Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233372e302f32342d3234203d3e203137353631.roa
File: 3137382e3233362e3233372e302f32342d3234203d3e203137353631.roa (raw, json)
Hash identifier: fHBBYbGG2NzQNQY3fmD8FeYtYam6rWl3rBV+v3fAJU4=
Subject key identifier: 60:24:6E:4A:36:69:5C:5D:0C:21:EC:1C:98:22:F9:D7:CB:C8:2F:15
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 56154A40EE796D9319A36AFB22A841AF636AE52D
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233372e302f32342d3234203d3e203137353631.roa
Signing time: Thu 09 Apr 2026 08:33:16 +0000
ROA not before: Thu 09 Apr 2026 08:28:16 +0000
ROA not after: Thu 08 Apr 2027 08:33:16 +0000
asID: 17561
IP address blocks: 178.236.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:15:4a:40:ee:79:6d:93:19:a3:6a:fb:22:a8:41:af:63:6a:e5:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 9 08:28:16 2026 GMT
Not After : Apr 8 08:33:16 2027 GMT
Subject: CN=60246E4A36695C5D0C21EC1C9822F9D7CBC82F15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ed:ac:20:26:08:8e:14:63:94:7d:9a:a7:e2:
36:c5:04:b8:34:3b:d9:8b:18:26:57:12:1c:0b:4b:
08:96:cc:e1:be:97:9f:be:20:59:31:9e:3c:79:06:
db:3e:04:b1:b6:83:d8:51:3a:bd:00:f8:ae:3a:a0:
ca:2c:4c:7d:1b:bf:bf:f4:fa:7c:36:68:e0:b7:ec:
a3:67:14:19:63:d6:9c:27:6c:c7:e1:08:d8:14:fc:
0d:2a:a2:e6:fe:d4:da:46:c0:13:98:75:a7:fa:fb:
84:83:8e:05:83:a0:39:ab:b3:10:89:a6:70:fc:b5:
e5:65:94:24:be:8d:8d:70:02:aa:50:d7:56:02:27:
af:37:6f:24:a0:e6:f1:91:8d:e3:41:7f:f5:f5:d7:
d9:13:97:7f:14:89:0d:4b:94:d3:01:7b:00:b9:25:
f2:e3:7b:de:84:fe:74:a3:fd:90:4c:61:01:5c:90:
d2:e1:60:2a:6f:48:20:b7:80:a2:f4:03:58:ed:2e:
e7:64:a2:a2:cf:d5:ad:b0:59:74:ef:23:68:85:60:
af:65:68:41:7d:e1:dc:1c:2c:14:23:bb:87:a4:a7:
0b:36:6f:20:97:a3:57:89:6e:3e:c5:43:4b:07:44:
c5:8f:01:05:a8:9b:06:79:0e:6a:2c:61:66:33:08:
60:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:24:6E:4A:36:69:5C:5D:0C:21:EC:1C:98:22:F9:D7:CB:C8:2F:15
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233372e302f32342d3234203d3e203137353631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.237.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f1:f3:77:07:f1:27:f6:04:77:4c:c6:2d:c0:5b:1f:38:80:
11:a8:ef:1c:0b:ab:b4:2b:19:4a:ee:50:a0:73:29:88:dc:9f:
5c:89:98:c6:5d:97:63:7c:b5:3f:a1:1b:07:0a:cf:3a:49:08:
60:d2:43:32:48:cd:b4:b9:88:b5:b3:52:f2:3d:b7:20:bb:74:
73:09:af:2a:bf:d5:28:63:b4:d5:57:fb:ec:89:9d:ab:df:7c:
c9:da:cf:95:f2:0a:be:9d:ca:7e:63:d1:a6:c1:37:b9:44:dd:
b1:dc:27:84:19:0c:f9:2e:c1:0f:c5:60:09:08:8d:b0:16:6b:
3b:86:0a:cf:34:b4:e2:df:c3:61:37:6b:97:33:d5:ff:e4:a7:
3c:60:4e:96:e3:4d:16:cb:e2:6e:e3:07:e0:3b:5d:ba:e6:1c:
eb:5a:c9:18:01:4a:e5:7a:62:4d:c9:93:a2:28:4e:a9:d9:cf:
cf:f8:fa:9b:d4:03:f3:3e:90:1d:e3:58:dc:e4:ac:c8:6a:6f:
50:a8:d3:0f:30:b5:2f:89:b8:cb:3f:eb:89:ca:f8:b2:c0:63:
be:78:3a:30:1a:91:58:0c:73:45:04:35:f5:a2:4e:69:6c:70:
f7:cf:ca:45:06:2d:91:f1:bc:ce:67:90:34:82:aa:de:15:66:
ac:d4:8d:74
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVhVKQO55bZMZo2r7IqhBr2Nq5S0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDkwODI4MTZaFw0yNzA0MDgwODMzMTZaMDMxMTAvBgNV
BAMTKDYwMjQ2RTRBMzY2OTVDNUQwQzIxRUMxQzk4MjJGOUQ3Q0JDODJGMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc7awgJgiOFGOUfZqn4jbFBLg0
O9mLGCZXEhwLSwiWzOG+l5++IFkxnjx5Bts+BLG2g9hROr0A+K46oMosTH0bv7/0
+nw2aOC37KNnFBlj1pwnbMfhCNgU/A0qoub+1NpGwBOYdaf6+4SDjgWDoDmrsxCJ
pnD8teVllCS+jY1wAqpQ11YCJ683bySg5vGRjeNBf/X119kTl38UiQ1LlNMBewC5
JfLje96E/nSj/ZBMYQFckNLhYCpvSCC3gKL0A1jtLudkoqLP1a2wWXTvI2iFYK9l
aEF94dwcLBQju4ekpws2byCXo1eJbj7FQ0sHRMWPAQWomwZ5DmosYWYzCGA1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYCRuSjZpXF0MIewcmCL518vILxUwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzczNTM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7O0wDQYJKoZIhvcNAQELBQADggEBAGvx83cH8Sf2BHdMxi3AWx84gBGo7xwL
q7QrGUruUKBzKYjcn1yJmMZdl2N8tT+hGwcKzzpJCGDSQzJIzbS5iLWzUvI9tyC7
dHMJryq/1ShjtNVX++yJnavffMnaz5XyCr6dyn5j0abBN7lE3bHcJ4QZDPkuwQ/F
YAkIjbAWazuGCs80tOLfw2E3a5cz1f/kpzxgTpbjTRbL4m7jB+A7XbrmHOtayRgB
SuV6Yk3Jk6IoTqnZz8/4+pvUA/M+kB3jWNzkrMhqb1Co0w8wtS+JuMs/64nK+LLA
Y754OjAakVgMc0UENfWiTmlscPfPykUGLZHxvM5nkDSCqt4VZqzUjXQ=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:31:09 2026 by rpki-client