Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139352e302f32342d3234203d3e203232343237.roa
File: 3137382e3133322e3139352e302f32342d3234203d3e203232343237.roa (raw, json)
Hash identifier: QgvmMFuUdAiqbiI7YJRIvnHFDWl3E8S1w1OF0shY8uU=
Subject key identifier: 24:93:3D:3B:53:70:18:F1:B5:88:F8:7B:A3:62:5B:FA:5B:8F:D6:A1
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 45DF7EFAEE9C8BFF04730A4E0FB3D279B38CD180
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139352e302f32342d3234203d3e203232343237.roa
Signing time: Thu 19 Mar 2026 01:17:41 +0000
ROA not before: Thu 19 Mar 2026 01:12:41 +0000
ROA not after: Thu 18 Mar 2027 01:17:41 +0000
asID: 22427
IP address blocks: 178.132.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:df:7e:fa:ee:9c:8b:ff:04:73:0a:4e:0f:b3:d2:79:b3:8c:d1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Mar 19 01:12:41 2026 GMT
Not After : Mar 18 01:17:41 2027 GMT
Subject: CN=24933D3B537018F1B588F87BA3625BFA5B8FD6A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:de:94:b3:06:2d:12:d1:ed:b6:0f:94:d0:a4:
61:e3:b0:ea:e2:49:15:6f:3d:4f:5e:41:45:b7:7e:
58:cc:b5:d2:16:83:d6:cb:35:4b:c8:81:9f:98:c9:
05:e8:12:86:a8:15:58:9a:9e:19:7c:69:65:cd:08:
b6:e1:e7:b3:0a:92:d2:4b:4a:35:59:4a:30:4b:24:
0f:b8:e4:a6:d5:86:95:a4:f6:14:a9:52:c3:3b:9b:
da:94:e3:6c:44:d9:dd:5c:49:3b:8d:dc:41:aa:47:
a3:9e:b7:32:bb:ab:b2:ca:db:11:10:e1:97:58:d3:
49:06:d7:f3:19:3e:7c:93:59:e5:3e:52:76:dc:78:
aa:1f:ce:09:2a:55:9b:d5:e4:63:d5:4f:9a:96:d8:
13:4b:99:f0:7e:cf:8b:3f:d0:c5:96:91:fc:58:b7:
db:5d:16:6d:f4:ae:c1:ce:48:bc:75:75:af:29:14:
93:ba:e7:92:6c:62:14:a1:f1:92:ff:50:d5:24:90:
93:6a:81:da:f0:32:ae:63:01:30:6a:b7:d1:61:d3:
38:5a:6e:a7:b1:f6:68:a0:00:87:a5:f4:d3:19:1e:
f5:e0:7a:ff:7f:fb:17:0f:72:61:d7:f3:09:68:58:
53:2a:51:00:0a:27:ef:1d:70:08:89:14:ca:cc:ae:
63:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:93:3D:3B:53:70:18:F1:B5:88:F8:7B:A3:62:5B:FA:5B:8F:D6:A1
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139352e302f32342d3234203d3e203232343237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.195.0/24
Signature Algorithm: sha256WithRSAEncryption
09:03:8d:af:45:76:d0:93:f5:84:c5:a5:f3:94:67:87:41:74:
ea:4d:66:3f:97:d4:c4:a5:bc:eb:35:4f:90:ae:d5:80:d9:fc:
96:74:9f:c2:92:35:8c:bd:20:90:82:cd:7a:e3:5e:48:e8:88:
2d:0e:33:20:48:f5:9d:8e:03:7c:4e:ce:fb:1a:b1:a0:fa:4f:
b8:9b:31:3e:77:f2:b5:b9:b2:07:ff:9d:29:30:83:62:a8:d4:
25:95:3d:b2:c3:e9:3d:59:cd:e2:e0:73:de:1f:63:b1:a0:27:
8c:6b:e6:a6:e1:79:8b:c1:53:4c:e9:42:a1:fa:25:96:a5:43:
ee:4e:08:87:79:d3:16:6a:34:2a:c3:0f:71:19:47:be:34:5c:
b3:af:a8:ae:f1:58:77:c7:4e:f3:85:63:fc:bc:b3:02:f8:fa:
62:cb:2d:15:1c:69:44:06:16:2e:ed:37:02:dd:a6:b6:54:f2:
d2:22:02:6f:f6:7b:8c:ec:d8:8f:11:2c:1e:2d:34:4b:e7:6f:
17:48:48:1b:9f:93:b7:3c:56:12:e2:b3:b4:c7:a2:dd:ef:6b:
cd:6e:9b:ac:62:df:58:1f:a0:25:9d:ee:5c:62:92:f9:da:6f:
13:c3:5a:19:b7:02:87:88:a0:ef:43:4c:e7:c1:27:61:70:34:
54:7f:42:7f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURd9++u6ci/8EcwpOD7PSebOM0YAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNjAzMTkwMTEyNDFaFw0yNzAzMTgwMTE3NDFaMDMxMTAvBgNV
BAMTKDI0OTMzRDNCNTM3MDE4RjFCNTg4Rjg3QkEzNjI1QkZBNUI4RkQ2QTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ3pSzBi0S0e22D5TQpGHjsOri
SRVvPU9eQUW3fljMtdIWg9bLNUvIgZ+YyQXoEoaoFVianhl8aWXNCLbh57MKktJL
SjVZSjBLJA+45KbVhpWk9hSpUsM7m9qU42xE2d1cSTuN3EGqR6OetzK7q7LK2xEQ
4ZdY00kG1/MZPnyTWeU+UnbceKofzgkqVZvV5GPVT5qW2BNLmfB+z4s/0MWWkfxY
t9tdFm30rsHOSLx1da8pFJO655JsYhSh8ZL/UNUkkJNqgdrwMq5jATBqt9Fh0zha
bqex9migAIel9NMZHvXgev9/+xcPcmHX8wloWFMqUQAKJ+8dcAiJFMrMrmMZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJJM9O1NwGPG1iPh7o2Jb+luP1qEwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzIzNDMyMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACyhMMwDQYJKoZIhvcNAQELBQADggEBAAkDja9FdtCT9YTFpfOUZ4dBdOpNZj+X
1MSlvOs1T5Cu1YDZ/JZ0n8KSNYy9IJCCzXrjXkjoiC0OMyBI9Z2OA3xOzvsasaD6
T7ibMT538rW5sgf/nSkwg2Ko1CWVPbLD6T1ZzeLgc94fY7GgJ4xr5qbheYvBU0zp
QqH6JZalQ+5OCId50xZqNCrDD3EZR740XLOvqK7xWHfHTvOFY/y8swL4+mLLLRUc
aUQGFi7tNwLdprZU8tIiAm/2e4zs2I8RLB4tNEvnbxdISBufk7c8VhLis7THot3v
a81um6xi31gfoCWd7lxikvnabxPDWhm3AoeIoO9DTOfBJ2FwNFR/Qn8=
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:53:41 2026 by rpki-client