Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37342e302f32342d3234203d3e20323035343839.roa
File: 3137382e3234382e37342e302f32342d3234203d3e20323035343839.roa (raw, json)
Hash identifier: D0Owph/oL3mL5VwchRzGIXC3cMHzv1rxTr5Ojjef5Y4=
Subject key identifier: A8:6D:90:0C:93:44:66:5C:44:6A:BB:99:B3:96:0D:31:28:D4:F6:0C
Certificate issuer: /CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Certificate serial: 78663CE8C2B15F15FD16584931C31435286F1B12
Authority key identifier: BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37342e302f32342d3234203d3e20323035343839.roa
Signing time: Fri 05 Jun 2026 18:46:23 +0000
ROA not before: Fri 05 Jun 2026 18:41:23 +0000
ROA not after: Fri 04 Jun 2027 18:46:23 +0000
asID: 205489
IP address blocks: 178.248.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.mft
rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:66:3c:e8:c2:b1:5f:15:fd:16:58:49:31:c3:14:35:28:6f:1b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Validity
Not Before: Jun 5 18:41:23 2026 GMT
Not After : Jun 4 18:46:23 2027 GMT
Subject: CN=A86D900C9344665C446ABB99B3960D3128D4F60C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ca:f5:e4:d7:5e:ae:a2:f1:d2:10:02:92:3e:
5b:9e:58:1e:d0:5a:c4:c7:82:4c:15:c2:ba:27:dd:
13:3f:39:e3:62:97:01:62:7a:75:fe:01:cf:99:d7:
1d:28:da:8c:bc:c3:21:00:c8:a7:51:a4:c4:a7:50:
6f:8c:53:d5:80:70:b8:6d:86:ca:ae:75:be:0c:34:
ef:d5:f9:31:5f:17:23:00:48:01:42:66:68:7b:85:
62:cb:99:cc:c7:03:75:01:d4:a3:75:27:0a:7b:c8:
00:42:76:22:e6:e6:6a:2d:f6:02:72:cc:3a:5d:7d:
0e:89:b7:d7:47:a6:5c:57:41:f7:9e:4c:fa:af:f9:
1c:dd:5c:d1:36:c5:c8:a1:c3:fe:ae:5a:d6:99:e9:
b6:76:7d:ca:36:e9:bd:24:13:52:40:a3:ac:99:d8:
39:66:07:33:01:76:d3:e6:13:c4:fe:ab:02:ab:e1:
43:80:5a:41:bf:5b:98:e5:04:64:40:18:fe:52:58:
f9:52:e0:0a:c1:da:fb:a3:c9:f2:fa:72:70:c7:a4:
f2:79:4c:20:da:5e:e8:36:9f:04:c2:8f:4d:87:78:
f8:67:c3:e5:31:15:1f:d6:8b:e0:2e:e4:5c:df:06:
3c:c4:fd:30:a7:33:08:e2:77:c8:8b:67:44:a8:7d:
9b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6D:90:0C:93:44:66:5C:44:6A:BB:99:B3:96:0D:31:28:D4:F6:0C
X509v3 Authority Key Identifier:
keyid:BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37342e302f32342d3234203d3e20323035343839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.74.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:a6:77:bc:a7:60:aa:cc:9f:3d:05:79:9e:89:27:28:31:21:
8e:db:62:b3:73:1e:33:1d:78:97:b2:96:9f:2f:a0:0f:24:a4:
2b:ec:90:1b:f8:be:25:07:f6:9f:1f:83:1e:7d:60:5a:8d:38:
b6:6f:27:7b:2e:ed:1b:bb:ed:44:c3:d9:01:93:bb:36:db:ad:
8b:ca:ae:47:17:87:68:6c:e1:90:e4:11:78:e4:46:27:88:a8:
76:c4:15:af:e1:6c:ad:81:f4:8e:e3:7e:ea:b0:4f:18:a8:eb:
04:e9:5f:8d:8a:34:17:69:71:a9:27:5e:7f:65:8c:63:32:84:
3e:65:c1:da:f2:65:f6:6e:da:08:25:e2:27:73:59:4a:06:b5:
3a:98:b8:84:fe:8e:97:39:f0:ee:19:53:50:fe:56:40:88:64:
0d:06:c2:c9:ba:53:1d:9a:c9:83:c1:ce:ad:b8:04:e0:0f:06:
c9:0b:9b:dc:82:7e:d8:b4:6b:cb:92:08:2c:92:35:44:35:47:
a6:e1:56:3e:ab:8b:a8:62:77:a8:41:71:35:b0:ec:8b:31:d0:
37:ac:77:db:81:68:10:81:9e:e4:1b:25:1b:99:5b:c9:64:e3:
7e:8e:fd:a2:b2:5a:1e:3f:48:5b:d4:cf:23:24:fb:c9:a3:dc:
1d:96:5f:83
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeGY86MKxXxX9FlhJMcMUNShvGxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmUwYmI3ODg2OWNkYjJhZDBjOTcxYTZhODU4YTMwMjEz
ZWFlYzQ3ZDAeFw0yNjA2MDUxODQxMjNaFw0yNzA2MDQxODQ2MjNaMDMxMTAvBgNV
BAMTKEE4NkQ5MDBDOTM0NDY2NUM0NDZBQkI5OUIzOTYwRDMxMjhENEY2MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOyvXk116uovHSEAKSPlueWB7Q
WsTHgkwVwron3RM/OeNilwFienX+Ac+Z1x0o2oy8wyEAyKdRpMSnUG+MU9WAcLht
hsqudb4MNO/V+TFfFyMASAFCZmh7hWLLmczHA3UB1KN1Jwp7yABCdiLm5mot9gJy
zDpdfQ6Jt9dHplxXQfeeTPqv+RzdXNE2xcihw/6uWtaZ6bZ2fco26b0kE1JAo6yZ
2DlmBzMBdtPmE8T+qwKr4UOAWkG/W5jlBGRAGP5SWPlS4ArB2vujyfL6cnDHpPJ5
TCDaXug2nwTCj02HePhnw+UxFR/Wi+Au5FzfBjzE/TCnMwjid8iLZ0SofZtjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqG2QDJNEZlxEaruZs5YNMSjU9gwwHwYDVR0j
BBgwFoAUvgu3iGnNsq0MlxpqhYowIT6uxH0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWMxNDMzODctZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUx
ZTRhLzAvQkUwQkI3ODg2OUNEQjJBRDBDOTcxQTZBODU4QTMwMjEzRUFFQzQ3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZndTNpR25Oc3EwTWx4cHFoWW93SVQ2
dXhIMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMxNDMzODct
ZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUxZTRhLzAvMzEzNzM4MmUzMjM0MzgyZTM3
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzUzNDM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy+EowDQYJKoZIhvcNAQELBQADggEBADqmd7ynYKrMnz0FeZ6JJygxIY7bYrNz
HjMdeJeylp8voA8kpCvskBv4viUH9p8fgx59YFqNOLZvJ3su7Ru77UTD2QGTuzbb
rYvKrkcXh2hs4ZDkEXjkRieIqHbEFa/hbK2B9I7jfuqwTxio6wTpX42KNBdpcakn
Xn9ljGMyhD5lwdryZfZu2ggl4idzWUoGtTqYuIT+jpc58O4ZU1D+VkCIZA0Gwsm6
Ux2ayYPBzq24BOAPBskLm9yCfti0a8uSCCySNUQ1R6bhVj6ri6hid6hBcTWw7Isx
0Desd9uBaBCBnuQbJRuZW8lk436O/aKyWh4/SFvUzyMk+8mj3B2WX4M=
-----END CERTIFICATE-----
Generated at Sat Jun 13 16:29:13 2026 by rpki-client