Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232372e302f32342d3234203d3e203136353039.roa
File: 3137382e3233362e3232372e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: VnGJ5//x+EFhKJMb3ZAld7d7CF6EreU1gC/ATQCq4mA=
Subject key identifier: 89:16:63:C0:A4:2C:1C:DB:E4:31:22:ED:B8:CB:09:6C:7B:15:9C:73
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 2B3E21429AAA8EDB79278F0CDEFFD35B7CB577BA
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232372e302f32342d3234203d3e203136353039.roa
Signing time: Wed 08 Apr 2026 11:50:10 +0000
ROA not before: Wed 08 Apr 2026 11:45:10 +0000
ROA not after: Wed 07 Apr 2027 11:50:10 +0000
asID: 16509
IP address blocks: 178.236.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:3e:21:42:9a:aa:8e:db:79:27:8f:0c:de:ff:d3:5b:7c:b5:77:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 8 11:45:10 2026 GMT
Not After : Apr 7 11:50:10 2027 GMT
Subject: CN=891663C0A42C1CDBE43122EDB8CB096C7B159C73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f8:63:03:fb:57:bd:21:01:c8:6c:fd:1e:61:
ac:f5:fe:13:18:06:bc:a6:02:f4:0c:42:8f:69:3e:
30:da:9a:20:8c:41:d2:ab:98:93:a7:d0:81:8c:e2:
9c:b3:4c:3e:f0:5e:e3:52:db:94:ee:69:cf:1c:f5:
94:50:bd:e3:cc:b2:e2:79:37:fa:b7:f9:81:07:cc:
74:a4:71:1c:c8:8c:d3:04:fa:5d:d2:62:8a:30:71:
fa:58:db:22:41:db:81:6d:de:21:c2:91:4c:08:89:
44:5f:5c:b2:b6:6e:f1:f9:73:c6:2b:af:bf:33:72:
0c:3e:05:64:2e:a9:04:dd:a4:0e:12:90:8a:61:ec:
ab:2e:96:30:6e:d4:2f:e4:2b:52:36:69:ac:c0:34:
af:74:4f:5f:58:0a:f4:c2:33:78:24:cf:e0:db:1e:
df:d2:ab:fd:fb:af:e7:b8:a4:e3:70:23:1d:94:42:
bb:8c:ab:9b:0c:e8:66:f1:97:42:7c:b7:58:49:47:
60:13:fb:1f:8c:4c:3a:d8:13:fa:47:1b:c0:64:3b:
54:8d:2c:f8:9b:d7:2d:11:45:cd:ae:c4:57:33:f7:
35:29:77:6e:17:b0:0f:12:71:83:a9:be:78:e6:27:
2b:13:fc:4b:2b:f4:f2:7a:2e:fa:c8:3f:e1:be:ee:
c3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:16:63:C0:A4:2C:1C:DB:E4:31:22:ED:B8:CB:09:6C:7B:15:9C:73
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232372e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.227.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:1a:7b:54:c4:bc:d2:2a:10:20:43:fc:67:b2:1d:7b:22:9c:
a6:a4:23:f5:25:8c:ec:2a:eb:81:1e:a7:c1:3c:5a:6a:ae:68:
39:cd:ac:b6:87:d9:5d:9d:70:80:90:df:73:c5:b3:a7:d5:fc:
b2:9b:76:fe:da:b7:86:a0:0d:ce:f1:f6:17:b3:d8:f5:5f:02:
4d:d1:9c:01:6e:a6:45:f1:11:9d:de:12:1e:55:10:52:ab:0c:
5e:77:fb:63:58:ac:0a:86:44:c3:cb:ee:20:5c:c0:4f:f6:ad:
b2:19:ca:f4:04:fb:40:05:92:94:15:b8:d7:dc:1b:5b:b8:6e:
c7:8d:0b:c4:e6:5a:99:d2:2c:e3:58:4d:a4:63:7b:ea:29:48:
4c:a3:14:3f:19:ec:f2:f3:25:9d:10:d5:88:94:38:4b:6c:cf:
4e:28:24:86:d9:d7:fa:33:38:4f:53:a6:04:e2:67:8e:d7:15:
12:48:9c:9b:ad:19:a2:97:68:dd:9a:df:e9:58:fe:3e:bd:ce:
d5:7f:0e:f1:35:0a:80:3a:53:1e:02:00:75:be:ce:6a:b9:7b:
f7:03:be:a7:2c:fb:4a:c6:9f:08:0f:f2:fb:44:09:85:0c:95:
6b:7c:25:be:99:94:ff:18:b4:cc:7b:0b:5d:8c:4e:e5:ba:fe:
ec:b9:2f:06
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKz4hQpqqjtt5J48M3v/TW3y1d7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDgxMTQ1MTBaFw0yNzA0MDcxMTUwMTBaMDMxMTAvBgNV
BAMTKDg5MTY2M0MwQTQyQzFDREJFNDMxMjJFREI4Q0IwOTZDN0IxNTlDNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2+GMD+1e9IQHIbP0eYaz1/hMY
BrymAvQMQo9pPjDamiCMQdKrmJOn0IGM4pyzTD7wXuNS25Tuac8c9ZRQvePMsuJ5
N/q3+YEHzHSkcRzIjNME+l3SYoowcfpY2yJB24Ft3iHCkUwIiURfXLK2bvH5c8Yr
r78zcgw+BWQuqQTdpA4SkIph7KsuljBu1C/kK1I2aazANK90T19YCvTCM3gkz+Db
Ht/Sq/37r+e4pONwIx2UQruMq5sM6Gbxl0J8t1hJR2AT+x+MTDrYE/pHG8BkO1SN
LPib1y0RRc2uxFcz9zUpd24XsA8ScYOpvnjmJysT/Esr9PJ6LvrIP+G+7sM9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUiRZjwKQsHNvkMSLtuMsJbHsVnHMwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzIzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7OMwDQYJKoZIhvcNAQELBQADggEBAA8ae1TEvNIqECBD/GeyHXsinKakI/Ul
jOwq64Eep8E8WmquaDnNrLaH2V2dcICQ33PFs6fV/LKbdv7at4agDc7x9hez2PVf
Ak3RnAFupkXxEZ3eEh5VEFKrDF53+2NYrAqGRMPL7iBcwE/2rbIZyvQE+0AFkpQV
uNfcG1u4bseNC8TmWpnSLONYTaRje+opSEyjFD8Z7PLzJZ0Q1YiUOEtsz04oJIbZ
1/ozOE9TpgTiZ47XFRJInJutGaKXaN2a3+lY/j69ztV/DvE1CoA6Ux4CAHW+zmq5
e/cDvqcs+0rGnwgP8vtECYUMlWt8Jb6ZlP8YtMx7C12MTuW6/uy5LwY=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:31:29 2026 by rpki-client