Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e20323130393330.roa
File: 3137312e32322e37372e302f32342d3234203d3e20323130393330.roa (raw, json)
Hash identifier: e3dXx/SbvbUFDPkUcNswkyncjXv/ZPftUL5tGndRvus=
Subject key identifier: D1:89:09:5C:90:1D:CE:0E:36:B6:2F:DE:A4:81:3A:65:16:00:53:44
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 516110A9ED45CCD6C137039CC59DCD37DB481921
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e20323130393330.roa
Signing time: Tue 05 May 2026 16:47:11 +0000
ROA not before: Tue 05 May 2026 16:42:11 +0000
ROA not after: Tue 04 May 2027 16:47:11 +0000
asID: 210930
IP address blocks: 171.22.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:61:10:a9:ed:45:cc:d6:c1:37:03:9c:c5:9d:cd:37:db:48:19:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 5 16:42:11 2026 GMT
Not After : May 4 16:47:11 2027 GMT
Subject: CN=D189095C901DCE0E36B62FDEA4813A6516005344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9d:a2:e3:8a:25:3b:1e:91:3b:0c:96:10:a0:
c1:a4:d7:5b:3d:cd:82:b8:e2:46:29:9e:d2:13:f4:
6f:b2:33:53:08:e9:33:00:26:93:f0:4e:36:0f:cd:
4b:45:27:71:98:bf:b8:08:fe:37:b5:0e:84:67:ee:
e6:25:46:e5:c5:99:f2:8a:37:3d:69:3a:61:ea:22:
bc:eb:b7:38:f1:44:f9:c5:d4:b3:4a:dc:45:ff:05:
1c:9b:8c:98:4b:dc:fa:df:53:d5:48:fb:7e:46:48:
58:76:4c:70:06:c5:ae:d8:7f:4d:67:ae:0f:ae:7c:
77:42:21:f0:d5:aa:b8:d6:29:00:5b:b1:03:ae:90:
1c:3c:92:f1:80:58:47:24:63:c7:7b:65:85:92:db:
4f:33:20:d5:99:ad:83:d2:85:84:02:82:18:55:39:
7a:52:a0:57:ff:84:b5:d5:30:1a:c6:48:5c:09:fb:
8e:c8:33:f5:af:a9:b1:cb:65:2a:88:4f:ab:16:e8:
07:c0:eb:5d:89:da:ac:f1:2d:4e:7d:42:79:30:76:
df:17:75:92:39:45:3c:66:52:4b:33:73:30:9f:a8:
a3:a9:fd:80:bb:e9:5d:ab:1a:15:63:57:f9:0e:5b:
e2:1c:19:6a:04:e3:58:bd:63:9a:9c:16:31:0e:02:
35:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:89:09:5C:90:1D:CE:0E:36:B6:2F:DE:A4:81:3A:65:16:00:53:44
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37372e302f32342d3234203d3e20323130393330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.77.0/24
Signature Algorithm: sha256WithRSAEncryption
00:6a:6c:3e:97:f4:9f:d4:89:bf:6b:f5:39:f2:fd:7e:cf:22:
00:88:b2:33:fb:24:0f:aa:2b:1d:8a:b4:e7:85:d0:28:17:99:
84:7a:7f:35:5e:93:8a:ee:2e:0f:f6:70:ae:1b:6b:41:55:4c:
74:a5:11:6b:82:f9:75:7f:b3:51:8e:8d:bb:5a:9b:f1:7a:a9:
a4:a8:70:00:36:6a:41:a8:4d:63:1d:67:95:2a:ce:9f:2a:fe:
84:a7:ea:07:f7:d4:39:1d:a3:d2:5f:14:17:4e:5e:66:0e:ad:
54:1b:8a:38:18:c1:e2:c0:d9:a2:7e:54:f0:0b:a9:0c:d0:78:
08:ff:7e:c6:fc:8f:b0:8c:4c:98:f6:87:e2:25:9b:50:bc:9c:
ad:ac:f1:ef:3b:3c:19:b2:07:14:71:ea:42:14:9e:48:51:19:
b0:c0:75:ce:07:0b:f4:ef:e8:c3:4c:f4:8e:83:5e:59:64:43:
56:d6:fe:5e:db:7b:de:02:02:5f:33:89:f7:6a:c3:2b:e5:33:
ea:30:fe:5c:cb:6d:bc:d0:4d:3e:01:08:7f:bd:7b:ef:34:71:
1f:5e:d3:97:24:29:17:13:14:c6:84:77:b1:a8:55:4d:e8:ae:
8d:59:11:39:38:58:3e:0a:43:7a:b3:cd:ed:dc:35:5f:0c:e8:
2b:17:3e:a3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUWEQqe1FzNbBNwOcxZ3NN9tIGSEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNjA1MDUxNjQyMTFaFw0yNzA1MDQxNjQ3MTFaMDMxMTAvBgNV
BAMTKEQxODkwOTVDOTAxRENFMEUzNkI2MkZERUE0ODEzQTY1MTYwMDUzNDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKnaLjiiU7HpE7DJYQoMGk11s9
zYK44kYpntIT9G+yM1MI6TMAJpPwTjYPzUtFJ3GYv7gI/je1DoRn7uYlRuXFmfKK
Nz1pOmHqIrzrtzjxRPnF1LNK3EX/BRybjJhL3PrfU9VI+35GSFh2THAGxa7Yf01n
rg+ufHdCIfDVqrjWKQBbsQOukBw8kvGAWEckY8d7ZYWS208zINWZrYPShYQCghhV
OXpSoFf/hLXVMBrGSFwJ+47IM/WvqbHLZSqIT6sW6AfA612J2qzxLU59Qnkwdt8X
dZI5RTxmUkszczCfqKOp/YC76V2rGhVjV/kOW+IcGWoE41i9Y5qcFjEOAjVjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0YkJXJAdzg42ti/epIE6ZRYAU0QwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzkzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
qxZNMA0GCSqGSIb3DQEBCwUAA4IBAQAAamw+l/Sf1Im/a/U58v1+zyIAiLIz+yQP
qisdirTnhdAoF5mEen81XpOK7i4P9nCuG2tBVUx0pRFrgvl1f7NRjo27Wpvxeqmk
qHAANmpBqE1jHWeVKs6fKv6Ep+oH99Q5HaPSXxQXTl5mDq1UG4o4GMHiwNmiflTw
C6kM0HgI/37G/I+wjEyY9ofiJZtQvJytrPHvOzwZsgcUcepCFJ5IURmwwHXOBwv0
7+jDTPSOg15ZZENW1v5e23veAgJfM4n3asMr5TPqMP5cy2280E0+AQh/vXvvNHEf
XtOXJCkXExTGhHexqFVN6K6NWRE5OFg+CkN6s83t3DVfDOgrFz6j
-----END CERTIFICATE-----
Generated at Wed May 13 08:44:15 2026 by rpki-client