Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233352e302f32342d3234203d3e203134363138.roa
File: 3137382e3233362e3233352e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: 0gJhuGPSwbYe37kAa8m7YV7yXKIUVPzMQPHSJAUJKZ0=
Subject key identifier: 82:75:23:36:47:53:A6:AC:56:B4:B8:EC:07:31:25:7D:AF:8C:8F:DA
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 4FC5FC1FBD2A7A270EF5E7B4B58068AA6AC686F0
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233352e302f32342d3234203d3e203134363138.roa
Signing time: Tue 16 Jun 2026 16:31:35 +0000
ROA not before: Tue 16 Jun 2026 16:26:35 +0000
ROA not after: Tue 15 Jun 2027 16:31:35 +0000
asID: 14618
IP address blocks: 178.236.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:c5:fc:1f:bd:2a:7a:27:0e:f5:e7:b4:b5:80:68:aa:6a:c6:86:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Jun 16 16:26:35 2026 GMT
Not After : Jun 15 16:31:35 2027 GMT
Subject: CN=827523364753A6AC56B4B8EC0731257DAF8C8FDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0a:5b:38:3d:4b:a1:24:e9:70:7b:55:7f:d4:
b4:08:02:db:5a:41:a0:52:05:7b:f1:41:c7:e3:9f:
60:81:ff:45:fc:78:93:de:59:81:3e:12:4c:d2:ba:
eb:b9:3a:28:64:06:44:26:61:47:8a:4d:41:eb:3c:
4a:df:80:78:be:c4:0b:e1:1c:ff:62:3d:d5:0c:46:
99:57:8a:7a:87:d7:0f:3d:a3:6e:b0:8e:30:d9:62:
26:fb:85:d5:b3:03:96:13:a5:cf:3e:3e:1f:3c:3f:
b7:d8:e1:dc:9a:16:5b:62:ae:15:40:96:0e:ac:b8:
bd:4f:ef:e9:27:c4:31:cc:e3:ae:7b:ed:44:02:be:
24:a6:10:9e:f7:00:45:fa:93:44:33:f7:1f:44:0a:
ec:2d:70:26:b7:68:34:6a:6d:49:aa:4f:03:1c:53:
b1:59:5b:6e:15:7e:ca:0a:5a:72:08:98:3e:f7:db:
1c:9b:4f:81:e4:98:3a:c1:dc:57:73:5e:42:3d:14:
7f:03:44:ec:79:e5:fb:76:93:a1:1a:da:7c:98:38:
e7:97:95:a4:10:ad:8a:1d:ec:67:8b:ab:f8:7d:7d:
23:c3:1a:01:7b:0f:94:5d:a8:a3:c9:78:ef:b3:d1:
6e:7f:b5:94:e4:5a:19:33:b3:04:4c:17:98:13:67:
4c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:75:23:36:47:53:A6:AC:56:B4:B8:EC:07:31:25:7D:AF:8C:8F:DA
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233352e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.235.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:c2:80:9f:09:3f:78:e2:e3:54:46:29:ab:52:e6:ce:e7:72:
99:6c:4f:4a:9b:4e:1d:96:f9:19:11:a0:58:c0:98:9c:fd:e8:
3f:5b:32:e6:cb:ef:24:ea:fd:77:15:98:41:4e:81:52:2d:15:
12:95:97:07:2c:8c:a6:d2:f0:59:a8:d5:53:40:48:ec:1d:cd:
ff:af:00:5a:18:9b:9f:21:10:df:83:ca:fa:e2:8d:0d:f7:23:
ee:50:24:d6:42:c2:b7:0e:96:27:68:64:e5:43:e6:d6:f0:f7:
10:42:9b:ae:b8:46:ff:96:66:96:dc:c1:0c:68:3b:2b:35:44:
14:b6:32:e6:4f:bc:e1:ad:95:4c:46:58:08:c4:77:7f:bb:d1:
fd:c5:70:b6:18:f5:00:20:e8:ca:01:78:ca:ed:8c:04:87:bc:
ef:37:16:9e:2c:5c:99:ad:ff:bb:02:0c:9e:28:76:85:ef:10:
2c:0c:34:2e:00:49:35:33:d8:1e:74:ab:8e:b3:f4:52:c3:a2:
73:7a:72:8a:0e:15:85:3b:98:c7:b5:3e:c5:e9:90:f7:a9:2f:
cb:a9:1b:87:fc:12:02:dc:fd:0f:af:9e:a1:d8:9d:c2:3d:30:
45:69:85:00:9a:c7:52:44:67:e8:8f:1e:48:b0:54:82:be:ec:
eb:e6:dc:5a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUT8X8H70qeicO9ee0tYBoqmrGhvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA2MTYxNjI2MzVaFw0yNzA2MTUxNjMxMzVaMDMxMTAvBgNV
BAMTKDgyNzUyMzM2NDc1M0E2QUM1NkI0QjhFQzA3MzEyNTdEQUY4QzhGREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChCls4PUuhJOlwe1V/1LQIAtta
QaBSBXvxQcfjn2CB/0X8eJPeWYE+EkzSuuu5OihkBkQmYUeKTUHrPErfgHi+xAvh
HP9iPdUMRplXinqH1w89o26wjjDZYib7hdWzA5YTpc8+Ph88P7fY4dyaFltirhVA
lg6suL1P7+knxDHM46577UQCviSmEJ73AEX6k0Qz9x9ECuwtcCa3aDRqbUmqTwMc
U7FZW24VfsoKWnIImD732xybT4HkmDrB3FdzXkI9FH8DROx55ft2k6Ea2nyYOOeX
laQQrYod7GeLq/h9fSPDGgF7D5RdqKPJeO+z0W5/tZTkWhkzswRMF5gTZ0zbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUgnUjNkdTpqxWtLjsBzElfa+Mj9owHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7OswDQYJKoZIhvcNAQELBQADggEBAF3CgJ8JP3ji41RGKatS5s7ncplsT0qb
Th2W+RkRoFjAmJz96D9bMubL7yTq/XcVmEFOgVItFRKVlwcsjKbS8Fmo1VNASOwd
zf+vAFoYm58hEN+DyvrijQ33I+5QJNZCwrcOlidoZOVD5tbw9xBCm664Rv+WZpbc
wQxoOys1RBS2MuZPvOGtlUxGWAjEd3+70f3FcLYY9QAg6MoBeMrtjASHvO83Fp4s
XJmt/7sCDJ4odoXvECwMNC4ASTUz2B50q46z9FLDonN6cooOFYU7mMe1PsXpkPep
L8upG4f8EgLc/Q+vnqHYncI9MEVphQCax1JEZ+iPHkiwVIK+7Ovm3Fo=
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:14:26 2026 by rpki-client