Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa
File: 37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: 1REy8L24KLoKl3JqIBhua6ZpJl+9tTOGeMTqBDAsTtM=
Subject key identifier: F3:56:40:D1:FB:7F:9C:A4:72:80:DA:35:7C:C3:AB:B4:E9:44:0E:FD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3F0F2D36F2096B9BB0FC48D9F6151EBD05C035B2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 29 Dec 2025 09:50:55 +0000
ROA not before: Mon 29 Dec 2025 09:45:55 +0000
ROA not after: Mon 28 Dec 2026 09:50:55 +0000
asID: 201341
IP address blocks: 77.237.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 21:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:0f:2d:36:f2:09:6b:9b:b0:fc:48:d9:f6:15:1e:bd:05:c0:35:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 29 09:45:55 2025 GMT
Not After : Dec 28 09:50:55 2026 GMT
Subject: CN=F35640D1FB7F9CA47280DA357CC3ABB4E9440EFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bc:bf:40:47:a3:00:4e:5a:a9:9d:f1:e3:6e:
37:6a:1c:2a:a6:a2:52:fc:0c:e8:bc:8b:be:b9:4b:
be:da:0c:f5:a7:b9:e0:c3:b2:83:f3:05:6d:87:39:
3f:68:51:bd:75:8f:16:d3:50:6f:83:91:2a:34:b6:
6c:43:8c:da:12:b6:19:78:e5:d8:73:56:e6:4e:59:
ac:6c:8b:17:e1:c4:00:11:c4:cd:dd:7d:22:6c:3b:
b7:9a:32:53:aa:2e:2a:1a:f5:77:d8:45:5b:d6:0c:
6f:57:d0:64:fd:bc:a5:a7:17:8c:37:9a:c4:71:93:
7d:83:9e:e7:70:fb:f2:6a:3b:62:d6:cc:3c:dd:02:
4b:08:b9:c6:da:50:fa:bf:e9:33:3b:b8:85:9f:5b:
d2:51:f5:94:4f:2b:4c:ed:c2:37:0d:d7:33:8d:2a:
34:a4:53:85:9d:87:ab:6c:dc:26:e8:21:19:33:16:
7a:35:74:ba:15:37:9a:d9:0d:b7:00:96:c4:75:26:
57:2b:f5:55:9d:f7:40:b2:f6:0f:ea:b6:9d:87:ce:
dc:f6:62:07:1e:85:c2:33:90:a2:2e:9a:a8:9e:5d:
ae:81:4f:03:7e:ca:31:c8:31:e2:5f:ca:54:f7:05:
48:2e:50:07:f1:14:22:2d:0c:73:5a:7a:cf:31:ca:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:56:40:D1:FB:7F:9C:A4:72:80:DA:35:7C:C3:AB:B4:E9:44:0E:FD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.226.0/24
Signature Algorithm: sha256WithRSAEncryption
66:68:af:c5:e3:dc:85:13:35:f5:d3:08:ac:75:fb:5b:5b:75:
3a:5b:9f:c4:3b:0f:71:cb:67:27:9f:0c:92:cb:79:7f:55:42:
d2:62:72:31:de:2c:68:d8:69:97:fd:5d:ca:13:0b:cd:47:64:
65:a3:d8:53:6b:fc:64:21:d3:90:3e:3e:74:21:85:0f:09:e7:
bc:ae:b3:31:0d:48:4d:d1:fb:6a:1e:5a:27:78:1a:51:42:94:
7f:54:51:ad:f1:0f:fe:9a:a2:5e:95:e9:1e:89:a1:eb:19:84:
8b:de:c2:6f:50:6d:a5:4a:83:93:50:6c:50:8c:f9:ad:63:55:
ad:3a:37:03:e6:0f:77:69:cc:ee:f7:47:b6:44:f4:9e:0c:06:
c3:e9:4c:d3:36:b7:8d:f5:a7:5b:6f:b6:3b:45:37:2e:5a:f0:
f2:f8:f7:22:69:ac:4a:56:80:6b:ba:62:e1:cb:e0:fb:70:8c:
c1:a2:d1:98:d4:23:a7:bb:27:ca:e0:5f:11:de:aa:3f:cd:ac:
93:b4:59:45:32:58:60:a7:3f:de:5d:5a:79:57:0b:73:44:73:
7a:2f:8c:41:64:90:86:de:25:98:4b:a2:e5:4b:be:91:31:c2:
c4:dc:e5:52:14:bc:3f:89:fa:a5:a0:c3:62:aa:07:f1:12:52:
9b:01:3e:20
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPw8tNvIJa5uw/EjZ9hUevQXANbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTVaFw0yNjEyMjgwOTUwNTVaMDMxMTAvBgNV
BAMTKEYzNTY0MEQxRkI3RjlDQTQ3MjgwREEzNTdDQzNBQkI0RTk0NDBFRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEvL9AR6MATlqpnfHjbjdqHCqm
olL8DOi8i765S77aDPWnueDDsoPzBW2HOT9oUb11jxbTUG+DkSo0tmxDjNoSthl4
5dhzVuZOWaxsixfhxAARxM3dfSJsO7eaMlOqLioa9XfYRVvWDG9X0GT9vKWnF4w3
msRxk32Dnudw+/JqO2LWzDzdAksIucbaUPq/6TM7uIWfW9JR9ZRPK0ztwjcN1zON
KjSkU4Wdh6ts3CboIRkzFno1dLoVN5rZDbcAlsR1Jlcr9VWd90Cy9g/qtp2Hztz2
YgcehcIzkKIumqieXa6BTwN+yjHIMeJfylT3BUguUAfxFCItDHNaes8xyg7rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU81ZA0ft/nKRygNo1fMOrtOlEDv0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzIzMzM3MmUzMjMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABN7eIwDQYJKoZIhvcNAQELBQADggEBAGZor8Xj3IUTNfXTCKx1+1tbdTpbn8Q7
D3HLZyefDJLLeX9VQtJicjHeLGjYaZf9XcoTC81HZGWj2FNr/GQh05A+PnQhhQ8J
57yuszENSE3R+2oeWid4GlFClH9UUa3xD/6aol6V6R6JoesZhIvewm9QbaVKg5NQ
bFCM+a1jVa06NwPmD3dpzO73R7ZE9J4MBsPpTNM2t431p1tvtjtFNy5a8PL49yJp
rEpWgGu6YuHL4PtwjMGi0ZjUI6e7J8rgXxHeqj/NrJO0WUUyWGCnP95dWnlXC3NE
c3ovjEFkkIbeJZhLouVLvpExwsTc5VIUvD+J+qWgw2KqB/ESUpsBPiA=
-----END CERTIFICATE-----
Generated at Mon Feb 23 03:00:59 2026 by rpki-client