Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134322e302f32342d3234203d3e20333935373933.roa
File: 3134352e37392e3134322e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: UHFtZCJJ6EpVi8CatT2pzGNJbAgudKbBbgQ2MO7HYVg=
Subject key identifier: C9:F7:AF:C7:34:81:A5:60:46:25:0E:FE:C3:A3:2C:82:6F:79:AD:4B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7890A0CDBAD2365D0E64EF1A73209A2AF493DABD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134322e302f32342d3234203d3e20333935373933.roa
Signing time: Thu 30 Apr 2026 19:23:59 +0000
ROA not before: Thu 30 Apr 2026 19:18:59 +0000
ROA not after: Thu 29 Apr 2027 19:23:59 +0000
asID: 395793
IP address blocks: 145.79.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:90:a0:cd:ba:d2:36:5d:0e:64:ef:1a:73:20:9a:2a:f4:93:da:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 19:18:59 2026 GMT
Not After : Apr 29 19:23:59 2027 GMT
Subject: CN=C9F7AFC73481A56046250EFEC3A32C826F79AD4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:26:f8:12:45:8e:c3:52:69:93:f5:d2:7f:b1:
64:4e:da:8f:a1:fd:3b:5c:69:39:41:28:37:9f:fd:
0a:d4:03:b2:5f:6f:26:70:4c:b5:08:44:b5:a1:ef:
73:39:66:ff:d5:78:9f:7f:b6:03:0f:bd:9c:fc:41:
aa:3c:f8:bd:23:79:ea:af:d3:96:96:94:7d:bd:e0:
eb:49:0d:df:7a:2b:2f:db:c1:fc:ed:9b:66:3e:21:
cb:55:d4:67:d9:cf:c8:29:d9:63:3a:e8:d2:52:70:
4e:43:8c:2a:18:93:0c:ba:8d:93:94:37:d4:b4:14:
35:6d:ba:08:79:b0:09:b9:2e:97:1f:c6:b2:2a:07:
68:6c:20:b9:f3:1e:81:dd:b9:c1:44:56:c1:a8:0a:
92:12:ae:b1:9b:55:43:f0:66:55:e6:74:6a:08:b0:
a2:df:be:89:44:8f:77:53:02:88:9b:ea:17:44:94:
1a:ab:21:c2:24:4a:c7:f3:73:57:a3:24:ae:d1:20:
e2:ef:5c:58:00:cf:e2:0a:d0:02:cd:3f:b9:f5:a1:
95:aa:5b:5e:2e:48:04:e7:4a:38:d6:38:a0:da:94:
f1:06:fa:cb:ef:c8:23:c8:45:e5:6a:3c:fe:3e:76:
ba:5f:5b:f1:a6:79:6e:08:93:d2:ae:ae:50:72:6b:
a2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F7:AF:C7:34:81:A5:60:46:25:0E:FE:C3:A3:2C:82:6F:79:AD:4B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134322e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.142.0/24
Signature Algorithm: sha256WithRSAEncryption
11:72:03:80:b1:03:75:db:96:8a:8f:d5:d4:e9:a4:89:2e:70:
fa:e4:e6:c9:45:35:47:d0:7e:f4:14:65:6d:56:f1:89:8e:cc:
81:d0:73:63:6e:fe:c4:78:25:4d:64:87:76:4b:ff:77:f2:00:
07:c7:11:bb:44:e3:a5:fb:63:a8:63:bf:bd:ae:4a:b4:a1:6a:
40:e8:79:ba:64:f8:09:d4:64:13:b6:4c:3c:d0:35:84:d4:2a:
63:a7:89:34:54:7b:5e:8f:62:f7:ff:76:85:b3:fc:71:fa:40:
d5:16:d7:58:5b:7c:fe:fd:23:92:ad:1d:f6:f2:ed:6d:ca:1f:
eb:08:c9:ea:9a:7f:2b:03:81:68:18:d6:bc:41:36:74:e5:c7:
3c:b9:2c:57:e1:9a:71:d9:b1:20:06:db:06:da:f3:de:20:7d:
6e:3d:3d:35:1a:0b:93:7b:ab:fe:99:ef:1d:cf:bf:25:15:d6:
3c:55:a4:ba:31:d2:28:fc:e3:10:fa:44:4c:e3:cc:a8:e3:c9:
e4:0c:b8:88:1f:2f:21:c4:b8:cc:7f:85:0c:0b:08:e8:ac:d5:
be:69:91:b6:8c:88:46:c2:77:82:8d:87:e8:bf:74:bb:20:4e:
57:a1:88:86:e4:54:ec:22:d8:fb:12:ec:f4:88:8b:50:1b:20:
4c:2f:a2:35
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeJCgzbrSNl0OZO8acyCaKvST2r0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxOTE4NTlaFw0yNzA0MjkxOTIzNTlaMDMxMTAvBgNV
BAMTKEM5RjdBRkM3MzQ4MUE1NjA0NjI1MEVGRUMzQTMyQzgyNkY3OUFENEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbJvgSRY7DUmmT9dJ/sWRO2o+h
/TtcaTlBKDef/QrUA7JfbyZwTLUIRLWh73M5Zv/VeJ9/tgMPvZz8Qao8+L0jeeqv
05aWlH294OtJDd96Ky/bwfztm2Y+IctV1GfZz8gp2WM66NJScE5DjCoYkwy6jZOU
N9S0FDVtugh5sAm5LpcfxrIqB2hsILnzHoHducFEVsGoCpISrrGbVUPwZlXmdGoI
sKLfvolEj3dTAoib6hdElBqrIcIkSsfzc1ejJK7RIOLvXFgAz+IK0ALNP7n1oZWq
W14uSATnSjjWOKDalPEG+svvyCPIReVqPP4+drpfW/GmeW4Ik9KurlBya6LdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyfevxzSBpWBGJQ7+w6Msgm95rUswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM0
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT44wDQYJKoZIhvcNAQELBQADggEBABFyA4CxA3XbloqP1dTppIkucPrk5slF
NUfQfvQUZW1W8YmOzIHQc2Nu/sR4JU1kh3ZL/3fyAAfHEbtE46X7Y6hjv72uSrSh
akDoebpk+AnUZBO2TDzQNYTUKmOniTRUe16PYvf/doWz/HH6QNUW11hbfP79I5Kt
Hfby7W3KH+sIyeqafysDgWgY1rxBNnTlxzy5LFfhmnHZsSAG2wba894gfW49PTUa
C5N7q/6Z7x3PvyUV1jxVpLox0ij84xD6REzjzKjjyeQMuIgfLyHEuMx/hQwLCOis
1b5pkbaMiEbCd4KNh+i/dLsgTlehiIbkVOwi2PsS7PSIi1AbIEwvojU=
-----END CERTIFICATE-----
Generated at Wed May 13 04:46:41 2026 by rpki-client