Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/3137362e3130322e3137322e302f32322d3232203d3e2032393134.roa
File: 3137362e3130322e3137322e302f32322d3232203d3e2032393134.roa (raw, json)
Hash identifier: NeWINT0yzxeGbQAkYPSSTlBaATh7hwEdqMyxHoWCi2c=
Subject key identifier: 20:61:F6:91:E6:BC:62:94:DF:4D:A2:70:E5:94:5C:6F:D3:39:A1:11
Certificate issuer: /CN=199cdd14c27fbf6b005a0ada004d53cbcb9667ff
Certificate serial: 38F836B233C4285072DE501FFE43D5218853CDBF
Authority key identifier: 19:9C:DD:14:C2:7F:BF:6B:00:5A:0A:DA:00:4D:53:CB:CB:96:67:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/3137362e3130322e3137322e302f32322d3232203d3e2032393134.roa
Signing time: Tue 31 Mar 2026 07:39:20 +0000
ROA not before: Tue 31 Mar 2026 07:34:20 +0000
ROA not after: Tue 30 Mar 2027 07:39:20 +0000
asID: 2914
IP address blocks: 176.102.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.crl
rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.mft
rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 09:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:f8:36:b2:33:c4:28:50:72:de:50:1f:fe:43:d5:21:88:53:cd:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=199cdd14c27fbf6b005a0ada004d53cbcb9667ff
Validity
Not Before: Mar 31 07:34:20 2026 GMT
Not After : Mar 30 07:39:20 2027 GMT
Subject: CN=2061F691E6BC6294DF4DA270E5945C6FD339A111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:58:9e:c1:e7:59:28:b5:c1:7c:f1:0a:55:75:
60:ad:85:90:62:47:21:7b:12:16:69:b6:bc:41:34:
69:6b:f0:35:a4:77:42:84:a0:2a:0c:0e:fe:b2:39:
64:2f:88:6c:90:09:ac:4a:9a:6a:fa:8e:93:2f:3b:
cb:d6:29:79:e8:0b:70:63:ed:7d:46:aa:6f:5b:b2:
a7:e2:4c:89:e7:6d:17:ed:a4:77:dc:c1:28:bd:98:
42:20:9a:f8:bb:6a:23:9d:b6:96:c3:39:68:bb:5b:
4b:88:54:93:28:93:d2:e6:94:c7:c7:bb:10:d9:bc:
c4:10:40:bf:64:99:49:69:1d:8d:f1:b1:3a:3d:44:
fe:7c:e9:63:1e:0c:60:17:c1:83:31:ea:94:fb:72:
6a:27:3f:d7:52:02:f2:60:2e:1b:16:f9:31:c2:30:
59:a0:2c:45:86:6d:1a:24:b0:0b:a9:c0:6a:cc:27:
01:5b:ea:a0:1b:d9:cc:5b:12:d2:05:4a:95:2e:76:
93:02:45:be:ea:73:ce:36:d4:9f:a9:c5:e4:5a:8a:
8c:26:15:c3:76:3f:24:ba:c4:e2:95:96:d6:26:a7:
e6:e1:df:1e:9d:ec:f2:08:93:fe:34:a5:7f:16:11:
f7:81:85:e3:9e:bb:2a:9c:a8:a8:71:1d:d2:a9:60:
08:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:61:F6:91:E6:BC:62:94:DF:4D:A2:70:E5:94:5C:6F:D3:39:A1:11
X509v3 Authority Key Identifier:
keyid:19:9C:DD:14:C2:7F:BF:6B:00:5A:0A:DA:00:4D:53:CB:CB:96:67:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/199CDD14C27FBF6B005A0ADA004D53CBCB9667FF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZzdFMJ_v2sAWgraAE1Ty8uWZ_8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c2023c53-184b-484b-b676-598f64d88f22/0/3137362e3130322e3137322e302f32322d3232203d3e2032393134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.102.172.0/22
Signature Algorithm: sha256WithRSAEncryption
69:f5:b1:18:71:53:a8:73:ec:8c:df:2f:b7:f2:a8:aa:88:66:
23:84:e1:1e:d3:0a:37:3e:2f:04:ca:64:37:73:8c:bc:7a:14:
49:fc:4d:bc:83:bd:18:d4:01:b5:49:12:78:66:7a:02:c1:58:
3e:d6:96:89:1e:34:75:73:b3:55:7b:3b:42:c6:19:ca:22:77:
11:a2:04:84:6c:d8:c4:29:d9:67:a4:1a:fe:44:8c:bf:d1:b3:
a0:1b:48:ea:03:93:48:c8:f9:eb:6d:dd:33:be:f4:74:13:76:
f3:18:e0:fb:ef:bb:4f:66:bf:90:1c:31:d2:25:e7:b1:22:df:
dc:9b:cb:dd:b9:0e:82:83:0d:9d:a0:c4:a6:82:94:df:7b:a9:
a0:96:36:57:af:0c:9d:20:4e:dc:0f:e5:5e:46:ff:ed:f2:23:
cb:59:18:6d:32:fe:40:d2:36:2c:6b:b4:8a:ef:4e:40:d3:37:
24:6f:d9:e8:66:48:f7:f4:1a:1e:61:48:ff:5d:69:61:03:de:
7a:0c:d6:59:f0:30:33:7f:0a:fc:ae:0b:88:7b:e9:0d:b2:b5:
ac:21:22:5b:6c:af:25:cd:eb:96:a2:a4:60:c4:98:7e:43:5c:
30:d9:e6:db:16:29:ab:a5:34:56:95:d4:a7:56:5f:63:83:60:
58:ea:d0:2c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOPg2sjPEKFBy3lAf/kPVIYhTzb8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTk5Y2RkMTRjMjdmYmY2YjAwNWEwYWRhMDA0ZDUzY2Jj
Yjk2NjdmZjAeFw0yNjAzMzEwNzM0MjBaFw0yNzAzMzAwNzM5MjBaMDMxMTAvBgNV
BAMTKDIwNjFGNjkxRTZCQzYyOTRERjREQTI3MEU1OTQ1QzZGRDMzOUExMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGWJ7B51kotcF88QpVdWCthZBi
RyF7EhZptrxBNGlr8DWkd0KEoCoMDv6yOWQviGyQCaxKmmr6jpMvO8vWKXnoC3Bj
7X1Gqm9bsqfiTInnbRftpHfcwSi9mEIgmvi7aiOdtpbDOWi7W0uIVJMok9LmlMfH
uxDZvMQQQL9kmUlpHY3xsTo9RP586WMeDGAXwYMx6pT7cmonP9dSAvJgLhsW+THC
MFmgLEWGbRoksAupwGrMJwFb6qAb2cxbEtIFSpUudpMCRb7qc8421J+pxeRaiowm
FcN2PyS6xOKVltYmp+bh3x6d7PIIk/40pX8WEfeBheOeuyqcqKhxHdKpYAjXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIGH2kea8YpTfTaJw5ZRcb9M5oREwHwYDVR0j
BBgwFoAUGZzdFMJ/v2sAWgraAE1Ty8uWZ/8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzIwMjNjNTMtMTg0Yi00ODRiLWI2NzYtNTk4ZjY0ZDg4
ZjIyLzAvMTk5Q0REMTRDMjdGQkY2QjAwNUEwQURBMDA0RDUzQ0JDQjk2NjdGRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0daemRGTUpfdjJzQVdncmFBRTFUeTh1
V1pfOC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzIwMjNjNTMt
MTg0Yi00ODRiLWI2NzYtNTk4ZjY0ZDg4ZjIyLzAvMzEzNzM2MmUzMTMwMzIyZTMx
MzczMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzkzMTM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
sGasMA0GCSqGSIb3DQEBCwUAA4IBAQBp9bEYcVOoc+yM3y+38qiqiGYjhOEe0wo3
Pi8EymQ3c4y8ehRJ/E28g70Y1AG1SRJ4ZnoCwVg+1paJHjR1c7NVeztCxhnKIncR
ogSEbNjEKdlnpBr+RIy/0bOgG0jqA5NIyPnrbd0zvvR0E3bzGOD777tPZr+QHDHS
JeexIt/cm8vduQ6Cgw2doMSmgpTfe6mgljZXrwydIE7cD+VeRv/t8iPLWRhtMv5A
0jYsa7SK705A0zckb9noZkj39BoeYUj/XWlhA956DNZZ8DAzfwr8rguIe+kNsrWs
ISJbbK8lzeuWoqRgxJh+Q1ww2ebbFimrpTRWldSnVl9jg2BY6tAs
-----END CERTIFICATE-----
Generated at Tue Apr 7 22:27:26 2026 by rpki-client