Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31342e3132382e302f32332d3234203d3e20323034313730.roa
File: 3134352e31342e3132382e302f32332d3234203d3e20323034313730.roa (raw, json)
Hash identifier: 7BTN4RouiEiWp+Zc4B62NxzNdUpUiG+mUkV0BSghZ40=
Subject key identifier: 5F:15:C8:80:6A:CB:A6:63:4C:B6:57:F6:F5:5F:37:7E:3D:BA:F8:09
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 25838CBF9D2D4FFB8B709FC5F333DD36C69B41F9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31342e3132382e302f32332d3234203d3e20323034313730.roa
Signing time: Mon 23 Mar 2026 10:23:28 +0000
ROA not before: Mon 23 Mar 2026 10:18:28 +0000
ROA not after: Mon 22 Mar 2027 10:23:28 +0000
asID: 204170
IP address blocks: 145.14.128.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:83:8c:bf:9d:2d:4f:fb:8b:70:9f:c5:f3:33:dd:36:c6:9b:41:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 23 10:18:28 2026 GMT
Not After : Mar 22 10:23:28 2027 GMT
Subject: CN=5F15C8806ACBA6634CB657F6F55F377E3DBAF809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ec:9f:1e:d0:2c:77:14:6d:14:9c:5c:b8:b9:
67:3a:44:cd:f8:16:fd:da:bb:e5:07:eb:92:e9:62:
74:3c:b9:5a:d4:07:9e:16:a4:3c:21:9c:6f:c9:44:
68:e5:27:aa:c8:32:fe:1f:4d:72:ca:04:d8:68:d1:
0d:fa:f4:a4:58:2b:26:12:18:75:4a:eb:6d:c0:be:
24:86:71:ed:2a:35:2d:6e:79:d3:76:e9:ad:46:54:
31:07:6d:72:ab:ca:58:52:bb:ff:42:3d:c7:22:a5:
95:75:29:67:62:c5:72:50:89:70:18:56:55:0b:f8:
50:f8:dd:0b:3d:bf:e1:f8:fa:b7:72:4c:f9:ca:f6:
d3:99:a1:89:82:89:16:43:43:5a:d0:2d:e6:ce:3c:
42:55:a9:c6:80:14:85:fd:17:0a:c6:ea:92:1f:00:
d1:b6:d5:4f:57:91:96:12:54:57:c8:2f:ba:fc:7d:
5e:45:68:6b:4d:2f:26:88:b9:8c:31:43:13:e7:31:
4b:df:4f:ba:d8:b6:ee:1a:4b:91:23:da:aa:c0:31:
41:df:20:75:4c:2a:ec:f1:0a:ed:2d:20:09:55:01:
17:15:8f:ee:46:3c:df:f6:7d:73:7c:10:48:a8:35:
c1:16:09:09:b1:72:52:c4:a6:42:19:6d:30:39:d8:
9e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:15:C8:80:6A:CB:A6:63:4C:B6:57:F6:F5:5F:37:7E:3D:BA:F8:09
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e31342e3132382e302f32332d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.128.0/23
Signature Algorithm: sha256WithRSAEncryption
34:5e:c3:7e:ba:e0:9c:17:1d:0b:33:8e:6e:cf:d8:ef:60:98:
4d:17:94:e3:25:c4:6f:c3:47:aa:d2:75:a0:bb:8d:36:25:c7:
03:01:8b:c6:a6:a5:e7:bd:81:76:19:84:0d:0f:50:5b:94:59:
fc:a7:f6:62:2f:77:ff:c5:b2:6c:af:cc:ca:c5:a2:fa:92:16:
8c:6c:cc:1d:45:aa:3e:5e:21:46:fe:be:b1:69:52:6f:36:77:
79:df:c7:2a:21:af:51:9e:e3:4f:d4:bd:12:4a:73:61:e6:7e:
84:5f:4e:4d:05:0d:1d:16:53:b1:41:a0:64:ce:27:41:e0:96:
77:78:94:c8:03:62:8e:3c:01:d6:13:3a:fb:ea:5c:9e:0b:d4:
df:52:45:03:c0:72:fd:5e:09:9e:50:0f:d1:b2:77:a1:6c:f0:
c4:34:6e:e0:a4:ac:a9:4d:34:a4:27:5c:c7:aa:34:d0:d6:11:
84:b7:4e:ff:e5:04:48:87:75:16:07:3e:09:6f:e1:ee:21:ae:
f9:b2:7e:d5:c0:3e:d6:30:2e:09:9f:88:61:cd:b0:51:08:75:
c5:a3:0c:7a:d4:2b:37:cf:f1:88:7b:ad:10:3c:ab:56:7c:f8:
3e:8b:72:f7:53:3c:06:a4:44:bb:10:d2:0d:3b:eb:3f:e1:3e:
87:2d:50:c1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJYOMv50tT/uLcJ/F8zPdNsabQfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjMxMDE4MjhaFw0yNzAzMjIxMDIzMjhaMDMxMTAvBgNV
BAMTKDVGMTVDODgwNkFDQkE2NjM0Q0I2NTdGNkY1NUYzNzdFM0RCQUY4MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf7J8e0Cx3FG0UnFy4uWc6RM34
Fv3au+UH65LpYnQ8uVrUB54WpDwhnG/JRGjlJ6rIMv4fTXLKBNho0Q369KRYKyYS
GHVK623AviSGce0qNS1uedN26a1GVDEHbXKrylhSu/9CPccipZV1KWdixXJQiXAY
VlUL+FD43Qs9v+H4+rdyTPnK9tOZoYmCiRZDQ1rQLebOPEJVqcaAFIX9FwrG6pIf
ANG21U9XkZYSVFfIL7r8fV5FaGtNLyaIuYwxQxPnMUvfT7rYtu4aS5Ej2qrAMUHf
IHVMKuzxCu0tIAlVARcVj+5GPN/2fXN8EEioNcEWCQmxclLEpkIZbTA52J4JAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXxXIgGrLpmNMtlf29V83fj26+AkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzMTM0MmUzMTMy
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGRDoAwDQYJKoZIhvcNAQELBQADggEBADRew3664JwXHQszjm7P2O9gmE0XlOMl
xG/DR6rSdaC7jTYlxwMBi8ampee9gXYZhA0PUFuUWfyn9mIvd//FsmyvzMrFovqS
FoxszB1Fqj5eIUb+vrFpUm82d3nfxyohr1Ge40/UvRJKc2HmfoRfTk0FDR0WU7FB
oGTOJ0Hglnd4lMgDYo48AdYTOvvqXJ4L1N9SRQPAcv1eCZ5QD9Gyd6Fs8MQ0buCk
rKlNNKQnXMeqNNDWEYS3Tv/lBEiHdRYHPglv4e4hrvmyftXAPtYwLgmfiGHNsFEI
dcWjDHrUKzfP8Yh7rRA8q1Z8+D6LcvdTPAakRLsQ0g076z/hPoctUME=
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:59:30 2026 by rpki-client