Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3133332e302f32342d3234203d3e20333935373933.roa
File: 3134352e37392e3133332e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: ii5irAd6G7N2UYilEVRRb4Od3NjUZa4doYQ/AJWlNsI=
Subject key identifier: 72:80:E6:EA:B5:13:47:52:9D:6C:4D:E7:94:A7:26:10:6A:C7:3A:E6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7E5D3F21F112EBC8E311E1E5CD0CADAA0FF8D8DF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3133332e302f32342d3234203d3e20333935373933.roa
Signing time: Thu 30 Apr 2026 19:24:00 +0000
ROA not before: Thu 30 Apr 2026 19:19:00 +0000
ROA not after: Thu 29 Apr 2027 19:24:00 +0000
asID: 395793
IP address blocks: 145.79.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:5d:3f:21:f1:12:eb:c8:e3:11:e1:e5:cd:0c:ad:aa:0f:f8:d8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 19:19:00 2026 GMT
Not After : Apr 29 19:24:00 2027 GMT
Subject: CN=7280E6EAB51347529D6C4DE794A726106AC73AE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d6:a0:50:21:1d:6e:d1:3b:ff:c7:b1:93:ed:
77:7b:50:6c:62:7c:e5:cc:6c:ca:0e:e2:d5:1a:e3:
4d:43:cb:bb:01:1e:f4:07:cb:96:05:fb:8a:44:48:
07:cd:5b:a3:70:1d:72:6f:9b:dc:11:f4:3b:ea:f5:
f1:0f:cc:9c:95:d0:74:40:62:00:2f:fb:0b:b9:73:
a5:29:ad:ae:32:94:2f:1c:1f:cc:47:00:ee:17:00:
47:1f:b8:b4:97:db:de:7c:8a:18:53:d6:6a:8e:20:
f9:71:6e:be:d7:5a:8e:c3:4a:ee:11:af:51:43:74:
e9:f3:99:1e:70:e7:52:63:c2:02:d2:62:d7:6a:99:
7a:64:e2:f4:48:9b:32:5d:b7:b3:26:fd:12:62:e1:
07:1f:88:ca:4b:b7:22:63:47:da:d1:69:1e:80:65:
31:a3:2c:a7:4f:50:0e:e5:13:6d:41:a7:0c:2a:cf:
b5:a3:85:25:13:82:1b:98:5c:7d:88:5f:09:1b:36:
9c:a0:15:59:f1:9a:be:e4:f9:13:a3:fd:51:79:fb:
db:03:48:0d:5a:7c:6e:c1:4b:fe:ff:8f:cc:e7:f3:
3b:c2:7d:27:a3:8d:5c:c3:48:4d:c5:c6:a0:40:fb:
a2:fd:e7:b5:ae:f7:06:19:1a:6f:4c:ae:94:84:3a:
35:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:80:E6:EA:B5:13:47:52:9D:6C:4D:E7:94:A7:26:10:6A:C7:3A:E6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3133332e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.133.0/24
Signature Algorithm: sha256WithRSAEncryption
92:dc:3b:ec:80:a0:4b:a5:50:4a:ce:24:64:c9:6b:9d:d4:c9:
d1:56:79:85:8e:a4:77:90:57:7d:50:a6:8a:12:05:8b:6e:73:
cd:f7:c7:a5:7c:ba:ab:50:f1:8f:18:28:86:44:17:69:e0:d9:
47:68:8f:25:98:fe:d5:bc:14:82:61:e0:9a:01:29:b2:e3:79:
bf:c2:c8:ff:9c:3f:04:ba:0c:9a:75:88:72:e7:4d:e2:76:68:
9f:df:68:f5:b8:c0:79:b8:87:0d:85:fb:c8:7f:9f:57:b2:e0:
12:11:8c:3b:6d:63:b9:42:1c:fd:79:f9:52:cb:cd:ba:29:f6:
f6:5f:29:e9:7b:db:85:5b:f6:20:c5:58:21:a1:4a:65:df:26:
ca:fc:19:95:06:ac:b3:b0:72:01:e6:95:01:ea:28:bb:f5:dd:
7d:4c:8b:d7:a8:1f:cc:01:fb:e7:ae:0a:f3:7a:bf:65:74:e0:
11:08:c2:61:e0:61:79:6e:65:b7:ac:c2:a2:92:f3:eb:05:55:
8d:72:ea:3d:40:f0:e6:9c:df:0e:15:d0:fb:f6:53:0a:ba:a9:
5c:ff:df:94:a9:f2:e8:8b:32:7d:dc:ee:0c:1f:46:e4:49:35:
03:27:6c:77:34:26:0e:53:09:2f:5d:00:16:1d:1d:d5:58:7d:
ed:df:23:13
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfl0/IfES68jjEeHlzQytqg/42N8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxOTE5MDBaFw0yNzA0MjkxOTI0MDBaMDMxMTAvBgNV
BAMTKDcyODBFNkVBQjUxMzQ3NTI5RDZDNERFNzk0QTcyNjEwNkFDNzNBRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu1qBQIR1u0Tv/x7GT7Xd7UGxi
fOXMbMoO4tUa401Dy7sBHvQHy5YF+4pESAfNW6NwHXJvm9wR9Dvq9fEPzJyV0HRA
YgAv+wu5c6Upra4ylC8cH8xHAO4XAEcfuLSX2958ihhT1mqOIPlxbr7XWo7DSu4R
r1FDdOnzmR5w51JjwgLSYtdqmXpk4vRImzJdt7Mm/RJi4QcfiMpLtyJjR9rRaR6A
ZTGjLKdPUA7lE21Bpwwqz7WjhSUTghuYXH2IXwkbNpygFVnxmr7k+ROj/VF5+9sD
SA1afG7BS/7/j8zn8zvCfSejjVzDSE3FxqBA+6L957Wu9wYZGm9MrpSEOjXPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcoDm6rUTR1KdbE3nlKcmEGrHOuYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT4UwDQYJKoZIhvcNAQELBQADggEBAJLcO+yAoEulUErOJGTJa53UydFWeYWO
pHeQV31QpooSBYtuc833x6V8uqtQ8Y8YKIZEF2ng2UdojyWY/tW8FIJh4JoBKbLj
eb/CyP+cPwS6DJp1iHLnTeJ2aJ/faPW4wHm4hw2F+8h/n1ey4BIRjDttY7lCHP15
+VLLzbop9vZfKel724Vb9iDFWCGhSmXfJsr8GZUGrLOwcgHmlQHqKLv13X1Mi9eo
H8wB++euCvN6v2V04BEIwmHgYXluZbeswqKS8+sFVY1y6j1A8Oac3w4V0Pv2Uwq6
qVz/35Sp8uiLMn3c7gwfRuRJNQMnbHc0Jg5TCS9dABYdHdVYfe3fIxM=
-----END CERTIFICATE-----
Generated at Wed May 13 07:13:22 2026 by rpki-client