Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/3137362e3130322e3136392e302f32342d3234203d3e20323130353435.roa
File: 3137362e3130322e3136392e302f32342d3234203d3e20323130353435.roa (raw, json)
Hash identifier: qdweDv/ArUKKn+iSNPlMNOmHnjG+yu3hh6MZ3RuN5Ks=
Subject key identifier: 49:28:39:E3:A2:7B:E4:E0:B6:F5:08:FA:31:38:53:8A:4D:97:DC:38
Certificate issuer: /CN=199cdd14c27fbf6b005a0ada004d53cbcb9667ff
Certificate serial: 499ACF38476999D6B41055C215F3096225CA31B6
Authority key identifier: 19:9C:DD:14:C2:7F:BF:6B:00:5A:0A:DA:00:4D:53:CB:CB:96:67:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/3137362e3130322e3136392e302f32342d3234203d3e20323130353435.roa
Signing time: Wed 01 Apr 2026 17:51:35 +0000
ROA not before: Wed 01 Apr 2026 17:46:35 +0000
ROA not after: Wed 31 Mar 2027 17:51:35 +0000
asID: 210545
IP address blocks: 176.102.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.crl
rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.mft
rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 09:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:9a:cf:38:47:69:99:d6:b4:10:55:c2:15:f3:09:62:25:ca:31:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=199cdd14c27fbf6b005a0ada004d53cbcb9667ff
Validity
Not Before: Apr 1 17:46:35 2026 GMT
Not After : Mar 31 17:51:35 2027 GMT
Subject: CN=492839E3A27BE4E0B6F508FA3138538A4D97DC38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0f:83:c2:f7:ea:5c:36:10:45:e5:b9:ab:ed:
f3:51:1e:67:2b:71:be:a1:7c:5a:fa:50:8b:77:4f:
8d:0a:86:90:6c:d1:c2:7e:f6:c0:c3:28:6b:68:c6:
1d:0b:84:4e:30:73:b0:16:5a:b7:0c:b0:ee:80:d5:
24:18:c9:fa:38:1b:15:3f:ba:9d:fe:0f:37:96:90:
2f:f4:2c:e1:1f:a7:1c:86:5d:20:80:97:da:ac:42:
e5:a2:69:de:90:22:07:93:70:dc:c3:52:f2:2d:85:
d4:6a:4b:9d:3d:df:fd:3b:8f:4d:c9:d8:69:c5:fc:
b8:ec:78:a8:33:a6:cb:a1:c0:17:50:33:48:42:ad:
a9:94:4d:e4:8c:f4:58:71:6e:4f:9f:ec:17:2c:32:
e3:f6:00:bb:8c:8e:5a:e7:d9:46:4c:5a:ea:59:af:
b3:78:e0:3f:52:33:8d:5c:2f:b3:77:5d:e2:02:f8:
f5:5c:d6:75:16:f8:9e:8f:61:c8:c9:bf:66:31:8c:
5d:21:26:86:41:ae:ef:42:6e:6d:a7:31:43:a9:0b:
72:4c:31:00:8e:42:62:33:dc:27:64:65:47:cf:49:
f9:7e:4f:f4:f1:25:9e:85:6a:f2:60:03:9c:70:97:
5d:70:b8:d5:c1:8b:b2:2b:fe:96:1f:f9:27:4c:63:
6a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:28:39:E3:A2:7B:E4:E0:B6:F5:08:FA:31:38:53:8A:4D:97:DC:38
X509v3 Authority Key Identifier:
keyid:19:9C:DD:14:C2:7F:BF:6B:00:5A:0A:DA:00:4D:53:CB:CB:96:67:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/3137362e3130322e3136392e302f32342d3234203d3e20323130353435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.102.169.0/24
Signature Algorithm: sha256WithRSAEncryption
47:8f:b7:1c:e4:ad:e8:4d:5e:af:be:d4:84:88:08:6b:8c:71:
3e:11:8a:10:f4:30:7c:0b:b7:f2:fb:55:e4:97:92:f8:64:d8:
72:ee:01:69:4e:30:db:d4:3d:15:f0:67:52:09:0b:85:96:72:
49:db:e8:0f:7c:c3:2e:1a:cd:42:2a:8e:2f:3c:65:00:57:a7:
9a:c0:56:c5:2b:50:91:87:72:4b:a9:86:35:3d:a0:91:4b:76:
8d:c7:99:04:da:54:2d:9c:b7:fc:69:a5:63:af:f9:79:3d:e4:
a6:43:44:69:c1:91:ba:9d:e6:bc:3e:22:53:49:e2:5c:25:dc:
ee:6c:bf:45:45:e1:71:41:8f:05:1f:0e:2c:1b:26:69:b7:5b:
03:de:14:83:77:84:82:75:03:fe:23:64:f3:6e:ee:92:e5:23:
05:88:44:4d:0b:d1:90:ab:d5:ec:77:fe:6b:fe:56:2d:f7:40:
68:0c:b0:20:22:cb:ad:ed:b0:a9:42:7f:6d:07:6e:92:e2:9a:
00:4b:47:e3:68:46:55:e1:a5:01:fb:e9:88:be:f1:7d:03:92:
76:64:7e:bd:cf:af:d4:ee:e6:ed:68:f1:62:1e:23:a7:c9:95:
72:4e:38:e2:d9:e5:4f:18:67:a6:90:54:17:6b:33:b9:6c:36:
34:99:7b:3c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSZrPOEdpmda0EFXCFfMJYiXKMbYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTk5Y2RkMTRjMjdmYmY2YjAwNWEwYWRhMDA0ZDUzY2Jj
Yjk2NjdmZjAeFw0yNjA0MDExNzQ2MzVaFw0yNzAzMzExNzUxMzVaMDMxMTAvBgNV
BAMTKDQ5MjgzOUUzQTI3QkU0RTBCNkY1MDhGQTMxMzg1MzhBNEQ5N0RDMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrD4PC9+pcNhBF5bmr7fNRHmcr
cb6hfFr6UIt3T40KhpBs0cJ+9sDDKGtoxh0LhE4wc7AWWrcMsO6A1SQYyfo4GxU/
up3+DzeWkC/0LOEfpxyGXSCAl9qsQuWiad6QIgeTcNzDUvIthdRqS5093/07j03J
2GnF/LjseKgzpsuhwBdQM0hCramUTeSM9Fhxbk+f7BcsMuP2ALuMjlrn2UZMWupZ
r7N44D9SM41cL7N3XeIC+PVc1nUW+J6PYcjJv2YxjF0hJoZBru9Cbm2nMUOpC3JM
MQCOQmIz3CdkZUfPSfl+T/TxJZ6FavJgA5xwl11wuNXBi7Ir/pYf+SdMY2oLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUSSg546J75OC29Qj6MThTik2X3DgwHwYDVR0j
BBgwFoAUGZzdFMJ/v2sAWgraAE1Ty8uWZ/8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzIwMjNjNTMtMTg0Yi00ODRiLWI2NzYtNTk4ZjY0ZDg4
ZjIyLzAvMTk5Q0REMTRDMjdGQkY2QjAwNUEwQURBMDA0RDUzQ0JDQjk2NjdGRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0daemRGTUpfdjJzQVdncmFBRTFUeTh1
V1pfOC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzIwMjNjNTMt
MTg0Yi00ODRiLWI2NzYtNTk4ZjY0ZDg4ZjIyLzAvMzEzNzM2MmUzMTMwMzIyZTMx
MzYzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMDM1MzQzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALBmqTANBgkqhkiG9w0BAQsFAAOCAQEAR4+3HOSt6E1er77UhIgIa4xxPhGK
EPQwfAu38vtV5JeS+GTYcu4BaU4w29Q9FfBnUgkLhZZySdvoD3zDLhrNQiqOLzxl
AFenmsBWxStQkYdyS6mGNT2gkUt2jceZBNpULZy3/GmlY6/5eT3kpkNEacGRup3m
vD4iU0niXCXc7my/RUXhcUGPBR8OLBsmabdbA94Ug3eEgnUD/iNk827ukuUjBYhE
TQvRkKvV7Hf+a/5WLfdAaAywICLLre2wqUJ/bQdukuKaAEtH42hGVeGlAfvpiL7x
fQOSdmR+vc+v1O7m7WjxYh4jp8mVck444tnlTxhnppBUF2szuWw2NJl7PA==
-----END CERTIFICATE-----
Generated at Tue Apr 7 22:29:30 2026 by rpki-client