Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37322e302f32342d3234203d3e20313939373833.roa
File: 3137382e3234382e37322e302f32342d3234203d3e20313939373833.roa (raw, json)
Hash identifier: A75/jbsOC02nzQ9VFagjG//howA7n6bwG8je53ds+vk=
Subject key identifier: CE:23:CC:2E:9B:21:E5:5C:F0:39:CF:9B:F1:CB:8A:09:1B:3C:F4:3A
Certificate issuer: /CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Certificate serial: 3864B7803CE1CFFDEC51FDFF354713380B684FBF
Authority key identifier: BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37322e302f32342d3234203d3e20313939373833.roa
Signing time: Sun 26 Apr 2026 18:16:46 +0000
ROA not before: Sun 26 Apr 2026 18:11:46 +0000
ROA not after: Sun 25 Apr 2027 18:16:46 +0000
asID: 199783
IP address blocks: 178.248.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.mft
rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Apr 2026 21:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:64:b7:80:3c:e1:cf:fd:ec:51:fd:ff:35:47:13:38:0b:68:4f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Validity
Not Before: Apr 26 18:11:46 2026 GMT
Not After : Apr 25 18:16:46 2027 GMT
Subject: CN=CE23CC2E9B21E55CF039CF9BF1CB8A091B3CF43A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4d:59:1d:03:d1:e0:3e:82:5a:ca:44:88:c1:
45:f3:75:34:38:e2:25:7b:ea:b4:65:55:ae:bc:4f:
6f:47:f8:ce:55:4f:22:db:eb:2f:8f:48:8d:36:b2:
11:53:d6:e6:c4:0c:ed:99:ba:37:b5:27:4a:ac:3a:
04:7e:92:1b:be:d1:e0:53:69:b0:c2:06:dc:d9:05:
e6:25:db:ac:2f:ad:44:42:c8:48:eb:fc:84:49:14:
63:32:9f:d4:2f:d1:4f:59:b6:70:a1:13:40:f1:0b:
62:d9:70:04:f7:09:df:16:b8:8b:f1:15:1d:9b:4e:
4c:3e:99:f8:e2:98:21:af:c0:2b:fa:1c:b5:e9:e4:
9b:6a:c1:eb:65:8c:67:ec:00:0c:04:b9:a0:19:d1:
3b:bb:c5:3b:37:46:d4:bf:07:0b:c1:d2:05:8d:c5:
73:5b:9d:2f:d9:5c:e5:c3:db:84:57:c3:ea:71:e1:
f0:e4:0a:9b:73:1d:53:c5:6e:f0:43:97:cd:9f:2e:
f0:96:07:59:25:0f:b4:3d:bf:ea:43:7c:0f:a7:01:
0c:ee:74:0b:f7:4f:5d:7f:fb:2d:03:37:e5:3a:5a:
31:a0:1e:ca:63:99:82:83:73:61:67:a1:85:63:8e:
db:ed:f7:d9:60:2f:c1:f3:c9:de:5c:30:88:27:5f:
95:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:23:CC:2E:9B:21:E5:5C:F0:39:CF:9B:F1:CB:8A:09:1B:3C:F4:3A
X509v3 Authority Key Identifier:
keyid:BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37322e302f32342d3234203d3e20313939373833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.72.0/24
Signature Algorithm: sha256WithRSAEncryption
40:bb:c3:bb:d2:7d:72:38:a8:67:ec:2b:5a:2f:2d:11:43:75:
78:20:ee:08:c9:3e:d8:56:b1:90:d1:a1:e0:36:43:46:18:c7:
7b:ff:ca:7c:c8:c1:83:5f:96:e0:cc:4e:56:a4:c7:1c:9b:3c:
96:25:32:61:2b:12:3f:74:1c:1f:aa:dd:0a:e9:40:1d:26:68:
9a:01:14:d7:bf:be:6a:82:a3:dd:d8:af:49:28:35:4b:fb:58:
1e:96:dd:1c:04:d7:99:7c:3b:08:01:bc:4c:8c:5a:b5:79:6a:
5e:7a:0f:ef:d9:98:c2:63:21:c9:18:f5:79:28:05:df:82:8c:
0a:8c:ca:a5:85:c9:7c:f5:83:c1:42:e8:d3:88:25:9c:5c:c4:
99:bd:be:78:4a:fa:0e:2c:d0:39:3e:72:fb:ce:11:40:9d:52:
39:ef:2f:9f:07:c1:87:20:fa:c8:94:a7:70:cc:28:9a:0e:b4:
f0:4d:9f:ac:cf:fd:70:da:eb:d3:40:26:6e:c5:86:69:a4:f2:
78:04:97:e8:9d:1c:6e:61:13:d2:c6:f1:ae:df:90:b5:3a:d3:
b4:17:8e:7a:9d:b1:c0:41:81:ab:5a:98:5c:13:c1:65:b4:85:
ea:48:a5:d1:31:24:65:d3:70:32:8f:70:ac:4f:21:90:a4:19:
c4:8b:e8:39
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOGS3gDzhz/3sUf3/NUcTOAtoT78wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmUwYmI3ODg2OWNkYjJhZDBjOTcxYTZhODU4YTMwMjEz
ZWFlYzQ3ZDAeFw0yNjA0MjYxODExNDZaFw0yNzA0MjUxODE2NDZaMDMxMTAvBgNV
BAMTKENFMjNDQzJFOUIyMUU1NUNGMDM5Q0Y5QkYxQ0I4QTA5MUIzQ0Y0M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzTVkdA9HgPoJaykSIwUXzdTQ4
4iV76rRlVa68T29H+M5VTyLb6y+PSI02shFT1ubEDO2Zuje1J0qsOgR+khu+0eBT
abDCBtzZBeYl26wvrURCyEjr/IRJFGMyn9Qv0U9ZtnChE0DxC2LZcAT3Cd8WuIvx
FR2bTkw+mfjimCGvwCv6HLXp5JtqwetljGfsAAwEuaAZ0Tu7xTs3RtS/BwvB0gWN
xXNbnS/ZXOXD24RXw+px4fDkCptzHVPFbvBDl82fLvCWB1klD7Q9v+pDfA+nAQzu
dAv3T11/+y0DN+U6WjGgHspjmYKDc2FnoYVjjtvt99lgL8Hzyd5cMIgnX5VtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUziPMLpsh5VzwOc+b8cuKCRs89DowHwYDVR0j
BBgwFoAUvgu3iGnNsq0MlxpqhYowIT6uxH0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWMxNDMzODctZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUx
ZTRhLzAvQkUwQkI3ODg2OUNEQjJBRDBDOTcxQTZBODU4QTMwMjEzRUFFQzQ3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZndTNpR25Oc3EwTWx4cHFoWW93SVQ2
dXhIMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMxNDMzODct
ZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUxZTRhLzAvMzEzNzM4MmUzMjM0MzgyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzkzNzM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy+EgwDQYJKoZIhvcNAQELBQADggEBAEC7w7vSfXI4qGfsK1ovLRFDdXgg7gjJ
PthWsZDRoeA2Q0YYx3v/ynzIwYNfluDMTlakxxybPJYlMmErEj90HB+q3QrpQB0m
aJoBFNe/vmqCo93Yr0koNUv7WB6W3RwE15l8OwgBvEyMWrV5al56D+/ZmMJjIckY
9XkoBd+CjAqMyqWFyXz1g8FC6NOIJZxcxJm9vnhK+g4s0Dk+cvvOEUCdUjnvL58H
wYcg+siUp3DMKJoOtPBNn6zP/XDa69NAJm7Fhmmk8ngEl+idHG5hE9LG8a7fkLU6
07QXjnqdscBBgatamFwTwWW0hepIpdExJGXTcDKPcKxPIZCkGcSL6Dk=
-----END CERTIFICATE-----
Generated at Thu Apr 30 11:41:02 2026 by rpki-client