Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/3137362e3130322e3137302e302f32342d3234203d3e20323130353435.roa
File: 3137362e3130322e3137302e302f32342d3234203d3e20323130353435.roa (raw, json)
Hash identifier: iLAOFktgeNi6FXUckFRcsh0irPGm/7n9N5v2nHd4bNg=
Subject key identifier: E5:4E:C5:47:90:2F:54:29:E4:D4:0A:08:6D:46:C6:F1:17:92:0A:12
Certificate issuer: /CN=199cdd14c27fbf6b005a0ada004d53cbcb9667ff
Certificate serial: 51E20B375E4E2D57E256C455A6FE432AF5933E42
Authority key identifier: 19:9C:DD:14:C2:7F:BF:6B:00:5A:0A:DA:00:4D:53:CB:CB:96:67:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/3137362e3130322e3137302e302f32342d3234203d3e20323130353435.roa
Signing time: Wed 01 Apr 2026 17:52:24 +0000
ROA not before: Wed 01 Apr 2026 17:47:24 +0000
ROA not after: Wed 31 Mar 2027 17:52:24 +0000
asID: 210545
IP address blocks: 176.102.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.crl
rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.mft
rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 09:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:e2:0b:37:5e:4e:2d:57:e2:56:c4:55:a6:fe:43:2a:f5:93:3e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=199cdd14c27fbf6b005a0ada004d53cbcb9667ff
Validity
Not Before: Apr 1 17:47:24 2026 GMT
Not After : Mar 31 17:52:24 2027 GMT
Subject: CN=E54EC547902F5429E4D40A086D46C6F117920A12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b3:2c:f8:ed:e3:82:d4:af:0c:19:d8:20:bd:
2b:fe:1b:73:11:cb:aa:fa:38:4d:1b:9b:b9:e8:59:
81:d8:46:66:24:f1:cd:3c:79:92:69:1e:fa:43:dc:
6c:88:fb:34:f9:f9:ae:df:84:dc:f9:f1:0e:70:28:
82:b6:ed:ba:20:76:ed:e8:b5:ce:fe:40:6c:45:18:
a6:db:55:0a:b6:62:e9:0f:ec:32:4e:04:9f:4d:ed:
d7:16:9d:23:d5:8f:82:df:a7:d4:e4:14:41:44:92:
4f:94:eb:1d:34:79:06:92:bb:7a:59:5f:a7:94:a8:
ee:ef:60:25:45:dc:01:df:92:ad:fb:72:a5:2c:c2:
81:56:db:61:24:3f:a0:41:26:2f:42:69:e7:5b:9f:
f7:2c:3c:0f:2c:68:0b:63:c2:00:ca:06:0a:94:0d:
aa:00:1c:cf:d7:90:29:47:08:95:4e:2d:eb:7c:9c:
5b:49:97:78:9a:97:b8:16:ce:21:f3:57:f8:56:6c:
d7:67:ac:e6:af:ba:96:aa:3e:bd:b5:bc:d3:79:56:
34:20:ed:91:31:32:16:6e:29:27:6c:77:26:03:49:
90:71:e2:ea:a9:a0:10:0d:7d:f1:cd:f1:67:16:13:
69:b4:c2:00:0c:ef:ba:e4:5d:cd:25:07:6f:b0:68:
bf:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:4E:C5:47:90:2F:54:29:E4:D4:0A:08:6D:46:C6:F1:17:92:0A:12
X509v3 Authority Key Identifier:
keyid:19:9C:DD:14:C2:7F:BF:6B:00:5A:0A:DA:00:4D:53:CB:CB:96:67:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/3137362e3130322e3137302e302f32342d3234203d3e20323130353435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.102.170.0/24
Signature Algorithm: sha256WithRSAEncryption
96:20:6e:d0:52:cf:b0:99:9a:cd:64:50:b6:8c:f5:7d:da:9f:
f7:26:6d:57:fa:36:e6:5f:cd:ba:95:5b:97:3a:58:99:fe:d4:
ed:f1:1a:bc:38:56:e4:67:bf:c9:fa:ab:3c:c0:11:74:a1:3e:
66:97:0d:c5:66:8c:9b:4e:19:8d:98:e5:66:56:32:55:3d:50:
70:67:1d:e7:b8:63:6f:f8:ff:b9:98:33:36:55:6a:d0:69:1b:
ac:9e:11:89:22:f7:53:41:3e:c2:f7:a0:7c:ab:fb:10:61:60:
38:47:e7:ce:25:1f:9d:c9:e4:28:c0:bb:14:23:93:ef:2f:be:
4a:cd:e6:be:34:0d:2a:c6:4d:1f:7a:3b:eb:26:14:0a:ed:5e:
46:62:0b:9f:51:01:8f:02:35:3f:62:9f:22:dc:52:d6:7b:3d:
87:d3:3f:d6:e2:9d:88:1c:b8:5c:83:ca:ed:3c:d6:6b:ec:26:
34:51:14:c6:8b:6a:ef:fe:8d:0b:43:9d:04:e0:4f:0c:6e:b8:
ae:9a:f1:aa:7d:23:68:4c:fb:f9:7a:e5:32:19:4b:99:ca:f3:
38:23:84:2e:be:24:1f:ad:1e:a6:a8:08:0f:d8:c3:51:86:15:
b3:83:77:24:71:e4:e4:2a:ea:64:12:bf:bc:f9:07:57:c6:f8:
f0:15:2d:23
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUeILN15OLVfiVsRVpv5DKvWTPkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTk5Y2RkMTRjMjdmYmY2YjAwNWEwYWRhMDA0ZDUzY2Jj
Yjk2NjdmZjAeFw0yNjA0MDExNzQ3MjRaFw0yNzAzMzExNzUyMjRaMDMxMTAvBgNV
BAMTKEU1NEVDNTQ3OTAyRjU0MjlFNEQ0MEEwODZENDZDNkYxMTc5MjBBMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCsyz47eOC1K8MGdggvSv+G3MR
y6r6OE0bm7noWYHYRmYk8c08eZJpHvpD3GyI+zT5+a7fhNz58Q5wKIK27bogdu3o
tc7+QGxFGKbbVQq2YukP7DJOBJ9N7dcWnSPVj4Lfp9TkFEFEkk+U6x00eQaSu3pZ
X6eUqO7vYCVF3AHfkq37cqUswoFW22EkP6BBJi9Caedbn/csPA8saAtjwgDKBgqU
DaoAHM/XkClHCJVOLet8nFtJl3ial7gWziHzV/hWbNdnrOavupaqPr21vNN5VjQg
7ZExMhZuKSdsdyYDSZBx4uqpoBANffHN8WcWE2m0wgAM77rkXc0lB2+waL8LAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU5U7FR5AvVCnk1AoIbUbG8ReSChIwHwYDVR0j
BBgwFoAUGZzdFMJ/v2sAWgraAE1Ty8uWZ/8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzIwMjNjNTMtMTg0Yi00ODRiLWI2NzYtNTk4ZjY0ZDg4
ZjIyLzAvMTk5Q0REMTRDMjdGQkY2QjAwNUEwQURBMDA0RDUzQ0JDQjk2NjdGRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0daemRGTUpfdjJzQVdncmFBRTFUeTh1
V1pfOC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzIwMjNjNTMt
MTg0Yi00ODRiLWI2NzYtNTk4ZjY0ZDg4ZjIyLzAvMzEzNzM2MmUzMTMwMzIyZTMx
MzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMDM1MzQzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALBmqjANBgkqhkiG9w0BAQsFAAOCAQEAliBu0FLPsJmazWRQtoz1fdqf9yZt
V/o25l/NupVblzpYmf7U7fEavDhW5Ge/yfqrPMARdKE+ZpcNxWaMm04ZjZjlZlYy
VT1QcGcd57hjb/j/uZgzNlVq0GkbrJ4RiSL3U0E+wvegfKv7EGFgOEfnziUfncnk
KMC7FCOT7y++Ss3mvjQNKsZNH3o76yYUCu1eRmILn1EBjwI1P2KfItxS1ns9h9M/
1uKdiBy4XIPK7TzWa+wmNFEUxotq7/6NC0OdBOBPDG64rprxqn0jaEz7+XrlMhlL
mcrzOCOELr4kH60epqgID9jDUYYVs4N3JHHk5CrqZBK/vPkHV8b48BUtIw==
-----END CERTIFICATE-----
Generated at Tue Apr 7 22:29:30 2026 by rpki-client