Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233332e302f32342d3234203d3e203137353631.roa
File: 3137382e3233362e3233332e302f32342d3234203d3e203137353631.roa (raw, json)
Hash identifier: BDvbJBn4PdPpKswpqhygiWIr2d5q+v6X7XYvNKW1Ayo=
Subject key identifier: B5:83:F1:20:DC:E3:7E:BC:41:4B:4A:03:C0:E8:7D:1F:29:55:98:C5
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 2CDBABF713EBB443DDE288C80677720B2B297E59
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233332e302f32342d3234203d3e203137353631.roa
Signing time: Tue 16 Jun 2026 16:31:25 +0000
ROA not before: Tue 16 Jun 2026 16:26:25 +0000
ROA not after: Tue 15 Jun 2027 16:31:25 +0000
asID: 17561
IP address blocks: 178.236.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:db:ab:f7:13:eb:b4:43:dd:e2:88:c8:06:77:72:0b:2b:29:7e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Jun 16 16:26:25 2026 GMT
Not After : Jun 15 16:31:25 2027 GMT
Subject: CN=B583F120DCE37EBC414B4A03C0E87D1F295598C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:53:4d:ce:cf:cd:36:d6:ad:1d:04:b6:35:9e:
09:ed:34:96:29:bf:01:7c:15:73:dc:6c:4d:1b:75:
cd:26:df:bf:ce:e0:b7:91:e0:06:0d:e6:98:ad:98:
d0:f6:8c:1f:8c:cd:cd:a8:bc:a8:68:11:75:b6:1f:
91:a2:65:20:b6:39:df:58:32:35:b8:d6:f7:72:16:
d8:d5:99:d8:20:cf:fa:38:14:29:80:d5:a7:5f:fb:
f6:92:ea:cf:ca:b5:4d:1b:de:52:7b:ed:14:4c:ae:
22:44:c3:54:37:14:a6:5f:09:76:7f:e5:12:78:7f:
74:cd:1e:fc:99:46:3b:12:41:f7:4c:b1:b2:98:c3:
99:17:32:c0:46:57:5e:33:5b:39:f3:02:75:9f:25:
0d:62:e7:5a:a2:3e:d5:a2:91:e5:24:aa:4b:ac:8a:
71:e7:2c:fd:03:2d:00:8e:bf:c3:3b:a9:54:b9:55:
18:fd:11:be:65:ac:5e:fd:50:b7:8b:47:fe:63:b7:
68:c4:36:18:9d:c7:b7:16:66:7e:08:18:5f:ef:71:
6b:05:ed:c6:ff:0d:5e:92:40:c4:a9:dd:cf:f4:5e:
a9:27:bf:c9:22:cb:79:df:37:b0:09:99:5a:f1:b5:
8e:4c:53:a6:5c:3e:49:0e:b5:b6:f8:a8:f2:99:20:
35:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:83:F1:20:DC:E3:7E:BC:41:4B:4A:03:C0:E8:7D:1F:29:55:98:C5
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233332e302f32342d3234203d3e203137353631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.233.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:11:d0:72:40:79:87:00:e5:c8:40:10:1a:9f:31:36:00:a1:
b0:eb:9f:a7:21:e8:6a:50:da:e7:26:af:d6:9c:3b:97:b3:b7:
f0:78:cc:03:fc:c0:89:30:f4:a9:4a:5c:f2:bd:01:97:44:14:
6e:33:83:84:9d:7a:78:03:2c:b2:2c:f6:fb:f7:8d:24:4e:5c:
17:74:ed:ec:7d:17:77:dc:aa:7f:84:80:67:a4:83:d2:25:b9:
81:31:b7:da:45:1b:2c:f1:37:1d:c4:31:4b:e9:b4:1a:d6:42:
15:92:dd:82:97:83:b7:27:c9:22:d6:14:4a:5b:a2:ea:01:6f:
aa:d3:c3:69:e8:d1:11:a2:81:c4:98:ca:c8:06:2b:6d:5b:b0:
72:29:f9:dd:b9:ee:7d:ce:5d:25:11:7f:a9:28:46:c2:76:c5:
23:d4:ef:5b:48:16:3b:57:27:74:09:ee:33:16:5b:80:7d:28:
ef:ea:b6:5f:a3:cd:e4:aa:1b:85:90:a8:1e:35:b7:24:03:bf:
ad:b4:5f:5c:68:7d:0a:ca:86:53:4a:12:77:ab:1d:2d:b6:ab:
8e:34:90:35:4a:aa:4b:fd:02:d4:0a:e1:c8:99:01:e2:6e:8a:
d2:fd:9b:68:dc:bc:29:6b:58:a4:34:2f:69:2c:fe:49:94:1f:
8f:13:2a:53
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULNur9xPrtEPd4ojIBndyCyspflkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA2MTYxNjI2MjVaFw0yNzA2MTUxNjMxMjVaMDMxMTAvBgNV
BAMTKEI1ODNGMTIwRENFMzdFQkM0MTRCNEEwM0MwRTg3RDFGMjk1NTk4QzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKU03Oz8021q0dBLY1ngntNJYp
vwF8FXPcbE0bdc0m37/O4LeR4AYN5pitmND2jB+Mzc2ovKhoEXW2H5GiZSC2Od9Y
MjW41vdyFtjVmdggz/o4FCmA1adf+/aS6s/KtU0b3lJ77RRMriJEw1Q3FKZfCXZ/
5RJ4f3TNHvyZRjsSQfdMsbKYw5kXMsBGV14zWznzAnWfJQ1i51qiPtWikeUkqkus
inHnLP0DLQCOv8M7qVS5VRj9Eb5lrF79ULeLR/5jt2jENhidx7cWZn4IGF/vcWsF
7cb/DV6SQMSp3c/0Xqknv8kiy3nfN7AJmVrxtY5MU6ZcPkkOtbb4qPKZIDUXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtYPxINzjfrxBS0oDwOh9HylVmMUwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzczNTM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7OkwDQYJKoZIhvcNAQELBQADggEBAB0R0HJAeYcA5chAEBqfMTYAobDrn6ch
6GpQ2ucmr9acO5ezt/B4zAP8wIkw9KlKXPK9AZdEFG4zg4SdengDLLIs9vv3jSRO
XBd07ex9F3fcqn+EgGekg9IluYExt9pFGyzxNx3EMUvptBrWQhWS3YKXg7cnySLW
FEpbouoBb6rTw2no0RGigcSYysgGK21bsHIp+d257n3OXSURf6koRsJ2xSPU71tI
FjtXJ3QJ7jMWW4B9KO/qtl+jzeSqG4WQqB41tyQDv620X1xofQrKhlNKEnerHS22
q440kDVKqkv9AtQK4ciZAeJuitL9m2jcvClrWKQ0L2ks/kmUH48TKlM=
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:20:00 2026 by rpki-client