Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139322e302f32342d3234203d3e203134363138.roa
File: 3137382e3133322e3139322e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: EDWUUKhrOtu3UMAllaeIt1ZR8GH4cYzCKJWn6QZal8k=
Subject key identifier: 53:5C:B8:E0:5F:3B:03:D7:96:F5:73:50:66:05:8C:18:3A:7C:88:A3
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 0609BB5C3027C0BE30C05A6DB91D857076C3BFBA
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139322e302f32342d3234203d3e203134363138.roa
Signing time: Fri 13 Feb 2026 09:50:36 +0000
ROA not before: Fri 13 Feb 2026 09:45:36 +0000
ROA not after: Fri 12 Feb 2027 09:50:36 +0000
asID: 14618
IP address blocks: 178.132.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Feb 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:09:bb:5c:30:27:c0:be:30:c0:5a:6d:b9:1d:85:70:76:c3:bf:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Feb 13 09:45:36 2026 GMT
Not After : Feb 12 09:50:36 2027 GMT
Subject: CN=535CB8E05F3B03D796F5735066058C183A7C88A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2f:4e:aa:af:f1:d6:a2:f7:40:3a:28:35:9a:
ec:fb:43:9d:65:c9:c8:ed:f4:17:37:48:eb:f1:47:
6f:7c:32:54:06:18:a9:b1:0a:3e:05:71:ad:ce:77:
7c:83:ed:21:53:74:18:b9:13:ea:01:a2:c5:06:f2:
18:7f:f2:cd:5b:b4:2b:6e:3e:32:1a:f9:ba:49:bb:
ca:af:c7:89:8a:7d:2a:e8:5a:6d:31:4a:04:18:07:
d8:24:88:eb:14:5d:45:dd:82:f7:1f:cf:65:ba:c3:
6a:14:a8:af:7e:c6:ff:6b:27:0d:6c:ec:72:8c:5b:
26:85:e1:df:38:f2:c2:9a:1d:b5:da:fa:0e:84:6e:
6c:57:a7:66:6a:df:69:84:42:ab:d1:af:11:5d:be:
c4:70:a0:ef:10:0a:18:dc:f5:fd:af:af:6f:34:e7:
68:a2:85:29:42:31:84:45:ca:ef:b6:08:e9:e3:c3:
ba:64:8a:34:da:5a:d5:06:f5:94:0f:90:d5:b5:73:
e4:41:db:c1:84:41:af:0e:7d:e5:68:7b:94:24:87:
b4:4a:a8:13:9a:b2:0a:b0:28:10:b0:95:d9:c3:b7:
fd:9e:ce:2d:27:af:b3:57:da:08:ae:40:95:7f:d6:
2c:a8:c3:e7:f6:17:f9:7f:57:ab:29:c9:a7:0a:af:
45:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5C:B8:E0:5F:3B:03:D7:96:F5:73:50:66:05:8C:18:3A:7C:88:A3
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139322e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.192.0/24
Signature Algorithm: sha256WithRSAEncryption
74:76:a5:46:d2:f8:f7:88:e5:ab:a4:c9:65:68:8b:45:80:13:
44:50:fa:8c:bc:06:d5:36:c2:b9:bf:39:54:e8:f4:47:76:85:
81:06:86:af:3e:54:43:ad:48:bd:85:97:5a:60:1f:9d:21:20:
70:61:bc:80:20:f5:5a:f7:f8:47:c5:59:8c:e2:f7:cb:48:b7:
2e:af:06:a3:82:1b:e8:09:e1:af:0c:94:f8:3c:cb:1d:9f:fc:
70:cc:70:67:95:5b:ab:7c:9d:03:0c:93:47:52:12:b7:5e:f3:
70:5b:e4:b6:a3:06:5d:62:ad:fc:27:94:83:68:7d:c0:92:ff:
b9:f6:b4:c9:67:7e:b3:81:4b:b3:a3:16:71:00:1a:4d:18:9f:
f2:13:9d:c0:46:ff:4a:ac:c2:ee:6e:21:64:44:bd:9e:d3:98:
7e:1e:0e:6e:2e:66:fb:d1:38:fa:a4:c9:a7:65:7b:db:6c:bb:
b9:62:ec:7b:2a:76:bb:81:11:c6:f8:b7:88:e9:1e:54:16:40:
0d:80:8e:28:53:01:65:a2:70:7a:db:cd:96:2e:53:7f:5d:e0:
b3:40:35:a2:ce:36:71:55:2a:d6:44:3a:01:ab:39:f7:c4:0d:
f7:e8:bf:e8:52:de:46:35:e6:ab:fb:36:4b:48:a8:0f:45:e6:
37:97:2f:f9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBgm7XDAnwL4wwFptuR2FcHbDv7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNjAyMTMwOTQ1MzZaFw0yNzAyMTIwOTUwMzZaMDMxMTAvBgNV
BAMTKDUzNUNCOEUwNUYzQjAzRDc5NkY1NzM1MDY2MDU4QzE4M0E3Qzg4QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfL06qr/HWovdAOig1muz7Q51l
ycjt9Bc3SOvxR298MlQGGKmxCj4Fca3Od3yD7SFTdBi5E+oBosUG8hh/8s1btCtu
PjIa+bpJu8qvx4mKfSroWm0xSgQYB9gkiOsUXUXdgvcfz2W6w2oUqK9+xv9rJw1s
7HKMWyaF4d848sKaHbXa+g6EbmxXp2Zq32mEQqvRrxFdvsRwoO8QChjc9f2vr280
52iihSlCMYRFyu+2COnjw7pkijTaWtUG9ZQPkNW1c+RB28GEQa8OfeVoe5Qkh7RK
qBOasgqwKBCwldnDt/2ezi0nr7NX2giuQJV/1iyow+f2F/l/V6spyacKr0X3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUU1y44F87A9eW9XNQZgWMGDp8iKMwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACyhMAwDQYJKoZIhvcNAQELBQADggEBAHR2pUbS+PeI5aukyWVoi0WAE0RQ+oy8
BtU2wrm/OVTo9Ed2hYEGhq8+VEOtSL2Fl1pgH50hIHBhvIAg9Vr3+EfFWYzi98tI
ty6vBqOCG+gJ4a8MlPg8yx2f/HDMcGeVW6t8nQMMk0dSErde83Bb5LajBl1irfwn
lINofcCS/7n2tMlnfrOBS7OjFnEAGk0Yn/ITncBG/0qswu5uIWREvZ7TmH4eDm4u
ZvvROPqkyadle9tsu7li7HsqdruBEcb4t4jpHlQWQA2AjihTAWWicHrbzZYuU39d
4LNANaLONnFVKtZEOgGrOffEDffov+hS3kY15qv7NktIqA9F5jeXL/k=
-----END CERTIFICATE-----
Generated at Sat Feb 21 04:54:12 2026 by rpki-client