Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233322e302f32342d3234203d3e20313334353438.roa
File: 3137382e3233362e3233322e302f32342d3234203d3e20313334353438.roa (raw, json)
Hash identifier: 7DgYKwKtLZSr7DRHabJtbuC0B6ix/bKEQ0cR0pfd3rY=
Subject key identifier: 53:30:03:FE:17:0E:64:E2:DA:DA:70:38:52:A2:34:73:C3:8F:9F:8A
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 0650BAF81F0D2C71955A88F9DA4E7DF9C9325DDD
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233322e302f32342d3234203d3e20313334353438.roa
Signing time: Wed 08 Apr 2026 11:47:35 +0000
ROA not before: Wed 08 Apr 2026 11:42:35 +0000
ROA not after: Wed 07 Apr 2027 11:47:35 +0000
asID: 134548
IP address blocks: 178.236.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:50:ba:f8:1f:0d:2c:71:95:5a:88:f9:da:4e:7d:f9:c9:32:5d:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 8 11:42:35 2026 GMT
Not After : Apr 7 11:47:35 2027 GMT
Subject: CN=533003FE170E64E2DADA703852A23473C38F9F8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:91:67:11:28:e5:0a:0f:b3:ce:60:6a:cf:53:
87:c0:a8:9a:23:f1:6a:81:5a:b6:c8:26:ce:f9:55:
b5:4c:d7:58:4f:8f:21:a8:3c:42:5d:4e:66:36:0e:
3c:62:c7:1b:1b:4e:af:18:15:62:a3:8f:c4:8e:b6:
67:75:b7:3a:8f:e5:76:2b:6e:45:e1:81:b9:03:6d:
48:8d:25:cd:eb:5d:32:9d:4f:be:2e:e7:d6:41:76:
c3:39:0d:70:df:d4:6d:cc:d9:01:01:fc:68:36:e6:
18:ea:e7:ca:5b:8c:a0:5f:1d:fa:b8:27:f0:25:76:
7a:47:17:a8:55:86:91:0b:b5:9b:ef:c5:83:99:60:
6d:8a:ed:dc:05:00:fe:9d:43:d2:68:fc:53:d0:49:
e8:08:fc:16:92:16:21:db:bc:30:40:d4:57:d8:1d:
55:9e:3a:37:78:2f:fa:cb:b0:f1:5e:f1:f6:25:52:
6c:b8:f7:22:7e:90:05:cf:f9:b7:50:94:20:92:13:
4c:23:c2:62:2a:ce:98:cc:fd:47:5c:0e:c5:af:ef:
79:3a:09:47:d7:c0:a6:70:ca:52:6c:c0:be:2d:e6:
e5:22:5d:72:08:e4:e7:64:7e:f6:c5:c5:10:76:5b:
cd:a7:e9:90:a3:0b:65:9d:9a:5c:ec:11:04:19:2f:
0f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:30:03:FE:17:0E:64:E2:DA:DA:70:38:52:A2:34:73:C3:8F:9F:8A
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233322e302f32342d3234203d3e20313334353438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.232.0/24
Signature Algorithm: sha256WithRSAEncryption
16:ee:ef:1a:4a:0b:f4:bb:65:6d:41:28:70:bc:87:d7:e0:62:
1f:b9:02:3f:2e:d8:33:b8:9c:8b:1f:ec:58:b2:d0:25:87:5d:
57:ce:ba:e4:e1:18:80:c6:b3:0c:0d:94:7b:01:07:81:60:f4:
77:bb:c8:84:4b:ff:bc:37:88:cb:21:31:22:c7:a5:c5:06:6a:
9d:da:dc:40:47:20:88:49:85:b1:b9:a3:46:0f:88:9f:ce:c0:
f4:82:e1:4f:22:b7:83:7d:d5:60:b6:40:38:f1:6c:f2:d2:70:
c2:ff:3d:1e:41:42:f7:85:83:e5:7f:21:8b:38:de:f1:18:8c:
4b:ab:f0:b5:04:bd:4b:93:06:20:c8:b0:60:4a:df:d5:94:63:
0d:45:98:3d:1a:5a:b5:0d:98:98:de:dc:a0:d9:4c:a2:07:b1:
d5:78:e1:c2:e3:f5:5a:37:a8:9e:43:64:6c:71:54:e4:2b:f4:
70:19:f3:9b:45:d7:2c:6a:dd:36:59:e2:62:8f:ac:07:97:65:
90:88:5e:de:b9:22:ed:dc:68:5e:39:d7:50:3a:24:11:57:26:
71:5a:e0:87:35:40:b9:53:7e:82:42:61:d6:1a:2f:33:41:7b:
f6:cd:72:f5:9f:bd:80:a0:e0:07:2e:52:bc:47:2d:a3:59:a5:
dd:2f:4b:2d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUBlC6+B8NLHGVWoj52k59+ckyXd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDgxMTQyMzVaFw0yNzA0MDcxMTQ3MzVaMDMxMTAvBgNV
BAMTKDUzMzAwM0ZFMTcwRTY0RTJEQURBNzAzODUyQTIzNDczQzM4RjlGOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDckWcRKOUKD7POYGrPU4fAqJoj
8WqBWrbIJs75VbVM11hPjyGoPEJdTmY2DjxixxsbTq8YFWKjj8SOtmd1tzqP5XYr
bkXhgbkDbUiNJc3rXTKdT74u59ZBdsM5DXDf1G3M2QEB/Gg25hjq58pbjKBfHfq4
J/AldnpHF6hVhpELtZvvxYOZYG2K7dwFAP6dQ9Jo/FPQSegI/BaSFiHbvDBA1FfY
HVWeOjd4L/rLsPFe8fYlUmy49yJ+kAXP+bdQlCCSE0wjwmIqzpjM/UdcDsWv73k6
CUfXwKZwylJswL4t5uUiXXII5OdkfvbFxRB2W82n6ZCjC2WdmlzsEQQZLw9nAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUUzAD/hcOZOLa2nA4UqI0c8OPn4owHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNDM1MzQzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALLs6DANBgkqhkiG9w0BAQsFAAOCAQEAFu7vGkoL9LtlbUEocLyH1+BiH7kC
Py7YM7icix/sWLLQJYddV8665OEYgMazDA2UewEHgWD0d7vIhEv/vDeIyyExIsel
xQZqndrcQEcgiEmFsbmjRg+In87A9ILhTyK3g33VYLZAOPFs8tJwwv89HkFC94WD
5X8hizje8RiMS6vwtQS9S5MGIMiwYErf1ZRjDUWYPRpatQ2YmN7coNlMogex1Xjh
wuP1WjeonkNkbHFU5Cv0cBnzm0XXLGrdNlniYo+sB5dlkIhe3rki7dxoXjnXUDok
EVcmcVrghzVAuVN+gkJh1hovM0F79s1y9Z+9gKDgBy5SvEcto1ml3S9LLQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:55:23 2026 by rpki-client