Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233352e302f32342d3234203d3e203136353039.roa
File: 3137382e3233362e3233352e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: hccha8AKtVyQcbSAnDX8P2RW49RRKPpiXx52OSiKEoE=
Subject key identifier: 4C:2F:AE:7E:22:69:CB:51:E3:6B:0C:CC:76:8A:63:7D:87:3A:F4:14
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 529344EB27A13D68C0C990A2F9CB84355B2F6FF6
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233352e302f32342d3234203d3e203136353039.roa
Signing time: Wed 08 Apr 2026 11:50:24 +0000
ROA not before: Wed 08 Apr 2026 11:45:24 +0000
ROA not after: Wed 07 Apr 2027 11:50:24 +0000
asID: 16509
IP address blocks: 178.236.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:93:44:eb:27:a1:3d:68:c0:c9:90:a2:f9:cb:84:35:5b:2f:6f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 8 11:45:24 2026 GMT
Not After : Apr 7 11:50:24 2027 GMT
Subject: CN=4C2FAE7E2269CB51E36B0CCC768A637D873AF414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:25:a4:93:1b:0d:bc:29:e9:1a:98:cb:f4:c7:
4c:4d:fe:8d:14:7a:02:51:eb:f6:46:53:f8:1d:c0:
56:2a:e5:c8:28:a8:92:c5:1e:2f:15:5b:a9:dc:5e:
33:ab:a9:29:de:ef:8f:99:5d:fc:85:52:d5:f8:94:
1f:0e:f1:b9:62:c1:38:97:4d:38:da:45:0e:c9:53:
7a:6f:fd:f2:d5:dd:16:bf:e8:fc:c0:f3:47:f2:c7:
54:d0:0c:02:ae:73:f8:45:9d:47:22:cb:13:cf:64:
d4:14:80:ea:1b:0f:42:7c:ed:00:3b:ec:5c:e2:cc:
85:65:98:fb:80:70:7c:96:b5:c8:f3:e3:b4:03:9d:
d1:34:de:6c:d9:a0:58:40:85:8e:13:b3:d1:1e:9e:
d9:48:5e:5d:cf:e5:ee:f1:ae:9a:7d:6f:f3:59:85:
a3:9c:10:22:de:1a:19:00:f4:39:51:a3:91:29:e9:
b3:44:cd:e0:68:a4:08:9b:2c:e7:db:a6:7c:a8:2e:
1f:55:26:cc:5e:88:db:fc:84:2c:e6:f1:ab:51:44:
70:de:63:43:02:27:c1:78:5d:38:5e:c5:b3:25:4b:
c4:ce:13:94:6b:dc:c7:8a:03:0a:25:e8:88:4a:9b:
47:24:2e:ab:ec:a3:bf:d7:30:51:f7:ce:6d:ea:f3:
69:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:2F:AE:7E:22:69:CB:51:E3:6B:0C:CC:76:8A:63:7D:87:3A:F4:14
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233352e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.235.0/24
Signature Algorithm: sha256WithRSAEncryption
37:9b:39:1e:73:ec:5a:1d:86:0f:43:be:9f:55:31:b6:c4:4f:
53:52:ba:d6:b2:2f:f6:cf:5e:dd:16:eb:d9:50:8f:7b:5b:62:
43:e4:df:a1:9d:3a:2f:fc:e4:e6:d9:2d:d9:53:ee:a3:43:e0:
8a:c8:06:12:99:ed:9d:c9:66:8d:82:28:29:c1:6b:61:80:64:
fa:ef:88:ba:5a:eb:98:31:46:55:ff:06:61:49:85:25:5d:85:
f0:13:05:39:ed:37:05:8a:33:48:97:5a:01:6c:19:ca:26:3a:
a4:eb:cb:50:60:b6:cf:a6:73:4f:68:88:de:7d:1d:7f:a1:e7:
01:1e:f4:c6:b1:83:9a:aa:8a:7f:8c:71:70:93:20:26:a3:83:
8e:94:9b:71:e3:5a:03:48:84:09:67:ec:0c:09:1c:a6:92:e1:
9f:4e:86:4e:70:37:6e:30:f5:c0:a9:57:d9:ab:a7:27:15:dd:
fc:51:4e:33:00:b1:e9:be:ee:f4:5e:68:14:d6:4f:1d:0a:f2:
14:08:91:69:93:33:31:a6:c7:ad:a3:71:f2:f0:90:89:46:d3:
16:69:4a:8f:ae:7a:54:64:72:56:f5:d0:95:6a:1e:7b:cb:8d:
a4:36:b5:b9:e9:d7:81:6e:e7:c0:af:33:b3:1f:72:46:2d:2c:
18:25:bb:c2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUpNE6yehPWjAyZCi+cuENVsvb/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDgxMTQ1MjRaFw0yNzA0MDcxMTUwMjRaMDMxMTAvBgNV
BAMTKDRDMkZBRTdFMjI2OUNCNTFFMzZCMENDQzc2OEE2MzdEODczQUY0MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrJaSTGw28KekamMv0x0xN/o0U
egJR6/ZGU/gdwFYq5cgoqJLFHi8VW6ncXjOrqSne74+ZXfyFUtX4lB8O8bliwTiX
TTjaRQ7JU3pv/fLV3Ra/6PzA80fyx1TQDAKuc/hFnUciyxPPZNQUgOobD0J87QA7
7FzizIVlmPuAcHyWtcjz47QDndE03mzZoFhAhY4Ts9EentlIXl3P5e7xrpp9b/NZ
haOcECLeGhkA9DlRo5Ep6bNEzeBopAibLOfbpnyoLh9VJsxeiNv8hCzm8atRRHDe
Y0MCJ8F4XThexbMlS8TOE5Rr3MeKAwol6IhKm0ckLqvso7/XMFH3zm3q82llAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUTC+ufiJpy1HjawzMdopjfYc69BQwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7OswDQYJKoZIhvcNAQELBQADggEBADebOR5z7Fodhg9Dvp9VMbbET1NSutay
L/bPXt0W69lQj3tbYkPk36GdOi/85ObZLdlT7qND4IrIBhKZ7Z3JZo2CKCnBa2GA
ZPrviLpa65gxRlX/BmFJhSVdhfATBTntNwWKM0iXWgFsGcomOqTry1Bgts+mc09o
iN59HX+h5wEe9Maxg5qqin+McXCTICajg46Um3HjWgNIhAln7AwJHKaS4Z9Ohk5w
N24w9cCpV9mrpycV3fxRTjMAsem+7vReaBTWTx0K8hQIkWmTMzGmx62jcfLwkIlG
0xZpSo+uelRkclb10JVqHnvLjaQ2tbnp14Fu58CvM7MfckYtLBglu8I=
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:52:45 2026 by rpki-client