Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132392e302f32342d3234203d3e20333935373933.roa
File: 3134352e37392e3132392e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: MB2AYLUjxJqLqjKcIyZInCtP/vKYvpqmLePmtJFRC6A=
Subject key identifier: 3A:2E:D2:89:6A:E2:F9:E2:6B:FA:DA:9E:62:31:51:2A:9E:DB:B9:73
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1209E1A4B296849A575567B5A2DC92C5C2F09060
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132392e302f32342d3234203d3e20333935373933.roa
Signing time: Thu 30 Apr 2026 19:24:00 +0000
ROA not before: Thu 30 Apr 2026 19:19:00 +0000
ROA not after: Thu 29 Apr 2027 19:24:00 +0000
asID: 395793
IP address blocks: 145.79.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:09:e1:a4:b2:96:84:9a:57:55:67:b5:a2:dc:92:c5:c2:f0:90:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 19:19:00 2026 GMT
Not After : Apr 29 19:24:00 2027 GMT
Subject: CN=3A2ED2896AE2F9E26BFADA9E6231512A9EDBB973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:06:9b:a4:d5:4a:23:ae:ab:ba:d0:ed:73:c5:
d9:0b:d2:58:49:3f:c2:52:4b:54:f3:dd:0e:9c:c9:
53:42:d2:fd:0f:53:ea:04:08:9f:62:6f:15:07:ee:
e9:e9:00:9f:be:d1:3d:5c:c1:72:a9:8d:9d:46:c1:
69:d8:13:43:86:70:29:36:f3:c1:89:ee:f0:8a:bd:
eb:da:f7:08:fa:8f:37:dd:fc:d3:b9:18:d3:59:a4:
55:e9:fb:f0:1d:9b:bd:f9:f9:8a:17:bd:18:a4:6f:
22:61:e7:b1:dd:70:45:ff:3e:15:fa:cf:2a:f4:47:
ea:79:73:11:44:7a:ce:17:2b:57:07:aa:c7:e5:90:
3f:8d:15:82:2b:19:12:88:28:57:91:e7:4c:11:d0:
9e:4b:0a:31:97:df:ce:a2:7e:c5:30:47:36:a2:3f:
7d:b7:51:cb:61:a9:5b:ee:4b:23:b5:1f:52:d9:c0:
11:ca:34:d6:1d:37:d3:3c:56:29:e5:7d:80:c3:07:
33:47:83:c0:94:61:27:c6:78:86:88:71:3f:50:8f:
03:68:eb:a5:fa:31:4a:ca:e1:4c:42:a6:27:32:b6:
0f:23:2e:f4:3c:09:42:64:e0:f7:1c:05:16:ce:8d:
56:ba:8a:bc:f2:34:34:f5:31:36:a1:83:27:cf:b3:
49:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2E:D2:89:6A:E2:F9:E2:6B:FA:DA:9E:62:31:51:2A:9E:DB:B9:73
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132392e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.129.0/24
Signature Algorithm: sha256WithRSAEncryption
26:ce:45:a6:20:db:4d:84:b3:b5:c7:ec:d5:80:2a:02:7a:32:
e5:af:86:7f:8a:3b:f5:a6:9f:56:d5:6a:ca:cf:05:1c:cd:65:
a5:e6:ab:81:31:1f:5b:61:48:15:aa:0a:96:e8:ca:53:f8:41:
87:04:c6:65:fb:4d:d9:e0:e9:79:1e:ae:9b:80:f6:7d:0f:a7:
08:fe:d1:bf:10:fd:13:6a:9f:7b:2d:5d:6b:1c:0a:9e:9c:72:
ff:b6:8a:11:ad:cb:5a:50:9d:57:51:52:65:55:2a:1e:31:6b:
51:5c:c5:a4:72:f9:21:81:90:3f:7e:89:d4:7e:2f:c8:cf:1f:
7a:6e:c0:e6:30:73:8d:88:b4:c4:39:39:68:45:93:20:2f:a1:
eb:75:28:7e:cb:ce:ed:d4:42:f0:8c:bb:aa:f6:f9:56:e2:d4:
72:83:67:8a:cc:81:5a:88:f6:93:79:11:74:a4:6d:bc:10:b8:
ac:e0:d7:f4:00:47:a3:4b:46:82:61:c4:97:ce:be:ce:4c:b8:
05:cb:06:59:ce:a3:ed:fb:aa:2d:ef:1e:00:86:a4:45:a6:39:
dc:e1:06:24:00:39:30:38:9f:2e:69:ff:6c:9e:9a:76:96:e8:
03:33:a2:d1:5c:85:24:8a:d2:09:64:19:b7:97:83:73:1a:ba:
c8:f1:79:20
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEgnhpLKWhJpXVWe1otySxcLwkGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxOTE5MDBaFw0yNzA0MjkxOTI0MDBaMDMxMTAvBgNV
BAMTKDNBMkVEMjg5NkFFMkY5RTI2QkZBREE5RTYyMzE1MTJBOUVEQkI5NzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzBpuk1Uojrqu60O1zxdkL0lhJ
P8JSS1Tz3Q6cyVNC0v0PU+oECJ9ibxUH7unpAJ++0T1cwXKpjZ1GwWnYE0OGcCk2
88GJ7vCKveva9wj6jzfd/NO5GNNZpFXp+/Adm735+YoXvRikbyJh57HdcEX/PhX6
zyr0R+p5cxFEes4XK1cHqsflkD+NFYIrGRKIKFeR50wR0J5LCjGX386ifsUwRzai
P323UcthqVvuSyO1H1LZwBHKNNYdN9M8VinlfYDDBzNHg8CUYSfGeIaIcT9QjwNo
66X6MUrK4UxCpicytg8jLvQ8CUJk4PccBRbOjVa6irzyNDT1MTahgyfPs0ljAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOi7SiWri+eJr+tqeYjFRKp7buXMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT4EwDQYJKoZIhvcNAQELBQADggEBACbORaYg202Es7XH7NWAKgJ6MuWvhn+K
O/Wmn1bVasrPBRzNZaXmq4ExH1thSBWqCpboylP4QYcExmX7Tdng6XkerpuA9n0P
pwj+0b8Q/RNqn3stXWscCp6ccv+2ihGty1pQnVdRUmVVKh4xa1FcxaRy+SGBkD9+
idR+L8jPH3puwOYwc42ItMQ5OWhFkyAvoet1KH7Lzu3UQvCMu6r2+Vbi1HKDZ4rM
gVqI9pN5EXSkbbwQuKzg1/QAR6NLRoJhxJfOvs5MuAXLBlnOo+37qi3vHgCGpEWm
OdzhBiQAOTA4ny5p/2yemnaW6AMzotFchSSK0glkGbeXg3MausjxeSA=
-----END CERTIFICATE-----
Generated at Wed May 13 04:34:38 2026 by rpki-client