Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232342e302f32332d3234203d3e203136353039.roa
File: 3137382e3233362e3232342e302f32332d3234203d3e203136353039.roa (raw, json)
Hash identifier: RKASj5Gz0g7xxLnHb9KEoWbO+w1nl9AqbgRZ3sNE+ho=
Subject key identifier: 03:34:70:C6:0C:B1:61:4C:2C:59:22:66:DA:04:70:77:AC:8E:39:F9
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 43597976901CA588871AA2F0BA30C4A2541AE648
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232342e302f32332d3234203d3e203136353039.roa
Signing time: Tue 16 Jun 2026 16:31:37 +0000
ROA not before: Tue 16 Jun 2026 16:26:37 +0000
ROA not after: Tue 15 Jun 2027 16:31:37 +0000
asID: 16509
IP address blocks: 178.236.224.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:59:79:76:90:1c:a5:88:87:1a:a2:f0:ba:30:c4:a2:54:1a:e6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Jun 16 16:26:37 2026 GMT
Not After : Jun 15 16:31:37 2027 GMT
Subject: CN=033470C60CB1614C2C592266DA047077AC8E39F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7d:95:c5:e7:78:1d:47:22:96:58:6c:d4:c9:
e4:e0:27:c9:dc:c3:22:d0:d4:1d:87:d1:4e:4d:02:
d1:97:59:22:69:e7:7b:8f:88:fd:51:e8:9f:f2:13:
9a:fa:cc:5b:be:bf:2b:c8:29:59:b4:f3:eb:1a:fc:
cf:20:8e:21:f8:23:4a:a7:5f:30:e0:e8:cd:5a:7b:
47:63:e9:4a:1b:15:80:44:64:5a:87:56:8b:ef:61:
ba:03:31:8e:68:42:13:6a:63:4a:5d:fd:e5:1e:9f:
13:a4:94:af:fd:46:81:9c:3e:34:b1:45:73:3f:e5:
db:5c:f9:18:31:c1:ae:63:57:4c:04:0e:99:58:cd:
81:99:40:41:ff:4f:a0:a0:84:89:2d:07:9a:79:11:
d1:83:2a:47:f8:a4:b4:f7:e2:00:c6:7a:2f:cd:37:
57:ca:60:50:bd:83:c4:d1:e2:ec:77:b0:3f:01:e8:
21:f3:26:69:33:6f:b2:45:a9:c6:70:ed:c9:c5:3c:
1a:9f:09:7b:53:8e:b4:26:95:30:f9:cd:b3:53:ca:
ff:68:2f:0e:60:44:59:74:2d:a9:f4:a8:ec:5f:e3:
f3:61:ac:9e:fb:c7:cc:05:2e:78:03:1b:e5:5d:a0:
63:50:82:80:c8:bd:6b:c4:0e:ac:bb:18:87:23:c9:
ff:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:34:70:C6:0C:B1:61:4C:2C:59:22:66:DA:04:70:77:AC:8E:39:F9
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232342e302f32332d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.224.0/23
Signature Algorithm: sha256WithRSAEncryption
86:dc:47:d3:fe:50:29:43:f4:fd:1a:43:33:f1:4d:48:c3:a5:
0c:52:d8:34:dd:72:ee:52:a0:ac:9c:ea:ba:8b:eb:fd:5c:28:
2b:a5:76:83:90:74:98:ed:54:96:50:49:9f:ea:cf:b4:2f:cd:
18:29:ff:ce:f4:f4:c8:d8:39:68:65:d8:d5:46:c5:35:35:8b:
92:95:9a:79:82:ed:89:a2:c0:d0:82:37:c7:93:1d:a3:2b:98:
fd:d4:83:b5:0b:8f:46:7a:31:e2:c2:50:dd:93:0d:0e:cd:36:
ed:c1:76:67:2d:3a:4b:6e:d6:1f:ad:5c:94:01:80:0b:e2:ff:
d7:b5:6d:ed:cc:e9:92:af:90:a4:9e:23:33:7c:bb:27:44:13:
25:58:17:04:33:48:ed:d7:dc:1a:8f:b1:86:b8:06:d0:f9:52:
39:8b:85:c0:19:c8:1b:d8:ca:a8:48:57:fa:e9:d8:45:46:4c:
07:16:76:10:ba:e9:74:05:05:1b:97:a2:f0:ce:91:f8:89:58:
a0:81:2b:3d:67:e2:41:31:85:43:05:fb:29:73:1c:a3:0d:f5:
e2:8c:b5:1f:4a:18:9f:c6:ef:6d:a4:c7:2d:20:7b:61:d7:c6:
1b:de:ec:33:fb:ea:5f:fb:30:32:65:b2:70:5e:e8:24:5f:3d:
9d:6f:3f:05
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQ1l5dpAcpYiHGqLwujDEolQa5kgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA2MTYxNjI2MzdaFw0yNzA2MTUxNjMxMzdaMDMxMTAvBgNV
BAMTKDAzMzQ3MEM2MENCMTYxNEMyQzU5MjI2NkRBMDQ3MDc3QUM4RTM5RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIfZXF53gdRyKWWGzUyeTgJ8nc
wyLQ1B2H0U5NAtGXWSJp53uPiP1R6J/yE5r6zFu+vyvIKVm08+sa/M8gjiH4I0qn
XzDg6M1ae0dj6UobFYBEZFqHVovvYboDMY5oQhNqY0pd/eUenxOklK/9RoGcPjSx
RXM/5dtc+Rgxwa5jV0wEDplYzYGZQEH/T6CghIktB5p5EdGDKkf4pLT34gDGei/N
N1fKYFC9g8TR4ux3sD8B6CHzJmkzb7JFqcZw7cnFPBqfCXtTjrQmlTD5zbNTyv9o
Lw5gRFl0Lan0qOxf4/NhrJ77x8wFLngDG+VdoGNQgoDIvWvEDqy7GIcjyf+NAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAzRwxgyxYUwsWSJm2gRwd6yOOfkwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzIzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGy7OAwDQYJKoZIhvcNAQELBQADggEBAIbcR9P+UClD9P0aQzPxTUjDpQxS2DTd
cu5SoKyc6rqL6/1cKCuldoOQdJjtVJZQSZ/qz7QvzRgp/8709MjYOWhl2NVGxTU1
i5KVmnmC7YmiwNCCN8eTHaMrmP3Ug7ULj0Z6MeLCUN2TDQ7NNu3BdmctOktu1h+t
XJQBgAvi/9e1be3M6ZKvkKSeIzN8uydEEyVYFwQzSO3X3BqPsYa4BtD5UjmLhcAZ
yBvYyqhIV/rp2EVGTAcWdhC66XQFBRuXovDOkfiJWKCBKz1n4kExhUMF+ylzHKMN
9eKMtR9KGJ/G722kxy0ge2HXxhve7DP76l/7MDJlsnBe6CRfPZ1vPwU=
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:13:50 2026 by rpki-client