Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132332e302f32342d3234203d3e20323135373438.roa
File: 3134352e37392e3132332e302f32342d3234203d3e20323135373438.roa (raw, json)
Hash identifier: 9W87DiWqe0eNMxXmaioG1LsnaeANLMtPXeVxhG86yio=
Subject key identifier: 5B:69:AD:2D:59:68:1E:DA:6D:FA:6C:10:28:EF:19:B7:D5:FE:82:76
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 210D7CE8F1E998BB29F2F0B82F3E5AD884FC9D5D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132332e302f32342d3234203d3e20323135373438.roa
Signing time: Tue 10 Mar 2026 07:15:52 +0000
ROA not before: Tue 10 Mar 2026 07:10:52 +0000
ROA not after: Tue 09 Mar 2027 07:15:52 +0000
asID: 215748
IP address blocks: 145.79.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:0d:7c:e8:f1:e9:98:bb:29:f2:f0:b8:2f:3e:5a:d8:84:fc:9d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 10 07:10:52 2026 GMT
Not After : Mar 9 07:15:52 2027 GMT
Subject: CN=5B69AD2D59681EDA6DFA6C1028EF19B7D5FE8276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:06:ca:77:61:15:4d:c0:05:2e:59:c2:f7:61:
69:c4:92:54:3f:c7:d2:5d:b8:39:c2:c6:98:94:ac:
76:45:ee:53:1c:31:8b:7f:d8:fe:0a:ae:aa:85:70:
1b:99:18:78:17:e9:a8:52:b9:68:f3:92:92:84:3c:
39:07:11:93:b6:04:9d:7f:a2:a1:b8:50:3b:fd:7e:
d1:dc:7e:76:0a:ca:33:03:0d:14:cb:e3:df:88:30:
8f:a2:90:80:aa:9c:41:a2:e7:23:fb:aa:4f:ff:9b:
5f:1d:92:a6:f8:d7:e0:01:84:ef:2e:33:90:f5:0f:
0b:5d:fb:7c:aa:38:7f:83:43:78:11:06:5e:0a:f9:
6d:25:b8:37:4c:47:2c:fd:73:dd:24:af:06:9f:e0:
31:92:67:fb:8a:09:74:d0:31:f4:e1:75:41:ae:66:
bb:f8:71:f8:12:3c:bb:7b:08:81:3c:69:fe:82:61:
b6:7c:02:17:bd:cd:73:44:22:99:09:e4:29:b1:50:
a1:d5:32:8c:92:cd:07:69:db:d9:35:1c:55:05:17:
b7:cb:ef:77:67:d2:8f:59:b7:3a:69:ba:62:ee:48:
9a:65:42:85:68:50:db:55:5d:cd:6c:27:5f:4c:92:
76:ee:64:53:d9:7c:3b:4b:49:b6:f3:d2:16:2c:6c:
7a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:69:AD:2D:59:68:1E:DA:6D:FA:6C:10:28:EF:19:B7:D5:FE:82:76
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132332e302f32342d3234203d3e20323135373438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.123.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:8b:52:3a:ad:40:6d:54:44:1d:29:20:7e:7e:da:fd:b0:b3:
71:f8:22:9b:f0:08:7a:86:8d:2b:34:e0:a3:e6:43:a6:02:7b:
bc:f2:b3:5a:f6:3a:2e:42:06:b1:cf:b8:2f:97:11:60:f1:2d:
ca:1e:c0:9e:40:26:74:bc:f7:03:f1:ed:d5:f7:b1:eb:13:f3:
85:c9:76:1c:cd:39:b9:34:93:35:ce:9d:29:99:46:1f:c5:3f:
57:df:2d:35:e3:d4:69:54:94:5c:aa:d4:c6:50:e1:43:d7:f4:
17:ec:7d:5f:2e:26:71:54:0b:8a:4c:c2:f1:97:9b:66:b7:43:
9b:18:71:8b:6b:a6:c0:94:27:b0:59:cc:98:bb:2a:ef:9e:97:
eb:69:ec:c2:96:05:c9:ae:48:27:2c:f3:3c:06:61:e4:93:9d:
da:ae:42:33:ed:5e:af:43:8c:12:03:dc:e6:62:2f:84:bb:41:
26:87:2f:5f:ea:f9:f3:fd:c2:1a:05:ef:3b:c1:60:94:35:fe:
62:75:38:f1:77:71:14:c4:92:e4:a2:76:dd:44:a5:ad:5a:d0:
8a:97:45:65:0d:a3:27:e3:d8:c2:6f:2f:c6:2d:12:9e:9d:db:
a7:07:88:b3:3e:c2:2a:3e:2c:c2:49:b8:52:ba:17:b6:5a:47:
6e:80:55:fa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIQ186PHpmLsp8vC4Lz5a2IT8nV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTAwNzEwNTJaFw0yNzAzMDkwNzE1NTJaMDMxMTAvBgNV
BAMTKDVCNjlBRDJENTk2ODFFREE2REZBNkMxMDI4RUYxOUI3RDVGRTgyNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXBsp3YRVNwAUuWcL3YWnEklQ/
x9JduDnCxpiUrHZF7lMcMYt/2P4KrqqFcBuZGHgX6ahSuWjzkpKEPDkHEZO2BJ1/
oqG4UDv9ftHcfnYKyjMDDRTL49+IMI+ikICqnEGi5yP7qk//m18dkqb41+ABhO8u
M5D1Dwtd+3yqOH+DQ3gRBl4K+W0luDdMRyz9c90krwaf4DGSZ/uKCXTQMfThdUGu
Zrv4cfgSPLt7CIE8af6CYbZ8Ahe9zXNEIpkJ5CmxUKHVMoySzQdp29k1HFUFF7fL
73dn0o9ZtzppumLuSJplQoVoUNtVXc1sJ19MknbuZFPZfDtLSbbz0hYsbHpbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUW2mtLVloHtpt+mwQKO8Zt9X+gnYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzNzM0Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT3swDQYJKoZIhvcNAQELBQADggEBACyLUjqtQG1URB0pIH5+2v2ws3H4Ipvw
CHqGjSs04KPmQ6YCe7zys1r2Oi5CBrHPuC+XEWDxLcoewJ5AJnS89wPx7dX3sesT
84XJdhzNObk0kzXOnSmZRh/FP1ffLTXj1GlUlFyq1MZQ4UPX9BfsfV8uJnFUC4pM
wvGXm2a3Q5sYcYtrpsCUJ7BZzJi7Ku+el+tp7MKWBcmuSCcs8zwGYeSTndquQjPt
Xq9DjBID3OZiL4S7QSaHL1/q+fP9whoF7zvBYJQ1/mJ1OPF3cRTEkuSidt1Epa1a
0IqXRWUNoyfj2MJvL8YtEp6d26cHiLM+wio+LMJJuFK6F7ZaR26AVfo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:44:34 2026 by rpki-client