Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134342e302f32342d3234203d3e20313530323933.roa
File: 3134352e37392e3134342e302f32342d3234203d3e20313530323933.roa (raw, json)
Hash identifier: ZgBmLUMhTPWkz497oVCWvx9H7fkTLpXssRN5lJbJMgE=
Subject key identifier: 3A:AB:4B:5C:23:4F:36:CB:35:54:18:B4:FC:80:A4:41:2C:2D:BB:8B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 11B59E7058BE95AA7FEF7581272584046600BA7E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134342e302f32342d3234203d3e20313530323933.roa
Signing time: Tue 24 Mar 2026 13:07:19 +0000
ROA not before: Tue 24 Mar 2026 13:02:19 +0000
ROA not after: Tue 23 Mar 2027 13:07:19 +0000
asID: 150293
IP address blocks: 145.79.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:b5:9e:70:58:be:95:aa:7f:ef:75:81:27:25:84:04:66:00:ba:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 24 13:02:19 2026 GMT
Not After : Mar 23 13:07:19 2027 GMT
Subject: CN=3AAB4B5C234F36CB355418B4FC80A4412C2DBB8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:96:4c:2b:46:88:e2:32:ed:1e:a3:a1:c9:97:
7f:37:51:f4:27:69:fe:3c:f5:3b:48:9f:ac:d2:c4:
8c:1e:e4:f5:a8:4a:b8:56:c3:b2:00:f3:03:9c:34:
cf:cb:e1:9c:aa:c3:5b:9e:13:4b:50:af:6b:89:e0:
43:69:c7:d0:67:95:35:52:56:28:c2:53:ec:37:ba:
3c:2d:03:dc:f6:e1:6f:d9:d0:ab:13:ab:36:42:f2:
f4:9f:03:02:05:0c:71:b2:5d:83:bf:cb:d4:6a:b2:
b9:f4:9c:07:d2:74:09:a0:54:65:32:3d:5f:d4:1c:
e9:aa:ea:9c:86:ed:c5:af:6e:84:89:53:d4:36:ff:
a0:de:f3:85:92:02:ce:79:07:dd:32:99:0b:15:02:
77:84:c6:04:d9:7f:5c:95:f3:e3:cb:26:ad:ed:b2:
56:98:61:54:56:50:56:a3:70:3b:83:b7:0f:47:95:
20:04:e0:6a:62:16:0b:93:a7:77:2a:84:f1:c0:42:
69:42:c9:ff:83:2c:94:60:53:e6:74:e9:42:96:e5:
d4:c1:02:5d:b7:73:b0:e8:8e:3e:a3:3d:e8:04:6a:
19:3c:16:51:79:b5:ae:9a:8c:1e:d8:63:ff:e2:0c:
9a:72:42:43:4a:d1:ec:c2:60:b6:f5:77:57:70:67:
4a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AB:4B:5C:23:4F:36:CB:35:54:18:B4:FC:80:A4:41:2C:2D:BB:8B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134342e302f32342d3234203d3e20313530323933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.144.0/24
Signature Algorithm: sha256WithRSAEncryption
49:b4:ae:b0:b3:ea:21:ed:a0:c5:46:09:34:e1:f2:1e:7c:d8:
f5:b0:72:b6:52:d2:c8:6e:e1:13:8e:31:50:d9:0f:31:bc:3a:
7a:cc:64:52:dc:8b:a7:fe:07:0c:65:38:0c:5e:12:f7:c7:06:
a7:f2:a2:9b:7d:0c:b4:33:4e:96:e3:95:6f:bc:1b:62:ce:dc:
1c:26:fc:48:56:20:5f:b9:1d:08:14:a6:df:e4:87:b7:e3:06:
23:1c:2f:c6:60:e5:f2:7e:da:da:6f:16:48:52:fc:aa:ca:1f:
b6:53:9c:e5:d0:e3:8d:49:25:f4:a1:d8:b2:b3:97:1d:5d:a1:
84:4e:39:6e:4d:74:79:a5:67:68:da:01:ba:f7:d3:ec:20:32:
84:1c:47:27:5c:4e:88:f8:6d:1b:ec:2b:a3:df:9b:3c:73:f5:
13:28:2d:66:cc:31:93:38:1b:34:ef:3d:03:27:7e:18:d6:4e:
6d:c6:db:be:84:5d:80:3a:cb:95:64:5a:30:13:71:4f:b8:fa:
93:45:bb:b7:47:ef:aa:20:74:9d:04:ba:87:82:4e:ce:c1:09:
1d:2d:3a:42:47:83:b1:8b:e8:82:d1:ee:56:78:5f:2e:39:79:
51:77:b3:9b:44:0c:44:aa:a7:2a:12:96:e1:40:12:b7:76:d3:
44:eb:e9:1e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEbWecFi+lap/73WBJyWEBGYAun4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjQxMzAyMTlaFw0yNzAzMjMxMzA3MTlaMDMxMTAvBgNV
BAMTKDNBQUI0QjVDMjM0RjM2Q0IzNTU0MThCNEZDODBBNDQxMkMyREJCOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8lkwrRojiMu0eo6HJl383UfQn
af489TtIn6zSxIwe5PWoSrhWw7IA8wOcNM/L4Zyqw1ueE0tQr2uJ4ENpx9BnlTVS
VijCU+w3ujwtA9z24W/Z0KsTqzZC8vSfAwIFDHGyXYO/y9Rqsrn0nAfSdAmgVGUy
PV/UHOmq6pyG7cWvboSJU9Q2/6De84WSAs55B90ymQsVAneExgTZf1yV8+PLJq3t
slaYYVRWUFajcDuDtw9HlSAE4GpiFguTp3cqhPHAQmlCyf+DLJRgU+Z06UKW5dTB
Al23c7Dojj6jPegEahk8FlF5ta6ajB7YY//iDJpyQkNK0ezCYLb1d1dwZ0oHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOqtLXCNPNss1VBi0/ICkQSwtu4swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzAzMjM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT5AwDQYJKoZIhvcNAQELBQADggEBAEm0rrCz6iHtoMVGCTTh8h582PWwcrZS
0shu4ROOMVDZDzG8OnrMZFLci6f+BwxlOAxeEvfHBqfyopt9DLQzTpbjlW+8G2LO
3Bwm/EhWIF+5HQgUpt/kh7fjBiMcL8Zg5fJ+2tpvFkhS/KrKH7ZTnOXQ441JJfSh
2LKzlx1doYROOW5NdHmlZ2jaAbr30+wgMoQcRydcToj4bRvsK6Pfmzxz9RMoLWbM
MZM4GzTvPQMnfhjWTm3G276EXYA6y5VkWjATcU+4+pNFu7dH76ogdJ0EuoeCTs7B
CR0tOkJHg7GL6ILR7lZ4Xy45eVF3s5tEDESqpyoSluFAErd200Tr6R4=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:12:07 2026 by rpki-client