Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31312e37322e302f32312d3234203d3e20333939393535.roa
File: 3134352e31312e37322e302f32312d3234203d3e20333939393535.roa (raw, json)
Hash identifier: hFFGkkG52PmZ02JRS8fyB6fN66bgukJjO4L1GfeFUAE=
Subject key identifier: 57:DA:C6:A5:C0:82:91:98:0B:37:3F:1B:C6:93:24:24:9D:81:6C:81
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 56E53D1D39727FD542933EBF4E576CF2F36D82BF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31312e37322e302f32312d3234203d3e20333939393535.roa
Signing time: Thu 30 Apr 2026 13:46:29 +0000
ROA not before: Thu 30 Apr 2026 13:41:29 +0000
ROA not after: Thu 29 Apr 2027 13:46:29 +0000
asID: 399955
IP address blocks: 145.11.72.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:e5:3d:1d:39:72:7f:d5:42:93:3e:bf:4e:57:6c:f2:f3:6d:82:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 13:41:29 2026 GMT
Not After : Apr 29 13:46:29 2027 GMT
Subject: CN=57DAC6A5C08291980B373F1BC69324249D816C81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cb:24:fe:9c:ac:f6:d1:21:73:3a:34:5d:1f:
24:f2:e3:40:bf:b0:74:6e:41:6b:e6:02:78:39:88:
2b:16:ff:21:f8:c0:92:d3:cf:be:ba:a2:63:40:ec:
e8:9e:ae:1f:64:81:54:b5:d6:a7:f7:fd:0e:b8:d5:
71:50:53:a0:cd:91:ed:40:d7:4d:ff:bc:ae:99:65:
43:9a:50:70:04:f8:12:56:5b:47:93:44:2c:bd:59:
57:19:be:cf:cd:f7:ad:7a:6c:d2:d7:31:52:ac:de:
fa:d1:75:61:fe:f1:f7:5c:b9:f3:f5:25:af:44:02:
09:80:72:44:f5:f2:41:53:02:b9:b5:e6:b9:26:cd:
7e:7d:ae:ac:d6:19:35:bb:f4:ce:28:0e:52:da:78:
e2:05:a9:8a:dc:d3:d3:dd:2e:cb:a6:33:31:14:fb:
f1:ee:1d:92:15:94:15:1e:44:e0:71:45:e3:87:0a:
29:1d:d5:2e:ec:97:8f:46:75:25:bb:9f:fc:ef:fe:
3f:7b:e3:77:b7:87:b6:c2:a1:bc:d2:e3:25:10:8f:
c9:21:91:cb:8c:d8:41:a8:85:95:b5:02:51:65:3a:
95:de:f5:a9:02:c0:11:67:5d:8e:61:dc:c5:91:61:
e6:fc:2f:b9:c8:b1:8f:9f:1c:56:a8:6b:d7:bc:37:
aa:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:DA:C6:A5:C0:82:91:98:0B:37:3F:1B:C6:93:24:24:9D:81:6C:81
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31312e37322e302f32312d3234203d3e20333939393535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.11.72.0/21
Signature Algorithm: sha256WithRSAEncryption
87:52:79:90:0d:94:03:bb:64:4c:60:58:11:60:65:e8:bf:7f:
4f:e1:98:57:2a:30:d7:2d:89:f1:99:f1:0b:db:91:f9:27:f6:
9a:75:5f:0e:7c:92:07:d3:dd:8e:72:50:4e:f3:2a:80:f0:09:
ce:f3:02:b9:60:7e:13:38:33:02:be:af:29:e5:8c:86:b2:e1:
fc:53:a4:9c:ae:f3:60:8b:0d:f3:26:13:52:29:57:10:9f:b6:
d3:c1:32:63:08:e2:44:d7:56:f0:ff:79:5c:e9:1a:98:62:76:
a5:81:73:c0:47:18:fb:97:04:58:48:79:45:fb:5e:7c:96:aa:
6b:e9:dc:ed:48:1e:ba:5e:d5:a0:17:c6:14:b8:72:b9:91:ee:
27:7c:22:f8:e4:21:80:77:17:31:2c:71:05:25:05:dc:b7:73:
01:dc:c6:ea:6a:b0:6d:2a:6c:2f:0d:5b:86:14:b7:25:42:a8:
d6:23:f3:c2:b4:8f:59:99:5d:06:d2:c8:16:f0:df:76:12:6b:
62:5a:49:a7:99:80:76:31:83:9d:16:83:a2:22:ed:fe:a8:cb:
33:5f:74:dd:ce:11:fd:31:0e:39:55:a7:0e:97:ff:a7:3d:c1:
23:79:75:7b:81:61:25:a2:27:36:67:71:7f:b5:42:b2:c0:d3:
dd:25:30:97
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVuU9HTlyf9VCkz6/Tlds8vNtgr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxMzQxMjlaFw0yNzA0MjkxMzQ2MjlaMDMxMTAvBgNV
BAMTKDU3REFDNkE1QzA4MjkxOTgwQjM3M0YxQkM2OTMyNDI0OUQ4MTZDODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxyyT+nKz20SFzOjRdHyTy40C/
sHRuQWvmAng5iCsW/yH4wJLTz766omNA7Oierh9kgVS11qf3/Q641XFQU6DNke1A
103/vK6ZZUOaUHAE+BJWW0eTRCy9WVcZvs/N9616bNLXMVKs3vrRdWH+8fdcufP1
Ja9EAgmAckT18kFTArm15rkmzX59rqzWGTW79M4oDlLaeOIFqYrc09PdLsumMzEU
+/HuHZIVlBUeROBxReOHCikd1S7sl49GdSW7n/zv/j9743e3h7bCobzS4yUQj8kh
kcuM2EGohZW1AlFlOpXe9akCwBFnXY5h3MWRYeb8L7nIsY+fHFaoa9e8N6ppAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUV9rGpcCCkZgLNz8bxpMkJJ2BbIEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzMTMxMmUzNzMy
MmUzMDJmMzIzMTJkMzIzNDIwM2QzZTIwMzMzOTM5MzkzNTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
kQtIMA0GCSqGSIb3DQEBCwUAA4IBAQCHUnmQDZQDu2RMYFgRYGXov39P4ZhXKjDX
LYnxmfEL25H5J/aadV8OfJIH092OclBO8yqA8AnO8wK5YH4TODMCvq8p5YyGsuH8
U6ScrvNgiw3zJhNSKVcQn7bTwTJjCOJE11bw/3lc6RqYYnalgXPARxj7lwRYSHlF
+158lqpr6dztSB66XtWgF8YUuHK5ke4nfCL45CGAdxcxLHEFJQXct3MB3MbqarBt
KmwvDVuGFLclQqjWI/PCtI9ZmV0G0sgW8N92EmtiWkmnmYB2MYOdFoOiIu3+qMsz
X3TdzhH9MQ45VacOl/+nPcEjeXV7gWEloic2Z3F/tUKywNPdJTCX
-----END CERTIFICATE-----
Generated at Wed May 13 02:50:17 2026 by rpki-client