Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232382e302f32322d3232203d3e203335393136.roa
File: 3137382e3233362e3232382e302f32322d3232203d3e203335393136.roa (raw, json)
Hash identifier: A62qyB1loeqHPOgqTh+NyCLJ9k3Q15qAZyXGth/Mn84=
Subject key identifier: 4D:CC:2A:87:A7:73:07:3D:DC:DB:2E:84:FA:67:70:4D:62:5B:00:79
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 5A947073C1E77029FC94A8E71DE492F46BE0D6C6
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232382e302f32322d3232203d3e203335393136.roa
Signing time: Wed 08 Apr 2026 11:47:16 +0000
ROA not before: Wed 08 Apr 2026 11:42:16 +0000
ROA not after: Wed 07 Apr 2027 11:47:16 +0000
asID: 35916
IP address blocks: 178.236.228.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:94:70:73:c1:e7:70:29:fc:94:a8:e7:1d:e4:92:f4:6b:e0:d6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 8 11:42:16 2026 GMT
Not After : Apr 7 11:47:16 2027 GMT
Subject: CN=4DCC2A87A773073DDCDB2E84FA67704D625B0079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6b:03:d1:3e:dc:f5:69:ce:49:0a:e9:5d:72:
3a:1f:92:e5:25:36:27:5a:f1:77:50:9c:3b:bb:99:
2d:e5:88:97:d9:19:8a:8e:16:56:53:39:ed:42:8b:
25:28:42:c7:0b:2a:2d:7a:16:3c:ab:25:d7:f2:df:
a1:49:78:a5:7c:23:27:41:cd:7b:4c:a2:ec:9b:13:
eb:79:ca:b8:24:a4:6a:76:ab:d4:6b:a2:37:a9:62:
d0:90:db:4e:58:0d:0a:41:a8:b5:78:4e:46:9d:8e:
fe:bc:5f:9d:b0:f6:c6:b4:c9:06:4b:a2:aa:72:d0:
42:be:d0:83:c8:a8:3f:67:51:46:8c:5f:72:6c:b3:
42:c0:8f:2f:ff:d2:a9:b4:73:2e:74:06:e2:29:e5:
2a:9a:76:d9:82:b3:65:cf:bc:ea:ff:88:c8:bd:25:
99:a1:9d:c7:31:d5:be:af:cf:44:6b:45:22:40:56:
21:09:0a:41:19:90:c9:bf:6b:57:b6:05:1f:0e:db:
b7:b7:d2:12:12:fb:ff:a0:b0:ed:90:11:35:91:ef:
8b:75:de:b1:92:4d:8e:6d:37:08:b3:e2:c5:32:37:
cc:65:6f:c9:58:5b:ec:2f:7c:e0:e9:ab:66:33:05:
b8:18:4b:c1:b4:13:31:24:fd:2e:ec:c9:90:d7:d0:
34:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CC:2A:87:A7:73:07:3D:DC:DB:2E:84:FA:67:70:4D:62:5B:00:79
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232382e302f32322d3232203d3e203335393136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.228.0/22
Signature Algorithm: sha256WithRSAEncryption
76:2a:b4:82:c8:31:44:52:08:1e:1e:ea:91:2e:21:10:4c:c8:
49:0d:b0:97:b2:77:35:0c:d0:e3:9b:7a:22:d5:d0:05:72:58:
78:96:3c:9b:1a:42:39:af:d4:61:09:1a:1a:89:97:81:1f:11:
81:27:77:ce:23:1a:b2:7f:c4:56:7a:a4:69:08:ad:c8:b9:ce:
50:d0:f4:95:1b:32:ba:2c:eb:95:af:c3:ce:df:57:40:60:57:
7a:cd:42:75:c0:01:c2:12:ce:4d:79:34:df:8f:95:71:f5:db:
fa:4c:cd:f2:ea:3e:0b:a9:09:72:9f:ca:8b:59:92:71:5c:20:
e4:87:dc:09:84:8f:9b:c7:b0:4e:e2:51:21:79:f4:ec:dc:5c:
85:4a:ef:17:54:8b:ae:f4:58:4c:3b:b8:67:3c:4c:1d:08:f2:
49:51:84:e8:ab:cf:67:e8:c1:29:3b:60:0e:da:c2:33:06:1f:
72:b4:d2:78:58:ea:b5:c7:df:3a:1b:66:9a:e5:4c:9e:6f:87:
4e:f4:2e:07:35:4e:93:87:ad:0d:8b:88:20:be:45:f8:6c:31:
94:eb:e6:c9:f8:07:0c:fb:25:99:22:90:8d:bd:99:79:87:c1:
67:d0:e4:bd:c7:af:a9:a2:43:3b:e9:06:c5:58:18:02:8c:12:
80:1e:bd:ad
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWpRwc8HncCn8lKjnHeSS9Gvg1sYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDgxMTQyMTZaFw0yNzA0MDcxMTQ3MTZaMDMxMTAvBgNV
BAMTKDREQ0MyQTg3QTc3MzA3M0REQ0RCMkU4NEZBNjc3MDRENjI1QjAwNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfawPRPtz1ac5JCuldcjofkuUl
Nida8XdQnDu7mS3liJfZGYqOFlZTOe1CiyUoQscLKi16FjyrJdfy36FJeKV8IydB
zXtMouybE+t5yrgkpGp2q9RrojepYtCQ205YDQpBqLV4Tkadjv68X52w9sa0yQZL
oqpy0EK+0IPIqD9nUUaMX3Jss0LAjy//0qm0cy50BuIp5SqadtmCs2XPvOr/iMi9
JZmhnccx1b6vz0RrRSJAViEJCkEZkMm/a1e2BR8O27e30hIS+/+gsO2QETWR74t1
3rGSTY5tNwiz4sUyN8xlb8lYW+wvfODpq2YzBbgYS8G0EzEk/S7syZDX0DQlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTcwqh6dzBz3c2y6E+mdwTWJbAHkwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzIzODJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMzMzUzOTMxMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKy7OQwDQYJKoZIhvcNAQELBQADggEBAHYqtILIMURSCB4e6pEuIRBMyEkNsJey
dzUM0OObeiLV0AVyWHiWPJsaQjmv1GEJGhqJl4EfEYEnd84jGrJ/xFZ6pGkIrci5
zlDQ9JUbMros65Wvw87fV0BgV3rNQnXAAcISzk15NN+PlXH12/pMzfLqPgupCXKf
yotZknFcIOSH3AmEj5vHsE7iUSF59OzcXIVK7xdUi670WEw7uGc8TB0I8klRhOir
z2fowSk7YA7awjMGH3K00nhY6rXH3zobZprlTJ5vh070Lgc1TpOHrQ2LiCC+Rfhs
MZTr5sn4Bwz7JZkikI29mXmHwWfQ5L3Hr6miQzvpBsVYGAKMEoAeva0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:18:52 2026 by rpki-client