Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa
File: 3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa (raw, json)
Hash identifier: Vqha5lWTo+LN8EsgB1R7AnOrRD0jz/DiE1NZCndA7aU=
Subject key identifier: D3:78:99:48:95:4F:4C:7C:E1:CE:25:83:05:79:CA:3F:E9:6C:74:47
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 67C2581DECB4E7C68A3D2EF2129B1C4CE7AB44E0
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa
Signing time: Fri 24 Apr 2026 10:47:05 +0000
ROA not before: Fri 24 Apr 2026 10:42:05 +0000
ROA not after: Fri 23 Apr 2027 10:47:05 +0000
asID: 215052
IP address blocks: 185.172.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:17:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:c2:58:1d:ec:b4:e7:c6:8a:3d:2e:f2:12:9b:1c:4c:e7:ab:44:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 24 10:42:05 2026 GMT
Not After : Apr 23 10:47:05 2027 GMT
Subject: CN=D3789948954F4C7CE1CE25830579CA3FE96C7447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9c:ff:25:8a:86:a7:32:5a:27:f4:71:79:36:
12:2d:b0:ae:38:18:0f:a3:6f:ca:68:9d:9c:2e:44:
b5:6b:55:e8:65:ac:fa:01:b5:c1:50:c3:43:b0:52:
89:d9:99:3f:db:d4:7f:02:23:92:3e:f5:4f:b1:00:
5e:2a:72:98:ec:4a:a6:cb:05:f2:77:22:6d:ff:a9:
36:39:d4:1e:52:8b:c5:ee:e2:06:7c:20:d6:2d:e8:
57:23:fd:9c:cd:7c:e7:9e:37:47:da:87:1f:c9:fe:
85:21:08:05:f8:81:d7:83:0e:3c:45:c8:60:be:0f:
1a:e5:6b:a3:76:3a:d9:a1:b1:ef:81:76:c1:6b:b7:
52:10:1a:20:23:d9:8e:8d:a3:a5:b3:92:d7:4d:40:
3b:08:9a:93:29:e3:f2:76:d5:55:f6:bf:08:19:83:
a7:c5:a4:80:22:1a:75:58:45:d4:bd:01:f1:3c:c2:
7c:ed:ef:d3:91:ac:2e:0a:2f:cf:86:2a:dd:e1:da:
c5:b5:ce:1a:1e:2d:83:a1:91:fb:d1:11:e4:e3:96:
6f:a6:d2:17:87:e2:2d:41:14:99:a5:4e:25:9b:d3:
26:02:d6:da:7a:24:8d:83:5a:ec:fb:2e:14:2a:42:
b8:da:48:f9:fa:77:35:a0:50:ad:11:58:72:6a:ca:
57:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:78:99:48:95:4F:4C:7C:E1:CE:25:83:05:79:CA:3F:E9:6C:74:47
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20323135303532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.173.0/24
Signature Algorithm: sha256WithRSAEncryption
05:46:c1:d8:79:4e:28:70:78:8b:11:71:1c:95:8e:49:9d:e7:
60:01:d2:d6:f7:1c:ab:4c:76:b8:04:73:e1:8d:f8:31:3e:b8:
a5:b4:fa:25:2e:a7:d0:8f:c6:25:c2:6b:91:c3:4d:20:c7:7a:
31:7b:8a:9f:6c:6f:2e:22:48:ca:37:c5:9b:78:77:81:2a:00:
0b:3c:ca:d1:80:6e:71:5a:4a:4e:62:10:af:14:73:05:ab:1d:
1a:4b:26:87:c3:03:35:55:64:d0:9b:29:2d:02:6d:2b:2c:5e:
92:2a:b4:0c:88:54:c0:d4:39:f4:f8:7d:9a:65:4f:e3:72:68:
9f:9a:a9:56:dc:d1:a4:85:58:20:12:4d:01:8e:26:7c:5e:3b:
4b:45:4a:d4:a4:c8:19:60:be:c2:48:fa:fc:2d:5c:3f:5f:3a:
6f:ca:04:97:f5:0b:72:30:bf:49:6a:01:c0:cd:27:d4:3d:fd:
89:ee:1a:d6:aa:95:7f:84:93:69:7e:a9:f6:dc:f7:f7:70:fb:
1b:c8:cc:bf:36:f0:69:56:db:74:6f:6a:ee:b3:aa:5c:cf:c3:
a5:7f:5a:37:58:1c:0e:b2:f0:16:40:9d:03:e6:ee:d9:e0:ec:
3a:76:a1:8d:17:c7:58:4d:a7:55:4c:68:a3:3b:81:ef:0e:62:
4a:ea:a9:33
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZ8JYHey058aKPS7yEpscTOerROAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA0MjQxMDQyMDVaFw0yNzA0MjMxMDQ3MDVaMDMxMTAvBgNV
BAMTKEQzNzg5OTQ4OTU0RjRDN0NFMUNFMjU4MzA1NzlDQTNGRTk2Qzc0NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCynP8lioanMlon9HF5NhItsK44
GA+jb8ponZwuRLVrVehlrPoBtcFQw0OwUonZmT/b1H8CI5I+9U+xAF4qcpjsSqbL
BfJ3Im3/qTY51B5Si8Xu4gZ8INYt6Fcj/ZzNfOeeN0fahx/J/oUhCAX4gdeDDjxF
yGC+Dxrla6N2Otmhse+BdsFrt1IQGiAj2Y6No6WzktdNQDsImpMp4/J21VX2vwgZ
g6fFpIAiGnVYRdS9AfE8wnzt79ORrC4KL8+GKt3h2sW1zhoeLYOhkfvREeTjlm+m
0heH4i1BFJmlTiWb0yYC1tp6JI2DWuz7LhQqQrjaSPn6dzWgUK0RWHJqylf1AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU03iZSJVPTHzhziWDBXnKP+lsdEcwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMwMzUzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrTANBgkqhkiG9w0BAQsFAAOCAQEABUbB2HlOKHB4ixFxHJWOSZ3nYAHS
1vccq0x2uARz4Y34MT64pbT6JS6n0I/GJcJrkcNNIMd6MXuKn2xvLiJIyjfFm3h3
gSoACzzK0YBucVpKTmIQrxRzBasdGksmh8MDNVVk0JspLQJtKyxekiq0DIhUwNQ5
9Ph9mmVP43Jon5qpVtzRpIVYIBJNAY4mfF47S0VK1KTIGWC+wkj6/C1cP186b8oE
l/ULcjC/SWoBwM0n1D39ie4a1qqVf4STaX6p9tz393D7G8jMvzbwaVbbdG9q7rOq
XM/DpX9aN1gcDrLwFkCdA+bu2eDsOnahjRfHWE2nVUxoozuB7w5iSuqpMw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 03:14:27 2026 by rpki-client