Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232362e302f32342d3234203d3e20313938313230.roa
File: 3137382e3233362e3232362e302f32342d3234203d3e20313938313230.roa (raw, json)
Hash identifier: GnErXvMYkgTDg7TWOsi8+AQsBWxWsGMeGB8q8hH51Ag=
Subject key identifier: 0E:A9:C5:6E:31:06:4A:F5:F1:6E:3C:E9:2D:DA:C0:D1:14:CC:6D:98
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 55F2841DA63E94CDB9254ED5B687B1A4D560E18D
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232362e302f32342d3234203d3e20313938313230.roa
Signing time: Thu 04 Jun 2026 03:35:06 +0000
ROA not before: Thu 04 Jun 2026 03:30:06 +0000
ROA not after: Thu 03 Jun 2027 03:35:06 +0000
asID: 198120
IP address blocks: 178.236.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:f2:84:1d:a6:3e:94:cd:b9:25:4e:d5:b6:87:b1:a4:d5:60:e1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Jun 4 03:30:06 2026 GMT
Not After : Jun 3 03:35:06 2027 GMT
Subject: CN=0EA9C56E31064AF5F16E3CE92DDAC0D114CC6D98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6a:86:42:93:fd:98:45:19:ae:40:d3:17:43:
2b:cc:14:c9:dd:ac:b6:97:96:d9:36:3d:c2:e7:f3:
8d:7a:2b:4f:c9:76:e8:fc:f3:8c:7d:78:06:1d:de:
47:a0:48:af:31:01:53:b0:ac:3c:1a:2b:20:81:71:
41:77:c2:f5:59:b2:10:58:88:4e:34:1f:b3:6b:ea:
0e:3e:c4:b1:0f:d7:a0:c0:6f:aa:a2:b9:23:fb:27:
ae:bb:6d:1e:f7:66:64:07:5c:6c:5b:a5:49:5c:26:
45:0d:66:bb:68:08:36:25:6b:cf:14:8f:06:d7:11:
3a:de:f6:27:c9:0d:d6:2e:b5:e2:4f:23:38:d7:ed:
c9:a8:25:a8:9f:2f:5e:9c:f3:4d:6a:f7:c8:dd:40:
28:4e:07:eb:23:da:6c:02:2c:90:eb:d1:53:e6:1a:
c2:38:c7:4f:69:0f:57:92:a5:6d:8f:5a:a9:36:2f:
14:0f:e0:99:de:85:2e:93:9a:39:e6:43:c8:d1:9c:
1b:d8:c0:9c:77:7e:87:d1:7e:cd:02:f2:23:39:6c:
65:a2:1f:93:e1:30:09:e8:ce:26:bf:e6:32:01:18:
24:94:da:3a:45:55:58:79:51:97:8a:e7:20:b0:12:
8a:6e:3e:22:db:ab:c8:b9:b8:1e:63:e1:d3:a6:41:
c6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A9:C5:6E:31:06:4A:F5:F1:6E:3C:E9:2D:DA:C0:D1:14:CC:6D:98
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232362e302f32342d3234203d3e20313938313230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.226.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:a8:da:8e:79:39:87:d1:c3:ba:06:f8:e0:43:92:45:82:9d:
ee:c9:91:4b:d7:f2:15:bb:16:c9:7b:54:7f:bd:e6:c0:dc:c8:
91:fc:9c:bf:83:2f:6c:db:d5:b2:3b:4a:07:86:1d:00:09:46:
1f:9a:f7:09:c2:a2:1c:9d:17:18:f7:d8:da:fe:d0:c8:4a:be:
49:62:5c:58:dd:76:d0:9e:5f:21:a9:3d:c3:1b:f7:f7:1f:45:
a3:f4:99:93:2c:44:f2:95:17:df:73:dd:d3:e8:2f:4d:8f:29:
06:f7:2d:04:d1:ae:46:8a:7c:d9:03:46:02:48:32:f1:9c:d1:
6b:25:f1:0b:91:37:14:6e:96:f2:48:f8:0a:ba:d7:e4:cb:a0:
e8:09:04:ad:03:9e:dd:a7:fa:3b:18:43:4a:39:84:4a:fe:c3:
5a:11:70:22:27:5c:76:b6:a9:6f:ce:c2:60:6a:31:6c:a3:bd:
af:4e:4a:4b:3e:c7:d0:1a:79:48:3e:d6:be:83:da:5e:88:37:
f5:a3:70:9f:0a:6a:5b:c8:28:f8:7c:09:6e:f7:fc:e4:16:3d:
de:f8:31:d8:c3:49:c6:86:71:8d:25:9c:cc:20:33:f8:03:18:
c4:48:27:4b:32:62:bd:3e:60:ac:00:40:69:3a:75:a1:10:6c:
70:cc:54:ac
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVfKEHaY+lM25JU7VtoexpNVg4Y0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA2MDQwMzMwMDZaFw0yNzA2MDMwMzM1MDZaMDMxMTAvBgNV
BAMTKDBFQTlDNTZFMzEwNjRBRjVGMTZFM0NFOTJEREFDMEQxMTRDQzZEOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWaoZCk/2YRRmuQNMXQyvMFMnd
rLaXltk2PcLn8416K0/Jduj884x9eAYd3kegSK8xAVOwrDwaKyCBcUF3wvVZshBY
iE40H7Nr6g4+xLEP16DAb6qiuSP7J667bR73ZmQHXGxbpUlcJkUNZrtoCDYla88U
jwbXETre9ifJDdYuteJPIzjX7cmoJaifL16c801q98jdQChOB+sj2mwCLJDr0VPm
GsI4x09pD1eSpW2PWqk2LxQP4JnehS6TmjnmQ8jRnBvYwJx3fofRfs0C8iM5bGWi
H5PhMAnozia/5jIBGCSU2jpFVVh5UZeK5yCwEopuPiLbq8i5uB5j4dOmQcabAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUDqnFbjEGSvXxbjzpLdrA0RTMbZgwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzIzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzODMxMzIzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALLs4jANBgkqhkiG9w0BAQsFAAOCAQEAfqjajnk5h9HDugb44EOSRYKd7smR
S9fyFbsWyXtUf73mwNzIkfycv4MvbNvVsjtKB4YdAAlGH5r3CcKiHJ0XGPfY2v7Q
yEq+SWJcWN120J5fIak9wxv39x9Fo/SZkyxE8pUX33Pd0+gvTY8pBvctBNGuRop8
2QNGAkgy8ZzRayXxC5E3FG6W8kj4CrrX5Mug6AkErQOe3af6OxhDSjmESv7DWhFw
Iidcdrapb87CYGoxbKO9r05KSz7H0Bp5SD7WvoPaXog39aNwnwpqW8go+HwJbvf8
5BY93vgx2MNJxoZxjSWczCAz+AMYxEgnSzJivT5grABAaTp1oRBscMxUrA==
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:14:25 2026 by rpki-client