Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/31332e3134302e36302e302f32322d3234203d3e20313937393935.roa
File: 31332e3134302e36302e302f32322d3234203d3e20313937393935.roa (raw, json)
Hash identifier: G60c9APv+7JEfN1YgGaWHHCCunPyvVROtDtFNIw25wU=
Subject key identifier: 56:D9:00:59:56:9D:DB:8F:E6:F3:89:AC:3E:33:E3:6B:0D:29:AC:8C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 33A5ED036C634E94198D81782010D70250419BDC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/31332e3134302e36302e302f32322d3234203d3e20313937393935.roa
Signing time: Tue 05 May 2026 09:49:01 +0000
ROA not before: Tue 05 May 2026 09:44:01 +0000
ROA not after: Tue 04 May 2027 09:49:01 +0000
asID: 197995
IP address blocks: 13.140.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:a5:ed:03:6c:63:4e:94:19:8d:81:78:20:10:d7:02:50:41:9b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 5 09:44:01 2026 GMT
Not After : May 4 09:49:01 2027 GMT
Subject: CN=56D90059569DDB8FE6F389AC3E33E36B0D29AC8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:02:9f:54:6c:8d:3c:07:ae:b1:f6:79:f6:a4:
9e:b0:1b:67:ce:57:8f:04:99:9b:4a:d7:0f:94:fc:
f7:c2:14:aa:e8:c6:7d:51:a6:fc:dc:c3:9f:5c:9f:
2b:5a:b2:74:6b:63:51:2c:5a:e4:8e:db:0c:f8:7f:
56:47:b8:51:d4:3e:fe:1d:e4:c4:18:b0:a3:bf:e1:
71:ed:bb:8f:87:a7:f0:98:14:b6:60:da:a9:dc:bf:
2d:fb:75:29:53:e0:a9:4f:5f:5b:50:3d:84:4e:7e:
5e:dc:c4:88:5e:b5:65:0a:6a:3d:0a:19:c0:b4:ab:
e6:10:0e:8c:59:04:68:7d:7e:91:e8:35:98:97:12:
f0:0e:7a:6a:4a:d1:12:16:da:cc:f7:fb:6b:b2:90:
6d:0c:98:9d:89:33:3e:4d:1f:71:10:c7:b4:fa:92:
c2:08:96:dc:d6:5a:c0:91:e1:88:5b:ec:5a:e4:22:
d3:2f:25:77:42:4d:75:89:a7:c4:95:e4:fa:4e:93:
19:2a:0e:08:a6:df:ee:43:8c:09:42:28:e0:9f:29:
a5:db:8e:94:5d:ca:51:ac:03:21:92:6c:55:ff:f9:
ca:b1:98:b1:d4:c1:3d:22:99:a5:62:69:5b:89:29:
53:74:57:80:46:cb:4f:0c:86:ee:b9:a5:2c:5c:88:
b1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D9:00:59:56:9D:DB:8F:E6:F3:89:AC:3E:33:E3:6B:0D:29:AC:8C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/31332e3134302e36302e302f32322d3234203d3e20313937393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.140.60.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:c5:94:05:d8:4b:02:c5:8d:5e:b7:51:1a:aa:34:f0:f6:90:
d4:7f:f3:be:7b:c4:de:75:70:7d:8a:2b:df:f4:a0:b0:67:e4:
55:ce:3d:c7:6d:c0:9a:ff:2b:1a:c6:bf:37:c9:12:f4:ad:95:
d1:97:44:3c:dc:38:ba:8c:73:52:91:c5:fe:4d:67:6e:5b:eb:
51:c4:08:c7:2a:1e:de:0e:31:e6:f0:c5:82:e5:e2:53:6e:e9:
94:9a:fb:db:1a:44:bc:ae:50:f0:6f:b5:79:a4:cf:3b:c6:7e:
75:05:5e:41:85:30:32:8f:ff:1a:e0:ac:a0:4d:ab:16:3a:85:
0b:f1:ab:e8:ff:be:bd:ab:5c:50:17:d1:62:7c:d5:5d:0d:21:
f5:50:dc:e5:8c:7a:e7:14:1c:17:e8:6e:f9:74:57:d4:c8:b8:
02:43:3d:b6:ba:48:c7:8c:3f:60:2a:8c:f9:34:f2:c2:f3:52:
74:f6:35:bd:cd:e5:77:15:ba:96:83:f5:25:c6:09:1d:f0:2d:
d9:1e:3b:9b:14:a5:17:ea:96:34:ea:33:2a:f3:d0:41:9f:5d:
53:f2:b1:cb:26:1d:14:51:b4:55:d0:18:b9:0a:3b:2f:ec:0b:
60:bd:37:29:19:1c:9c:fd:ea:02:73:9e:81:38:f7:11:69:a0:
a0:92:e5:ac
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUM6XtA2xjTpQZjYF4IBDXAlBBm9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MDUwOTQ0MDFaFw0yNzA1MDQwOTQ5MDFaMDMxMTAvBgNV
BAMTKDU2RDkwMDU5NTY5RERCOEZFNkYzODlBQzNFMzNFMzZCMEQyOUFDOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbAp9UbI08B66x9nn2pJ6wG2fO
V48EmZtK1w+U/PfCFKroxn1Rpvzcw59cnytasnRrY1EsWuSO2wz4f1ZHuFHUPv4d
5MQYsKO/4XHtu4+Hp/CYFLZg2qncvy37dSlT4KlPX1tQPYROfl7cxIhetWUKaj0K
GcC0q+YQDoxZBGh9fpHoNZiXEvAOempK0RIW2sz3+2uykG0MmJ2JMz5NH3EQx7T6
ksIIltzWWsCR4Yhb7FrkItMvJXdCTXWJp8SV5PpOkxkqDgim3+5DjAlCKOCfKaXb
jpRdylGsAyGSbFX/+cqxmLHUwT0imaViaVuJKVN0V4BGy08Mhu65pSxciLHjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVtkAWVad24/m84msPjPjaw0prIwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMzJlMzEzNDMwMmUzNjMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzEzOTM3MzkzOTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
DYw8MA0GCSqGSIb3DQEBCwUAA4IBAQBfxZQF2EsCxY1et1EaqjTw9pDUf/O+e8Te
dXB9iivf9KCwZ+RVzj3HbcCa/ysaxr83yRL0rZXRl0Q83Di6jHNSkcX+TWduW+tR
xAjHKh7eDjHm8MWC5eJTbumUmvvbGkS8rlDwb7V5pM87xn51BV5BhTAyj/8a4Kyg
TasWOoUL8avo/769q1xQF9FifNVdDSH1UNzljHrnFBwX6G75dFfUyLgCQz22ukjH
jD9gKoz5NPLC81J09jW9zeV3FbqWg/Ulxgkd8C3ZHjubFKUX6pY06jMq89BBn11T
8rHLJh0UUbRV0Bi5Cjsv7AtgvTcpGRyc/eoCc56BOPcRaaCgkuWs
-----END CERTIFICATE-----
Generated at Wed May 13 04:17:13 2026 by rpki-client