdIYM4cwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzIzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7OEwDQYJKoZIhvcNAQELBQADggEBADEqBxJh8SmNEb5A9GoN2QNlMQoGkONG
viZ6mCFb4taHlRHBX8yQiS4OfyY2M4h4SJVOAyQsQp9WXzHIuZTqghNaFesA4dDE
YTi69GRPduR9PVEBdTF02K63pucI2KULovw0bnZBTzjIuEBgPVYP8qemknfDe30u
EGh8U7P+W1H3sW6YHNGnTfAIBKlo6+Mzk4TtGE0ftHK42qXLvhxFtcahrOc+Mkrw
ZCvaGEgbcWsJz2umJCU7CV0wpwRZVTGc1/BdnGzGsz9Ni4qWZYtuOXA8qZ3SwB0X
8KHkwH+T5/CyLnd0Oci2NtdqYjTtfxEVqDNADoG246jxvMJaupYJ59c=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:53:28 2026 by rpki-client