Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3130372e302f32342d3234203d3e20323135373438.roa
File: 3134352e37392e3130372e302f32342d3234203d3e20323135373438.roa (raw, json)
Hash identifier: iw/q+RdJt3sZVgMfU616/tXS/FlF5EDvl1TPN13/6+M=
Subject key identifier: 2F:97:F9:67:20:7B:45:7A:79:43:E8:15:67:8E:B9:45:3D:D9:F8:5E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1FAB80B5696A08C5F111DD5BE6A32F35BB652ED3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3130372e302f32342d3234203d3e20323135373438.roa
Signing time: Tue 10 Mar 2026 07:16:03 +0000
ROA not before: Tue 10 Mar 2026 07:11:03 +0000
ROA not after: Tue 09 Mar 2027 07:16:03 +0000
asID: 215748
IP address blocks: 145.79.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:ab:80:b5:69:6a:08:c5:f1:11:dd:5b:e6:a3:2f:35:bb:65:2e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 10 07:11:03 2026 GMT
Not After : Mar 9 07:16:03 2027 GMT
Subject: CN=2F97F967207B457A7943E815678EB9453DD9F85E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:93:20:66:83:f8:e9:0a:43:b6:46:01:bc:75:
b6:b8:c0:0f:ee:af:95:2b:16:58:5e:54:7b:71:d6:
dc:93:61:14:bb:94:5d:a4:a3:a1:2f:a8:c8:ac:51:
e0:ba:c6:43:ec:69:c4:d2:d9:3c:ed:4b:83:05:d0:
e9:fc:63:73:fb:69:53:80:fa:cd:c3:bf:b7:47:52:
8e:c0:16:a2:13:70:ab:88:16:c5:d4:b2:02:c2:8b:
15:9e:b7:71:f4:e3:fe:c7:b5:2a:75:e8:a1:88:b5:
98:6f:38:2b:0b:b8:79:b4:e1:ee:9a:6e:4c:48:0b:
6c:da:08:8f:b5:af:73:ee:a0:84:1f:3c:4a:e7:01:
bb:a8:e9:16:02:ca:50:14:ff:e7:f8:02:61:1b:ea:
9b:49:76:30:c1:e7:2f:97:4b:2c:3c:c7:0a:c4:05:
52:c7:1e:87:44:98:1e:ee:e1:a8:bd:21:fa:72:56:
cf:87:0d:79:61:9c:2d:8c:88:d5:47:f8:12:ea:96:
dd:39:a2:51:7f:00:bd:1c:71:02:e2:23:d4:c6:23:
b5:20:fd:77:e5:d8:b3:da:0b:3c:86:9c:31:af:82:
44:18:b2:09:a4:bf:54:a2:16:3b:f6:13:f2:bc:84:
f6:72:df:59:5d:13:35:ab:16:ef:79:e6:bf:32:7a:
76:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:97:F9:67:20:7B:45:7A:79:43:E8:15:67:8E:B9:45:3D:D9:F8:5E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3130372e302f32342d3234203d3e20323135373438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.107.0/24
Signature Algorithm: sha256WithRSAEncryption
92:6b:7f:7a:86:96:32:7c:d9:52:04:70:1f:7c:59:7c:51:6c:
ac:7f:d5:c3:9e:2e:7a:3d:e6:60:66:36:5b:fb:46:38:30:e7:
26:0f:53:9f:62:e6:f3:c3:62:36:80:75:58:97:7e:92:f0:05:
4b:6c:48:56:02:a3:7f:98:50:29:44:fb:af:20:37:a9:69:1d:
87:b6:04:90:b9:2c:bb:a2:52:9d:c7:5c:ff:93:74:09:7e:53:
e4:64:2d:67:b3:62:03:49:1a:af:21:4a:e4:e7:c6:d8:09:29:
e3:8f:ec:2b:36:6d:76:8a:37:5b:c8:da:81:c3:98:a1:03:68:
7d:69:be:bf:60:ee:5c:98:82:15:06:c9:fc:88:f3:80:9d:e1:
13:ce:ef:83:ff:da:80:98:6a:d2:65:d9:a6:ad:7a:3f:dc:5d:
ba:98:6f:c0:d9:85:ae:9b:3d:38:00:d8:26:8d:af:b6:b7:6c:
49:5b:76:f8:ca:3b:3d:31:4d:5e:d4:64:65:f4:cf:4c:59:19:
78:48:67:f0:6e:f9:ae:dd:af:2b:31:68:fc:a6:51:99:90:5f:
0a:8e:14:84:96:d6:b6:70:f5:2d:6d:c8:d4:5e:c4:ba:56:9a:
40:a5:b7:67:f7:8e:a6:3f:7a:8a:9b:7f:45:e5:99:f4:5d:f8:
bf:ac:c8:5f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUH6uAtWlqCMXxEd1b5qMvNbtlLtMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTAwNzExMDNaFw0yNzAzMDkwNzE2MDNaMDMxMTAvBgNV
BAMTKDJGOTdGOTY3MjA3QjQ1N0E3OTQzRTgxNTY3OEVCOTQ1M0REOUY4NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDakyBmg/jpCkO2RgG8dba4wA/u
r5UrFlheVHtx1tyTYRS7lF2ko6EvqMisUeC6xkPsacTS2TztS4MF0On8Y3P7aVOA
+s3Dv7dHUo7AFqITcKuIFsXUsgLCixWet3H04/7HtSp16KGItZhvOCsLuHm04e6a
bkxIC2zaCI+1r3PuoIQfPErnAbuo6RYCylAU/+f4AmEb6ptJdjDB5y+XSyw8xwrE
BVLHHodEmB7u4ai9IfpyVs+HDXlhnC2MiNVH+BLqlt05olF/AL0ccQLiI9TGI7Ug
/Xfl2LPaCzyGnDGvgkQYsgmkv1SiFjv2E/K8hPZy31ldEzWrFu955r8yenYJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUL5f5ZyB7RXp5Q+gVZ465RT3Z+F4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzNzM0Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT2swDQYJKoZIhvcNAQELBQADggEBAJJrf3qGljJ82VIEcB98WXxRbKx/1cOe
Lno95mBmNlv7Rjgw5yYPU59i5vPDYjaAdViXfpLwBUtsSFYCo3+YUClE+68gN6lp
HYe2BJC5LLuiUp3HXP+TdAl+U+RkLWezYgNJGq8hSuTnxtgJKeOP7Cs2bXaKN1vI
2oHDmKEDaH1pvr9g7lyYghUGyfyI84Cd4RPO74P/2oCYatJl2aatej/cXbqYb8DZ
ha6bPTgA2CaNr7a3bElbdvjKOz0xTV7UZGX0z0xZGXhIZ/Bu+a7drysxaPymUZmQ
XwqOFISW1rZw9S1tyNRexLpWmkClt2f3jqY/eoqbf0XlmfRd+L+syF8=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:44:36 2026 by rpki-client