Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233382e302f32332d3234203d3e203136353039.roa
File: 3137382e3233362e3233382e302f32332d3234203d3e203136353039.roa (raw, json)
Hash identifier: +d+v6sp5knpRtoxQqdZeuiFzOqF0m2ybqFYPkrOxp/A=
Subject key identifier: 55:BE:D4:55:91:28:A8:FA:85:EA:6F:F8:4E:37:DA:D7:A5:39:70:04
Certificate issuer: /CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Certificate serial: 2BDBCC6A312FA0B4424BE3E5D67E7075B0D095AA
Authority key identifier: A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233382e302f32332d3234203d3e203136353039.roa
Signing time: Tue 16 Jun 2026 16:31:38 +0000
ROA not before: Tue 16 Jun 2026 16:26:38 +0000
ROA not after: Tue 15 Jun 2027 16:31:38 +0000
asID: 16509
IP address blocks: 178.236.238.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:db:cc:6a:31:2f:a0:b4:42:4b:e3:e5:d6:7e:70:75:b0:d0:95:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a29ef21c1397ab4b2f08778305a37ffd1cc25c4e
Validity
Not Before: Jun 16 16:26:38 2026 GMT
Not After : Jun 15 16:31:38 2027 GMT
Subject: CN=55BED4559128A8FA85EA6FF84E37DAD7A5397004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:93:03:67:c3:a5:7f:43:2d:bb:b9:6c:b4:
00:dd:dd:0b:5e:2e:38:19:a5:98:d1:04:19:e5:23:
23:b3:79:ce:0a:78:93:ad:1b:2f:47:2a:74:4d:ca:
05:54:a1:3e:b0:9c:10:b8:41:91:ec:a7:a4:3d:ed:
ef:fa:84:29:e9:b0:c5:a6:7a:2a:45:8f:a5:83:2d:
29:26:34:42:bd:bd:20:58:9d:a4:3c:3a:b8:c3:e3:
ad:78:22:bb:c1:98:5b:14:ff:ed:7f:ac:f7:ef:8f:
ee:c3:31:e3:73:80:f0:42:4c:26:ff:f7:75:6a:13:
f0:f4:fb:e4:af:d5:68:ef:8e:30:5b:f6:34:77:cc:
9a:a5:f9:4a:7a:17:73:7d:b5:8f:11:3d:10:8b:19:
2d:cd:fa:a8:38:e6:cc:37:87:3f:5e:8d:21:b5:1e:
68:56:84:99:c5:f9:34:8a:68:06:45:78:30:bd:55:
98:f9:d9:f5:a0:33:e9:64:95:8b:dd:23:a4:19:5b:
5a:4e:17:0d:5b:33:69:d2:51:1d:e3:ca:27:1a:70:
af:e0:e3:a1:11:9b:d1:95:e9:ef:cb:a0:02:02:4c:
41:97:5a:ac:29:d6:0c:09:42:73:e7:21:9a:27:d2:
56:92:4e:58:9a:0d:17:e2:93:42:2a:7a:3a:0a:91:
4c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:BE:D4:55:91:28:A8:FA:85:EA:6F:F8:4E:37:DA:D7:A5:39:70:04
X509v3 Authority Key Identifier:
keyid:A2:9E:F2:1C:13:97:AB:4B:2F:08:77:83:05:A3:7F:FD:1C:C2:5C:4E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/A29EF21C1397AB4B2F08778305A37FFD1CC25C4E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/op7yHBOXq0svCHeDBaN__RzCXE4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/be41704f-7815-4f2c-a503-58ae08e556b6/2/3137382e3233362e3233382e302f32332d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.238.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:ec:51:c7:80:e6:66:ab:23:21:6d:87:f7:9d:14:42:09:d4:
f3:60:22:82:2e:ed:bc:c1:e6:7b:7c:a7:d0:97:1f:ce:3d:80:
a4:78:e9:ca:03:ff:8b:8d:16:f1:fb:13:a8:7f:37:89:80:1f:
20:b1:e8:43:88:47:e9:38:d6:d8:86:aa:2d:31:26:cd:1a:09:
e0:40:f2:4a:00:34:22:70:95:82:4d:f5:ef:69:4d:b2:ea:69:
16:40:3a:94:ae:4e:aa:ea:31:0a:16:12:e4:ee:c1:d5:b2:af:
af:3a:0a:6b:40:7d:60:4a:63:f3:af:87:81:c5:10:b9:68:bc:
bf:a0:97:71:c4:cb:c2:16:be:d1:b8:af:be:b9:d4:38:34:50:
76:03:9b:4a:b2:ab:62:7e:dc:3b:77:58:9b:a5:47:b6:4b:77:
2a:33:86:05:8e:51:84:31:16:e8:9b:58:8c:3f:99:9c:79:9a:
b9:17:af:40:e1:6b:1a:29:78:bf:68:e6:7c:06:99:ed:bb:1f:
ea:12:c9:04:f2:cb:60:f7:91:38:44:0e:15:55:73:1d:d5:61:
6e:7e:d3:47:bb:e0:d5:44:b7:76:d5:57:4e:67:13:cf:88:3d:
72:7f:46:66:d0:61:42:2f:23:c2:50:e7:05:3c:a1:56:b0:44:
ec:11:4e:61
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUK9vMajEvoLRCS+Pl1n5wdbDQlaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTI5ZWYyMWMxMzk3YWI0YjJmMDg3NzgzMDVhMzdmZmQx
Y2MyNWM0ZTAeFw0yNjA2MTYxNjI2MzhaFw0yNzA2MTUxNjMxMzhaMDMxMTAvBgNV
BAMTKDU1QkVENDU1OTEyOEE4RkE4NUVBNkZGODRFMzdEQUQ3QTUzOTcwMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjPJMDZ8Olf0Mtu7lstADd3Qte
LjgZpZjRBBnlIyOzec4KeJOtGy9HKnRNygVUoT6wnBC4QZHsp6Q97e/6hCnpsMWm
eipFj6WDLSkmNEK9vSBYnaQ8OrjD4614IrvBmFsU/+1/rPfvj+7DMeNzgPBCTCb/
93VqE/D0++Sv1WjvjjBb9jR3zJql+Up6F3N9tY8RPRCLGS3N+qg45sw3hz9ejSG1
HmhWhJnF+TSKaAZFeDC9VZj52fWgM+lklYvdI6QZW1pOFw1bM2nSUR3jyicacK/g
46ERm9GV6e/LoAICTEGXWqwp1gwJQnPnIZon0laSTliaDRfik0IqejoKkUx/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVb7UVZEoqPqF6m/4Tjfa16U5cAQwHwYDVR0j
BBgwFoAUop7yHBOXq0svCHeDBaN//RzCXE4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYtNzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1
NmI2LzIvQTI5RUYyMUMxMzk3QUI0QjJGMDg3NzgzMDVBMzdGRkQxQ0MyNUM0RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL29wN3lIQk9YcTBzdkNIZURCYU5fX1J6
Q1hFNC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmU0MTcwNGYt
NzgxNS00ZjJjLWE1MDMtNThhZTA4ZTU1NmI2LzIvMzEzNzM4MmUzMjMzMzYyZTMy
MzMzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGy7O4wDQYJKoZIhvcNAQELBQADggEBAA7sUceA5marIyFth/edFEIJ1PNgIoIu
7bzB5nt8p9CXH849gKR46coD/4uNFvH7E6h/N4mAHyCx6EOIR+k41tiGqi0xJs0a
CeBA8koANCJwlYJN9e9pTbLqaRZAOpSuTqrqMQoWEuTuwdWyr686CmtAfWBKY/Ov
h4HFELlovL+gl3HEy8IWvtG4r7651Dg0UHYDm0qyq2J+3Dt3WJulR7ZLdyozhgWO
UYQxFuibWIw/mZx5mrkXr0DhaxopeL9o5nwGme27H+oSyQTyy2D3kThEDhVVcx3V
YW5+00e74NVEt3bVV05nE8+IPXJ/RmbQYUIvI8JQ5wU8oVawROwRTmE=
-----END CERTIFICATE-----
Generated at Tue Jun 30 23:13:45 2026 by rpki-client