Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232382e302f32322d3234203d3e203335393136.roa
File: 3137382e3233362e3232382e302f32322d3234203d3e203335393136.roa (raw, json)
Hash identifier: Uj6qVhvkl5aO5WvtBsGs2hifXenpCHeFu2xN3NsemDU=
Subject key identifier: 13:68:9E:CE:C1:F0:43:C5:F6:B4:48:BE:48:47:77:46:86:CC:8C:75
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 76FAE021659CAAAA6630C2685D306CCAB046C78F
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232382e302f32322d3234203d3e203335393136.roa
Signing time: Tue 16 Jun 2026 16:31:42 +0000
ROA not before: Tue 16 Jun 2026 16:26:42 +0000
ROA not after: Tue 15 Jun 2027 16:31:42 +0000
asID: 35916
IP address blocks: 178.236.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:fa:e0:21:65:9c:aa:aa:66:30:c2:68:5d:30:6c:ca:b0:46:c7:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Jun 16 16:26:42 2026 GMT
Not After : Jun 15 16:31:42 2027 GMT
Subject: CN=13689ECEC1F043C5F6B448BE4847774686CC8C75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:0a:36:da:ba:9b:d0:6b:a3:21:9d:f3:6f:ad:
cb:27:fc:ac:02:32:f5:e2:f4:6f:6a:93:7b:b1:dd:
8f:a5:1e:30:6d:b5:60:02:5e:66:4b:53:dc:a6:92:
89:1a:8d:17:7b:5c:09:d1:82:99:22:5d:68:6a:19:
7f:93:9f:45:7f:6f:f6:21:ce:7e:54:d8:b7:5d:0f:
9b:b8:d4:16:87:a3:98:ce:b9:e2:08:6b:16:5f:4d:
fb:57:f7:b4:16:2e:8b:db:ba:03:0f:d7:d3:1d:c5:
e6:a1:d0:13:05:3c:68:82:92:a5:d7:a7:bb:38:1f:
c9:d4:df:61:f4:03:21:02:fd:5f:e0:be:4e:4f:28:
e1:8c:e3:e6:08:b3:4b:39:d5:0f:a4:02:e8:dc:4e:
d4:c1:67:2d:5d:ba:52:37:fe:57:1e:03:be:0c:1c:
da:0f:65:bd:0e:c4:3a:6f:28:af:36:d1:60:1f:60:
a0:ee:ac:3a:22:48:3b:d1:bd:46:1d:8c:86:1c:bc:
40:a5:b8:a1:17:f2:c8:0e:52:51:b2:00:70:83:94:
16:c0:41:56:80:9d:26:15:d3:69:df:31:9f:50:a9:
5e:06:fe:f8:d6:5a:52:e3:b2:b6:a9:52:0f:cb:6c:
c1:87:0c:ff:9f:2e:27:47:b7:83:b8:5b:53:e3:5e:
a5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:68:9E:CE:C1:F0:43:C5:F6:B4:48:BE:48:47:77:46:86:CC:8C:75
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3232382e302f32322d3234203d3e203335393136.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.228.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:9c:21:58:07:dd:31:57:61:f7:74:a4:cf:29:aa:f7:ba:63:
e8:74:d6:d4:08:44:69:de:c3:cc:2f:1f:ef:66:73:37:20:ee:
5d:40:55:df:f9:0c:80:df:a2:e9:bb:f8:60:dc:51:b7:b1:a8:
02:77:e6:55:a2:ea:54:35:83:6e:0d:bf:04:0a:82:f9:54:38:
7d:f6:2f:61:a5:30:75:54:75:90:86:6a:2f:96:b1:3d:65:bf:
98:a5:3f:82:60:6e:e5:3d:ca:d2:e2:87:6a:6c:7b:6b:a0:fb:
7d:02:88:8e:1d:58:5d:06:1b:75:ff:b6:0f:7c:36:81:22:ba:
36:08:66:af:23:d9:54:d4:5f:87:90:da:c6:58:66:d7:97:5d:
83:62:4a:ff:91:5d:b6:95:91:b4:56:6f:00:56:07:f8:78:6f:
71:fb:23:0f:fa:d8:84:c3:5f:85:b6:5b:5d:7b:2d:b1:d7:8e:
85:86:96:12:3b:36:63:4b:4b:3c:e6:5e:f7:35:ba:34:18:84:
ff:e8:20:9a:0b:8f:18:57:e3:59:2a:94:3b:54:32:a3:7d:cb:
71:be:da:c3:ba:db:bf:74:0d:e1:d3:80:bb:97:68:f0:e9:c6:
45:6f:54:2c:68:b3:71:7c:b2:4d:cc:d6:e4:1d:82:88:c1:c5:
bc:fa:42:52
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdvrgIWWcqqpmMMJoXTBsyrBGx48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA2MTYxNjI2NDJaFw0yNzA2MTUxNjMxNDJaMDMxMTAvBgNV
BAMTKDEzNjg5RUNFQzFGMDQzQzVGNkI0NDhCRTQ4NDc3NzQ2ODZDQzhDNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4CjbaupvQa6MhnfNvrcsn/KwC
MvXi9G9qk3ux3Y+lHjBttWACXmZLU9ymkokajRd7XAnRgpkiXWhqGX+Tn0V/b/Yh
zn5U2LddD5u41BaHo5jOueIIaxZfTftX97QWLovbugMP19Mdxeah0BMFPGiCkqXX
p7s4H8nU32H0AyEC/V/gvk5PKOGM4+YIs0s51Q+kAujcTtTBZy1dulI3/lceA74M
HNoPZb0OxDpvKK820WAfYKDurDoiSDvRvUYdjIYcvECluKEX8sgOUlGyAHCDlBbA
QVaAnSYV02nfMZ9QqV4G/vjWWlLjsrapUg/LbMGHDP+fLidHt4O4W1PjXqU5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUE2iezsHwQ8X2tEi+SEd3RobMjHUwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzIzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMzMzUzOTMxMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKy7OQwDQYJKoZIhvcNAQELBQADggEBAAucIVgH3TFXYfd0pM8pqve6Y+h01tQI
RGnew8wvH+9mczcg7l1AVd/5DIDfoum7+GDcUbexqAJ35lWi6lQ1g24NvwQKgvlU
OH32L2GlMHVUdZCGai+WsT1lv5ilP4JgbuU9ytLih2pse2ug+30CiI4dWF0GG3X/
tg98NoEiujYIZq8j2VTUX4eQ2sZYZteXXYNiSv+RXbaVkbRWbwBWB/h4b3H7Iw/6
2ITDX4W2W117LbHXjoWGlhI7NmNLSzzmXvc1ujQYhP/oIJoLjxhX41kqlDtUMqN9
y3G+2sO62790DeHTgLuXaPDpxkVvVCxos3F8sk3M1uQdgojBxbz6QlI=
-----END CERTIFICATE-----
Generated at Tue Jun 30 21:13:22 2026 by rpki-client