Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37322e302f32342d3234203d3e20313534343032.roa
File: 3137382e3234382e37322e302f32342d3234203d3e20313534343032.roa (raw, json)
Hash identifier: CmSSgp2rOmRDakFss7YxyL+V/oYFT12bvLwpMMXS8Tk=
Subject key identifier: A0:9F:35:69:64:20:D1:A9:C6:4E:37:20:84:02:DE:BE:EE:2D:BC:40
Certificate issuer: /CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Certificate serial: 56872D558E90D196A474C97E9DC940505F32B8BF
Authority key identifier: BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37322e302f32342d3234203d3e20313534343032.roa
Signing time: Fri 29 May 2026 07:39:36 +0000
ROA not before: Fri 29 May 2026 07:34:36 +0000
ROA not after: Fri 28 May 2027 07:39:36 +0000
asID: 154402
IP address blocks: 178.248.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.mft
rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 04:10:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:87:2d:55:8e:90:d1:96:a4:74:c9:7e:9d:c9:40:50:5f:32:b8:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Validity
Not Before: May 29 07:34:36 2026 GMT
Not After : May 28 07:39:36 2027 GMT
Subject: CN=A09F35696420D1A9C64E37208402DEBEEE2DBC40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:84:49:82:95:dd:4a:2f:51:d5:3a:de:fe:08:
2b:46:ea:49:d9:a8:24:78:95:e2:43:1c:0c:93:04:
cf:de:aa:d5:7b:5c:3d:6c:f3:0c:53:ef:dc:99:3c:
5e:45:63:06:ec:b1:d7:66:76:f4:42:2f:c9:d0:c4:
5a:6e:78:f3:d3:74:a5:56:bc:82:f8:81:e5:f8:e1:
7d:ad:d6:e6:3f:55:3f:72:c1:a9:89:19:d9:63:a2:
20:6b:e1:2d:9f:4b:d9:ed:05:c3:bb:ec:5b:40:68:
19:3f:50:a5:3e:2e:9a:b0:63:9f:fc:97:7a:75:76:
a2:68:67:17:30:43:72:2a:2b:57:18:99:b5:28:a0:
b5:6c:46:9d:52:22:f6:42:b3:cf:e4:ab:c2:d9:52:
a7:c6:c6:4f:03:4d:03:01:62:5e:f6:5a:9a:cf:33:
31:01:7c:63:3c:41:f8:dd:fb:f4:c6:79:ec:d3:65:
da:0a:b2:31:19:df:32:cf:22:8d:5b:9d:e1:84:7b:
11:8c:bc:a0:d9:4a:c9:c6:bc:d7:87:c7:80:06:fd:
ab:20:c9:f8:58:42:e4:b3:fd:ac:36:1f:e3:45:06:
9d:d8:18:f1:fd:4b:69:79:d2:f9:91:af:32:18:a3:
d9:21:a4:68:a5:a7:f4:7d:59:72:0a:a5:63:9b:58:
b2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9F:35:69:64:20:D1:A9:C6:4E:37:20:84:02:DE:BE:EE:2D:BC:40
X509v3 Authority Key Identifier:
keyid:BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37322e302f32342d3234203d3e20313534343032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.72.0/24
Signature Algorithm: sha256WithRSAEncryption
85:cd:12:d4:ab:ad:6b:27:f1:b9:31:4c:bc:58:d5:f2:d7:76:
c2:33:a8:d7:db:34:55:2a:ea:3c:ce:68:0c:7c:96:51:bc:64:
d9:98:58:38:15:19:8a:fc:d9:0c:a6:a4:dc:63:ea:16:53:2b:
5a:0d:76:8e:35:02:67:38:2e:80:92:e7:46:46:de:8a:27:2a:
3f:f3:a4:e8:57:7a:a0:c2:63:35:e1:10:09:ab:40:91:c7:e4:
41:d6:91:3e:40:0d:d5:66:70:65:4f:77:65:87:ab:68:c2:09:
04:96:9f:66:ce:14:07:b2:a0:96:d1:4f:86:0e:c7:ee:55:41:
c1:67:e5:01:b0:2a:60:1d:8d:4d:e4:ca:01:eb:80:f2:1a:60:
1f:49:65:bd:97:d9:7b:f5:02:86:ff:71:aa:87:2b:63:d4:3f:
1a:e3:42:54:2c:73:72:76:22:08:3d:7e:f0:ab:12:83:80:7e:
33:44:91:10:6b:30:0c:2f:de:d7:99:18:0d:96:53:02:fa:53:
64:83:63:24:f6:9d:e8:f4:21:fb:dd:aa:6e:79:58:79:91:97:
f7:9d:e2:dc:8b:22:0f:c5:0f:a2:7b:5f:38:04:a6:94:73:22:
fd:23:b9:97:b3:9c:4d:76:89:a5:ca:b5:64:d5:c9:d5:1d:c4:
fe:0d:03:54
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVoctVY6Q0ZakdMl+nclAUF8yuL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmUwYmI3ODg2OWNkYjJhZDBjOTcxYTZhODU4YTMwMjEz
ZWFlYzQ3ZDAeFw0yNjA1MjkwNzM0MzZaFw0yNzA1MjgwNzM5MzZaMDMxMTAvBgNV
BAMTKEEwOUYzNTY5NjQyMEQxQTlDNjRFMzcyMDg0MDJERUJFRUUyREJDNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCthEmCld1KL1HVOt7+CCtG6knZ
qCR4leJDHAyTBM/eqtV7XD1s8wxT79yZPF5FYwbssddmdvRCL8nQxFpuePPTdKVW
vIL4geX44X2t1uY/VT9ywamJGdljoiBr4S2fS9ntBcO77FtAaBk/UKU+LpqwY5/8
l3p1dqJoZxcwQ3IqK1cYmbUooLVsRp1SIvZCs8/kq8LZUqfGxk8DTQMBYl72WprP
MzEBfGM8Qfjd+/TGeezTZdoKsjEZ3zLPIo1bneGEexGMvKDZSsnGvNeHx4AG/asg
yfhYQuSz/aw2H+NFBp3YGPH9S2l50vmRrzIYo9khpGilp/R9WXIKpWObWLKbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoJ81aWQg0anGTjcghALevu4tvEAwHwYDVR0j
BBgwFoAUvgu3iGnNsq0MlxpqhYowIT6uxH0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWMxNDMzODctZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUx
ZTRhLzAvQkUwQkI3ODg2OUNEQjJBRDBDOTcxQTZBODU4QTMwMjEzRUFFQzQ3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZndTNpR25Oc3EwTWx4cHFoWW93SVQ2
dXhIMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMxNDMzODct
ZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUxZTRhLzAvMzEzNzM4MmUzMjM0MzgyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzQzNDMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy+EgwDQYJKoZIhvcNAQELBQADggEBAIXNEtSrrWsn8bkxTLxY1fLXdsIzqNfb
NFUq6jzOaAx8llG8ZNmYWDgVGYr82QympNxj6hZTK1oNdo41Amc4LoCS50ZG3oon
Kj/zpOhXeqDCYzXhEAmrQJHH5EHWkT5ADdVmcGVPd2WHq2jCCQSWn2bOFAeyoJbR
T4YOx+5VQcFn5QGwKmAdjU3kygHrgPIaYB9JZb2X2Xv1Aob/caqHK2PUPxrjQlQs
c3J2Igg9fvCrEoOAfjNEkRBrMAwv3teZGA2WUwL6U2SDYyT2nej0Ifvdqm55WHmR
l/ed4tyLIg/FD6J7XzgEppRzIv0juZeznE12iaXKtWTVydUdxP4NA1Q=
-----END CERTIFICATE-----
Generated at Tue Jun 2 22:00:53 2026 by rpki-client