Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233362e302f32342d3234203d3e203136353039.roa
File: 3137382e3233362e3233362e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: /oMyhrzhRwrf9TS7pL2lkO0wvw/pL1iHf4xSJA6baFs=
Subject key identifier: CE:15:17:7B:E9:78:FE:9B:D6:6E:8A:F4:4F:A0:4D:B6:E2:D0:1C:4F
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 6C66776CC25A2CECD4A18925B5848067D3D90CF8
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233362e302f32342d3234203d3e203136353039.roa
Signing time: Tue 16 Jun 2026 16:31:41 +0000
ROA not before: Tue 16 Jun 2026 16:26:41 +0000
ROA not after: Tue 15 Jun 2027 16:31:41 +0000
asID: 16509
IP address blocks: 178.236.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:66:77:6c:c2:5a:2c:ec:d4:a1:89:25:b5:84:80:67:d3:d9:0c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Jun 16 16:26:41 2026 GMT
Not After : Jun 15 16:31:41 2027 GMT
Subject: CN=CE15177BE978FE9BD66E8AF44FA04DB6E2D01C4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6b:8a:60:21:5c:27:8f:ea:70:f8:75:4e:f7:
72:2f:6c:59:53:56:3c:e9:a2:af:a4:c9:dd:c8:51:
88:c5:64:c8:a1:b3:38:16:b5:36:7a:91:cc:96:d8:
f0:b5:9a:14:6a:bc:e3:30:15:c5:a9:85:5b:b5:01:
f1:ee:a5:51:b3:b7:ec:48:d2:6a:bb:fc:cc:63:74:
da:10:47:ae:53:ee:c7:b9:d8:40:5f:1e:5b:da:69:
4f:1e:41:5d:f5:ff:54:75:a8:1b:08:f3:64:db:77:
7b:bd:39:48:98:99:84:d8:40:80:83:8a:75:d9:1a:
bf:51:42:07:78:9c:d2:8f:56:d3:f2:e5:ba:36:80:
a3:8b:a6:c1:9d:ed:57:74:b2:80:6d:e4:89:e2:f3:
51:02:58:6b:72:94:aa:21:62:50:20:88:50:72:e5:
79:dd:91:89:75:cb:88:3b:78:1d:f1:74:c2:4b:56:
da:09:5e:7b:92:c5:ca:40:a2:aa:20:c9:a3:2e:23:
57:bc:b1:de:da:59:46:48:8b:8f:fd:5f:70:06:30:
41:53:38:1d:69:bc:3c:c0:10:64:b6:67:48:5d:1e:
2d:5b:0d:de:07:fc:20:bc:1e:71:b9:f2:66:b4:a5:
4f:f2:c9:6b:6c:f4:7c:ec:dc:fa:0e:ec:91:ef:6f:
1c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:15:17:7B:E9:78:FE:9B:D6:6E:8A:F4:4F:A0:4D:B6:E2:D0:1C:4F
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233362e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.236.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:76:56:9a:a0:a4:93:c4:2b:2f:22:7d:2b:f4:99:e4:85:59:
14:86:8e:79:a3:1b:27:95:6b:e3:75:26:56:98:f6:9f:75:e2:
8b:05:8a:c4:5f:c5:8c:47:87:5b:1b:73:df:88:76:c2:80:44:
db:b1:88:85:6f:30:64:1c:f1:1a:ef:0f:29:3b:50:bc:99:20:
61:4d:ba:92:7c:95:79:44:c2:74:3a:b1:e1:20:11:03:3e:53:
59:de:88:f1:62:74:e1:e7:e1:99:ba:7f:3d:85:5f:26:eb:11:
e4:52:56:4f:ec:24:38:57:0d:ff:4d:eb:99:db:e6:d1:b8:22:
5c:dc:42:0a:a6:86:61:56:94:78:bf:99:5f:ee:26:6c:e4:0c:
6a:ef:c8:0b:71:cb:d2:11:ca:f1:7f:2c:e0:95:ff:c3:c4:9e:
a4:19:7c:51:0f:da:12:25:2e:75:eb:ff:89:d7:fa:1a:6f:0e:
f2:75:eb:a5:78:bc:b0:bd:b3:ee:9d:0f:5a:d8:cc:ca:57:07:
a1:58:14:96:f3:ad:32:eb:bb:e8:8d:d4:a9:f7:ae:75:5d:8b:
bd:b1:5a:36:92:9b:f6:85:7a:ae:51:c5:93:f0:e2:14:ef:ea:
ea:d7:88:2a:24:27:a6:21:ce:5a:1c:88:92:e0:f5:c0:e4:00:
af:5c:b4:65
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbGZ3bMJaLOzUoYkltYSAZ9PZDPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA2MTYxNjI2NDFaFw0yNzA2MTUxNjMxNDFaMDMxMTAvBgNV
BAMTKENFMTUxNzdCRTk3OEZFOUJENjZFOEFGNDRGQTA0REI2RTJEMDFDNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQa4pgIVwnj+pw+HVO93IvbFlT
Vjzpoq+kyd3IUYjFZMihszgWtTZ6kcyW2PC1mhRqvOMwFcWphVu1AfHupVGzt+xI
0mq7/MxjdNoQR65T7se52EBfHlvaaU8eQV31/1R1qBsI82Tbd3u9OUiYmYTYQICD
inXZGr9RQgd4nNKPVtPy5bo2gKOLpsGd7Vd0soBt5Ini81ECWGtylKohYlAgiFBy
5XndkYl1y4g7eB3xdMJLVtoJXnuSxcpAoqogyaMuI1e8sd7aWUZIi4/9X3AGMEFT
OB1pvDzAEGS2Z0hdHi1bDd4H/CC8HnG58ma0pU/yyWts9Hzs3PoO7JHvbxwRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzhUXe+l4/pvWbor0T6BNtuLQHE8wHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy7OwwDQYJKoZIhvcNAQELBQADggEBAFp2VpqgpJPEKy8ifSv0meSFWRSGjnmj
GyeVa+N1JlaY9p914osFisRfxYxHh1sbc9+IdsKARNuxiIVvMGQc8RrvDyk7ULyZ
IGFNupJ8lXlEwnQ6seEgEQM+U1neiPFidOHn4Zm6fz2FXybrEeRSVk/sJDhXDf9N
65nb5tG4IlzcQgqmhmFWlHi/mV/uJmzkDGrvyAtxy9IRyvF/LOCV/8PEnqQZfFEP
2hIlLnXr/4nX+hpvDvJ166V4vLC9s+6dD1rYzMpXB6FYFJbzrTLru+iN1Kn3rnVd
i72xWjaSm/aFeq5RxZPw4hTv6urXiCokJ6YhzlociJLg9cDkAK9ctGU=
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:18:58 2026 by rpki-client