Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233362e302f32342d3234203d3e203136353039.roa
File: 3137382e3233362e3233362e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: 0Mm/V7Wp1ZSi2mt8rDpaa6kvf12GFpAfRZvXodrVnHg=
Subject key identifier: C5:8C:18:AD:3E:BF:F3:23:D4:3E:D7:9C:F1:18:E9:EC:20:81:DC:C0
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 2C18911EB0BAF780532C1610EA8E44829FB74326
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233362e302f32342d3234203d3e203136353039.roa
Signing time: Wed 08 Apr 2026 11:48:33 +0000
ROA not before: Wed 08 Apr 2026 11:43:33 +0000
ROA not after: Wed 07 Apr 2027 11:48:33 +0000
asID: 16509
IP address blocks: 178.236.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:18:91:1e:b0:ba:f7:80:53:2c:16:10:ea:8e:44:82:9f:b7:43:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 8 11:43:33 2026 GMT
Not After : Apr 7 11:48:33 2027 GMT
Subject: CN=C58C18AD3EBFF323D43ED79CF118E9EC2081DCC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0f:8c:e5:38:3e:b1:72:73:42:92:62:bc:65:
08:7f:1a:93:86:35:ee:e9:b0:0c:13:5c:81:ee:0b:
28:c4:63:ba:af:94:0d:2d:00:04:d5:01:13:92:2d:
f2:ae:ed:1b:6d:3a:b2:47:5d:54:bb:a8:ed:7c:de:
d2:be:ba:98:bd:f2:72:00:ec:c5:0b:e7:1a:8b:fa:
67:13:f5:ed:8e:3c:36:30:6e:37:ff:d2:80:47:24:
d0:86:a2:db:30:95:a7:d3:e5:9a:92:7e:da:a4:e8:
2a:3c:63:d4:20:d0:ca:7b:41:7e:b9:02:43:3f:fb:
9c:e2:ed:32:33:62:1c:da:07:54:88:ca:91:64:eb:
4f:ec:0d:4f:93:8b:a6:9c:b4:d7:f1:22:6a:ae:13:
ef:25:1a:24:a7:bd:c7:9b:e1:a2:7c:ff:3d:65:a2:
34:96:42:c4:7a:89:e4:32:59:94:06:d6:1c:37:04:
19:f3:37:3b:2a:b2:c7:fe:b5:fa:15:d0:5a:a6:71:
91:93:c3:7e:73:f8:d0:93:18:72:41:35:f7:15:95:
3b:1f:54:79:c6:41:f7:68:9c:28:b5:f3:2c:7b:35:
9a:2c:cc:c2:27:f6:aa:5a:f3:68:6a:41:a7:52:4d:
53:d3:36:64:04:e2:32:f6:76:34:09:69:4c:56:a6:
ac:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8C:18:AD:3E:BF:F3:23:D4:3E:D7:9C:F1:18:E9:EC:20:81:DC:C0
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233362e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.236.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:b9:a6:18:d4:e8:e8:90:4c:68:e1:e0:11:2c:9b:8f:cc:58:
87:c7:56:cd:92:72:5a:f3:d1:6e:0d:17:22:ab:ea:6a:5b:95:
4b:66:5e:92:b8:3d:2f:f3:33:20:17:66:ab:90:a4:03:83:b3:
36:ec:89:7b:d8:eb:2e:cf:6c:4a:fe:46:92:dc:af:2a:43:02:
68:a6:90:78:a1:34:9c:28:24:ab:1b:05:46:b7:33:66:42:97:
0c:c8:a5:9a:df:d6:0d:f0:71:39:af:58:22:48:9c:40:3b:3d:
1d:02:bc:9f:22:0f:9c:f5:eb:f4:e1:3a:e5:b2:1f:48:4b:ae:
8c:a6:20:eb:7d:78:26:1c:96:aa:64:0c:f4:ea:ca:b8:4b:a0:
62:9e:63:16:8f:0b:21:d7:87:67:fa:cb:69:8f:fd:db:46:37:
dc:18:da:f4:1b:95:7e:5b:ed:1d:06:70:b7:5b:d9:43:fa:f4:
f4:e8:50:db:35:eb:3a:c7:87:68:e9:e7:6d:6f:af:7d:a0:a4:
ba:4d:06:ab:96:74:3e:c6:b3:cc:a5:64:fd:55:5e:8f:e6:15:
55:52:91:ce:3e:71:88:94:c5:f9:3a:6b:2a:90:18:b4:16:dd:
40:72:6f:d0:ea:aa:23:24:41:82:b2:07:44:fe:30:71:da:a9:
fb:9d:ab:32
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULBiRHrC694BTLBYQ6o5Egp+3QyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDgxMTQzMzNaFw0yNzA0MDcxMTQ4MzNaMDMxMTAvBgNV
BAMTKEM1OEMxOEFEM0VCRkYzMjNENDNFRDc5Q0YxMThFOUVDMjA4MURDQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDED4zlOD6xcnNCkmK8ZQh/GpOG
Ne7psAwTXIHuCyjEY7qvlA0tAATVAROSLfKu7RttOrJHXVS7qO183tK+upi98nIA
7MUL5xqL+mcT9e2OPDYwbjf/0oBHJNCGotswlafT5ZqSftqk6Co8Y9Qg0Mp7QX65
AkM/+5zi7TIzYhzaB1SIypFk60/sDU+Ti6actNfxImquE+8lGiSnvceb4aJ8/z1l
ojSWQsR6ieQyWZQG1hw3BBnzNzsqssf+tfoV0FqmcZGTw35z+NCTGHJBNfcVlTsf
VHnGQfdonCi18yx7NZoszMIn9qpa82hqQadSTVPTNmQE4jL2djQJaUxWpqzTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxYwYrT6/8yPUPtec8Rjp7CCB3MAwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7OwwDQYJKoZIhvcNAQELBQADggEBAB65phjU6OiQTGjh4BEsm4/MWIfHVs2S
clrz0W4NFyKr6mpblUtmXpK4PS/zMyAXZquQpAODszbsiXvY6y7PbEr+RpLcrypD
AmimkHihNJwoJKsbBUa3M2ZClwzIpZrf1g3wcTmvWCJInEA7PR0CvJ8iD5z16/Th
OuWyH0hLroymIOt9eCYclqpkDPTqyrhLoGKeYxaPCyHXh2f6y2mP/dtGN9wY2vQb
lX5b7R0GcLdb2UP69PToUNs16zrHh2jp521vr32gpLpNBquWdD7Gs8ylZP1VXo/m
FVVSkc4+cYiUxfk6ayqQGLQW3UByb9DqqiMkQYKyB0T+MHHaqfudqzI=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:02:08 2026 by rpki-client