Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233392e302f32342d3234203d3e203136353039.roa
File: 3137382e3233362e3233392e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: cMFFY6a6WGGwVpE9OONltKLNaqlkFqqAE9xOwe8uKmY=
Subject key identifier: 7D:B7:E7:5C:C9:E7:CE:21:18:C7:DF:30:98:36:6A:E0:32:6A:47:CE
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 2AE692A0931699D7F5484AC9A52FD7A13F1DD5CD
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233392e302f32342d3234203d3e203136353039.roa
Signing time: Wed 08 Apr 2026 11:44:47 +0000
ROA not before: Wed 08 Apr 2026 11:39:47 +0000
ROA not after: Wed 07 Apr 2027 11:44:47 +0000
asID: 16509
IP address blocks: 178.236.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:e6:92:a0:93:16:99:d7:f5:48:4a:c9:a5:2f:d7:a1:3f:1d:d5:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Apr 8 11:39:47 2026 GMT
Not After : Apr 7 11:44:47 2027 GMT
Subject: CN=7DB7E75CC9E7CE2118C7DF3098366AE0326A47CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3f:36:f9:c9:3c:0b:2b:70:ac:36:86:da:c5:
9b:86:b2:b5:81:73:9c:92:b3:9a:94:e9:5c:1c:f0:
30:11:a5:c7:d4:bb:88:f1:a7:94:3a:82:bf:3f:ca:
71:b7:d0:65:1a:cb:5e:eb:01:81:88:de:de:ee:75:
bf:8a:c7:58:8b:d9:84:6e:77:85:21:36:bd:9c:bf:
c1:a5:43:37:72:9e:ba:73:e1:3d:0c:42:b4:0d:97:
c9:6e:73:12:30:37:5a:d5:ff:d0:1c:a8:14:8d:d6:
a2:44:0d:c1:92:70:ff:1c:ef:66:74:13:d0:dc:fb:
0c:8f:20:70:b8:94:9f:1e:f1:de:ef:27:2f:e2:64:
51:68:10:31:3e:fd:84:5a:45:d0:da:c8:42:6a:a2:
21:2d:a2:d7:df:e8:66:69:d4:05:b6:f5:56:38:87:
f2:83:c3:85:55:64:6c:b5:f6:6a:f2:f9:21:c8:7f:
a3:87:c8:34:4f:a9:56:c5:5e:e5:0f:56:f3:2a:ef:
ee:80:7a:87:77:bc:35:69:70:86:99:23:cf:6d:aa:
43:b2:2f:07:b7:44:d1:02:8e:2c:91:b5:43:aa:6f:
dd:e7:d2:17:21:a4:8f:32:c6:99:7a:47:f9:f8:61:
49:c4:3d:98:1b:27:16:34:10:cb:98:31:6b:6e:23:
d3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:B7:E7:5C:C9:E7:CE:21:18:C7:DF:30:98:36:6A:E0:32:6A:47:CE
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233392e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.239.0/24
Signature Algorithm: sha256WithRSAEncryption
69:c2:76:57:db:e3:43:30:b6:80:cb:12:83:a6:44:a9:c1:d9:
3b:85:77:70:60:ec:db:4b:68:b9:e7:46:f2:54:b7:5c:9f:3b:
48:6e:8c:7a:3e:71:01:ef:40:73:46:97:60:62:f7:9c:15:a0:
25:f1:e2:35:00:7b:31:35:ad:6c:77:7a:d2:6a:64:ef:38:f3:
d2:0d:1c:fa:e6:28:fe:e9:a8:00:23:ef:cf:9d:d6:e1:e7:91:
b0:b2:e7:eb:b4:d6:6b:cb:4a:5b:9a:cb:06:c4:04:81:96:cb:
e2:d1:e2:55:93:fc:96:e3:ad:0b:79:c8:f3:a4:fb:7d:2b:69:
ad:d1:82:3b:ca:d2:0a:43:6e:20:0c:c4:72:db:85:6e:21:0a:
c1:5a:8d:c7:8f:2d:5c:71:24:3f:65:e7:60:4b:69:d0:ce:58:
c7:85:05:65:f6:10:e6:74:ff:7d:c0:db:db:3f:2d:b5:bd:8a:
14:5d:16:27:99:00:3a:04:ec:97:58:2f:44:ff:58:ee:f7:c3:
61:77:39:58:86:f9:5f:8f:a8:22:db:1f:1d:52:23:b4:f1:41:
6a:23:4d:e8:0e:8e:eb:fa:22:b0:c7:76:52:e0:40:e1:9b:cb:
40:fa:d1:b2:73:8b:31:47:e9:31:60:d9:2d:d7:92:ba:a6:99:
06:42:ea:63
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKuaSoJMWmdf1SErJpS/XoT8d1c0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA0MDgxMTM5NDdaFw0yNzA0MDcxMTQ0NDdaMDMxMTAvBgNV
BAMTKDdEQjdFNzVDQzlFN0NFMjExOEM3REYzMDk4MzY2QUUwMzI2QTQ3Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIPzb5yTwLK3CsNobaxZuGsrWB
c5ySs5qU6Vwc8DARpcfUu4jxp5Q6gr8/ynG30GUay17rAYGI3t7udb+Kx1iL2YRu
d4UhNr2cv8GlQzdynrpz4T0MQrQNl8lucxIwN1rV/9AcqBSN1qJEDcGScP8c72Z0
E9Dc+wyPIHC4lJ8e8d7vJy/iZFFoEDE+/YRaRdDayEJqoiEtotff6GZp1AW29VY4
h/KDw4VVZGy19mry+SHIf6OHyDRPqVbFXuUPVvMq7+6Aeod3vDVpcIaZI89tqkOy
Lwe3RNECjiyRtUOqb93n0hchpI8yxpl6R/n4YUnEPZgbJxY0EMuYMWtuI9P7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUfbfnXMnnziEYx98wmDZq4DJqR84wHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7O8wDQYJKoZIhvcNAQELBQADggEBAGnCdlfb40MwtoDLEoOmRKnB2TuFd3Bg
7NtLaLnnRvJUt1yfO0hujHo+cQHvQHNGl2Bi95wVoCXx4jUAezE1rWx3etJqZO84
89INHPrmKP7pqAAj78+d1uHnkbCy5+u01mvLSluaywbEBIGWy+LR4lWT/JbjrQt5
yPOk+30raa3RgjvK0gpDbiAMxHLbhW4hCsFajcePLVxxJD9l52BLadDOWMeFBWX2
EOZ0/33A29s/LbW9ihRdFieZADoE7JdYL0T/WO73w2F3OViG+V+PqCLbHx1SI7Tx
QWojTegOjuv6IrDHdlLgQOGby0D60bJzizFH6TFg2S3XkrqmmQZC6mM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:41:25 2026 by rpki-client