Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31312e38382e302f32312d3234203d3e20333939393535.roa
File: 3134352e31312e38382e302f32312d3234203d3e20333939393535.roa (raw, json)
Hash identifier: Ueylx3YusYAorGrega42JtxbfExfLiKYoC4Vi5lk2b4=
Subject key identifier: 69:EB:3F:13:BB:1C:3F:4C:80:6C:90:13:5D:0C:9E:E7:48:69:EF:E1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 187EE09519DA0362C9E3A0DCD048681BF739B09E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31312e38382e302f32312d3234203d3e20333939393535.roa
Signing time: Thu 30 Apr 2026 13:46:31 +0000
ROA not before: Thu 30 Apr 2026 13:41:31 +0000
ROA not after: Thu 29 Apr 2027 13:46:31 +0000
asID: 399955
IP address blocks: 145.11.88.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:7e:e0:95:19:da:03:62:c9:e3:a0:dc:d0:48:68:1b:f7:39:b0:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 13:41:31 2026 GMT
Not After : Apr 29 13:46:31 2027 GMT
Subject: CN=69EB3F13BB1C3F4C806C90135D0C9EE74869EFE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0c:fc:ff:0b:1a:2a:43:9d:85:1c:35:fc:35:
fd:0f:27:57:c5:43:22:86:52:2d:9a:6d:c8:ee:bd:
3d:e0:1c:91:aa:79:d3:27:99:14:47:a3:88:8f:21:
b2:41:7a:0e:c5:c7:eb:fa:73:5f:d9:78:2d:96:12:
09:c4:49:12:cc:fb:59:45:c6:31:59:71:e7:a4:b1:
da:c0:67:29:2a:80:11:51:47:6a:21:38:4b:65:72:
73:8b:c4:df:f2:a2:8f:f4:1a:bc:8d:2e:d0:f0:23:
b0:d9:e1:44:a5:67:3a:7c:0d:13:8c:85:6d:62:72:
6a:60:5c:8f:00:74:a7:3c:26:62:67:92:08:5b:31:
f6:4a:8a:2a:88:1f:1d:4d:7a:82:51:0b:7c:eb:55:
ea:c8:12:42:b7:4f:3a:2f:8b:9d:c7:72:90:03:53:
cd:e2:50:ab:9d:52:8e:ac:8a:02:84:38:47:62:5e:
44:a9:de:0c:15:d0:0f:e9:c7:cb:4b:f9:a2:f5:24:
9a:7f:26:b5:d9:61:74:a6:e7:3c:a9:48:02:0b:7c:
78:98:82:27:ce:34:c9:34:b7:c4:bf:e8:4a:1b:c5:
aa:03:be:6f:99:0e:ba:bb:b1:3d:0e:7f:38:ee:f9:
5f:73:8d:bb:aa:36:d4:24:eb:76:b7:0a:21:98:f1:
28:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EB:3F:13:BB:1C:3F:4C:80:6C:90:13:5D:0C:9E:E7:48:69:EF:E1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31312e38382e302f32312d3234203d3e20333939393535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.11.88.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:e4:22:94:cd:af:1f:80:64:06:6e:56:65:f5:3f:46:9e:44:
4c:8f:d9:68:81:57:9f:79:02:ed:3c:ac:b0:5d:8c:56:f2:d9:
ed:93:d0:a8:a1:f5:9c:29:ed:3a:4a:93:cb:34:ec:af:47:9a:
b1:be:59:6a:01:0d:4a:9f:ab:b6:1e:52:c0:56:d3:b4:2c:29:
6e:c6:19:60:4a:70:4f:dc:4b:47:fd:a2:23:0e:c5:e9:96:d2:
99:f8:96:3c:8d:b8:dc:8e:56:d8:f3:d5:b7:58:c6:08:71:fa:
b7:df:24:cb:1a:e2:db:e5:d8:31:19:d7:94:c5:8e:26:e1:48:
57:51:1b:e0:60:a7:b6:7f:f5:07:7f:3a:ff:08:ea:1a:11:9b:
59:a3:84:55:89:cc:a4:9f:4b:fb:fa:c4:fe:cf:37:c2:dd:4b:
3e:78:1e:4f:be:cb:b1:eb:d2:10:a4:0f:12:71:5e:ff:36:4e:
0a:93:99:24:b6:ae:9c:fe:91:da:26:19:bd:a0:be:8d:dc:04:
87:9f:2d:8c:3b:cd:59:86:d4:6f:25:d5:3e:5d:82:3f:a4:25:
78:07:bc:59:a9:0c:21:2b:41:f4:f1:a3:57:fd:ef:9d:2d:30:
29:41:b5:c7:b2:48:b9:5f:1d:95:88:48:a6:31:38:fb:ae:a9:
33:bf:4b:06
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGH7glRnaA2LJ46Dc0EhoG/c5sJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxMzQxMzFaFw0yNzA0MjkxMzQ2MzFaMDMxMTAvBgNV
BAMTKDY5RUIzRjEzQkIxQzNGNEM4MDZDOTAxMzVEMEM5RUU3NDg2OUVGRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmDPz/CxoqQ52FHDX8Nf0PJ1fF
QyKGUi2abcjuvT3gHJGqedMnmRRHo4iPIbJBeg7Fx+v6c1/ZeC2WEgnESRLM+1lF
xjFZceeksdrAZykqgBFRR2ohOEtlcnOLxN/yoo/0GryNLtDwI7DZ4USlZzp8DROM
hW1icmpgXI8AdKc8JmJnkghbMfZKiiqIHx1NeoJRC3zrVerIEkK3Tzovi53HcpAD
U83iUKudUo6sigKEOEdiXkSp3gwV0A/px8tL+aL1JJp/JrXZYXSm5zypSAILfHiY
gifONMk0t8S/6EobxaoDvm+ZDrq7sT0Ofzju+V9zjbuqNtQk63a3CiGY8ShPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaes/E7scP0yAbJATXQye50hp7+EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzMTMxMmUzODM4
MmUzMDJmMzIzMTJkMzIzNDIwM2QzZTIwMzMzOTM5MzkzNTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
kQtYMA0GCSqGSIb3DQEBCwUAA4IBAQAe5CKUza8fgGQGblZl9T9GnkRMj9logVef
eQLtPKywXYxW8tntk9CoofWcKe06SpPLNOyvR5qxvllqAQ1Kn6u2HlLAVtO0LClu
xhlgSnBP3EtH/aIjDsXpltKZ+JY8jbjcjlbY89W3WMYIcfq33yTLGuLb5dgxGdeU
xY4m4UhXURvgYKe2f/UHfzr/COoaEZtZo4RVicykn0v7+sT+zzfC3Us+eB5Pvsux
69IQpA8ScV7/Nk4Kk5kktq6c/pHaJhm9oL6N3ASHny2MO81ZhtRvJdU+XYI/pCV4
B7xZqQwhK0H08aNX/e+dLTApQbXHski5Xx2ViEimMTj7rqkzv0sG
-----END CERTIFICATE-----
Generated at Wed May 13 02:27:17 2026 by rpki-client