Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233332e302f32342d3234203d3e203137353631.roa
File: 3137382e3233362e3233332e302f32342d3234203d3e203137353631.roa (raw, json)
Hash identifier: IaXCjgu5vZTh/itUXhcfbJx9MSY5NSRMA9XWogXno2s=
Subject key identifier: 19:EE:74:60:43:F0:23:E7:D7:95:1C:0B:B8:B1:7F:4C:C9:5D:D6:99
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 62925A496E31EE538FDB959D9E2E78EA01FE52D8
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233332e302f32342d3234203d3e203137353631.roa
Signing time: Thu 09 Apr 2026 08:33:20 +0000
ROA not before: Thu 09 Apr 2026 08:28:20 +0000
ROA not after: Thu 08 Apr 2027 08:33:20 +0000
asID: 17561
IP address blocks: 178.236.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:92:5a:49:6e:31:ee:53:8f:db:95:9d:9e:2e:78:ea:01:fe:52:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 9 08:28:20 2026 GMT
Not After : Apr 8 08:33:20 2027 GMT
Subject: CN=19EE746043F023E7D7951C0BB8B17F4CC95DD699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:58:6e:74:be:35:6d:ab:d3:8c:ca:07:3d:84:
ea:84:e9:e2:29:60:87:7d:ab:43:ad:1a:d4:f8:0d:
fb:35:5d:b8:cb:3c:e0:5c:24:6b:69:1f:f3:e1:75:
e9:12:61:f8:c3:e0:e4:c8:06:f7:b1:55:55:12:60:
cc:ea:0d:54:31:4a:d5:43:d0:a1:b0:32:b4:c3:2a:
31:06:30:3d:2c:17:11:2c:1b:a5:05:42:33:5f:64:
35:ed:6f:cf:21:d2:e5:60:18:2d:06:88:b3:7e:97:
a7:f0:82:9e:0b:df:86:36:d0:9d:a0:be:f8:4e:fe:
3d:b2:77:4d:5b:b4:ee:96:59:6b:c4:48:ed:47:dc:
05:b9:2f:21:3e:d1:8c:93:78:e3:55:00:6b:6f:13:
94:61:2c:12:e2:11:a3:72:31:20:7f:28:70:01:44:
32:29:21:a9:c7:a8:4d:95:27:4e:7b:11:f4:03:91:
3b:f4:5c:83:d8:7e:26:bd:e4:88:67:cc:47:55:ba:
60:02:3d:e9:e1:cd:81:55:24:06:f1:7a:46:30:21:
c3:68:c5:87:d4:d7:ef:23:05:f6:62:1d:4a:bd:f7:
6f:71:2d:31:3e:26:a1:33:5e:e4:cb:5d:e8:76:6c:
17:88:62:5b:ff:48:a7:fe:21:d6:e4:70:c9:53:0a:
50:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:EE:74:60:43:F0:23:E7:D7:95:1C:0B:B8:B1:7F:4C:C9:5D:D6:99
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233332e302f32342d3234203d3e203137353631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.233.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:17:87:1e:5b:e5:2e:d2:3b:ef:37:a9:fa:55:5f:c0:e0:18:
bb:fa:b8:6a:4d:d3:20:a3:32:5a:e6:25:2f:cb:ba:82:f6:de:
1d:33:ff:f1:84:ae:3b:9c:c7:ec:33:12:33:48:8d:7b:30:b4:
5c:0b:81:7c:99:e1:d3:03:75:8a:98:ae:c3:0e:fc:ee:87:d0:
fc:23:23:d3:53:f3:57:20:9f:a8:06:1e:70:58:f0:0f:56:74:
80:63:d8:c7:e9:82:b6:d3:3e:26:95:0b:ac:c1:12:5b:d1:9e:
0b:0c:8a:bf:81:00:73:de:10:4e:b1:12:2a:85:84:aa:e2:63:
0c:d0:2c:f8:e9:95:ba:70:23:81:ae:1b:74:02:1c:0c:74:17:
8c:91:db:dd:7b:3f:40:0f:a6:35:c7:e1:a5:e7:56:b1:bd:46:
1d:e6:f0:5e:f2:c3:cc:27:8b:0f:64:3b:31:63:cc:7d:e4:f4:
dd:80:9a:02:bc:20:21:25:f7:36:90:87:f9:94:b4:45:22:15:
60:95:29:8a:52:51:61:2d:f5:d5:9b:c9:01:75:ee:60:b7:c8:
e0:a4:a2:60:8a:90:8e:6a:e9:32:6e:d0:5c:fa:14:6b:9f:cf:
a9:6d:42:b7:d9:8e:4e:30:59:ce:14:22:f1:dc:ca:b3:22:c9:
ba:1c:5d:6c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYpJaSW4x7lOP25Wdni546gH+UtgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDkwODI4MjBaFw0yNzA0MDgwODMzMjBaMDMxMTAvBgNV
BAMTKDE5RUU3NDYwNDNGMDIzRTdENzk1MUMwQkI4QjE3RjRDQzk1REQ2OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpWG50vjVtq9OMygc9hOqE6eIp
YId9q0OtGtT4Dfs1XbjLPOBcJGtpH/PhdekSYfjD4OTIBvexVVUSYMzqDVQxStVD
0KGwMrTDKjEGMD0sFxEsG6UFQjNfZDXtb88h0uVgGC0GiLN+l6fwgp4L34Y20J2g
vvhO/j2yd01btO6WWWvESO1H3AW5LyE+0YyTeONVAGtvE5RhLBLiEaNyMSB/KHAB
RDIpIanHqE2VJ057EfQDkTv0XIPYfia95IhnzEdVumACPenhzYFVJAbxekYwIcNo
xYfU1+8jBfZiHUq9929xLTE+JqEzXuTLXeh2bBeIYlv/SKf+IdbkcMlTClCdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUGe50YEPwI+fXlRwLuLF/TMld1pkwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzczNTM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7OkwDQYJKoZIhvcNAQELBQADggEBAGsXhx5b5S7SO+83qfpVX8DgGLv6uGpN
0yCjMlrmJS/LuoL23h0z//GErjucx+wzEjNIjXswtFwLgXyZ4dMDdYqYrsMO/O6H
0PwjI9NT81cgn6gGHnBY8A9WdIBj2MfpgrbTPiaVC6zBElvRngsMir+BAHPeEE6x
EiqFhKriYwzQLPjplbpwI4GuG3QCHAx0F4yR2917P0APpjXH4aXnVrG9Rh3m8F7y
w8wniw9kOzFjzH3k9N2AmgK8ICEl9zaQh/mUtEUiFWCVKYpSUWEt9dWbyQF17mC3
yOCkomCKkI5q6TJu0Fz6FGufz6ltQrfZjk4wWc4UIvHcyrMiybocXWw=
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:47:39 2026 by rpki-client