Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134342e302f32342d3234203d3e20383334.roa
File: 3134352e37392e3134342e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: BbaGZbgt6AW4chMPs4VFKJRE/LwTgX+IHQ1GbMk1JLA=
Subject key identifier: E1:20:CE:F8:2B:FC:D2:E5:24:DE:2C:5B:3C:77:62:9A:85:78:2E:7F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1A394C2B66C7386EABBC4D91CF39F472B457D046
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134342e302f32342d3234203d3e20383334.roa
Signing time: Fri 24 Apr 2026 10:18:07 +0000
ROA not before: Fri 24 Apr 2026 10:13:07 +0000
ROA not after: Fri 23 Apr 2027 10:18:07 +0000
asID: 834
IP address blocks: 145.79.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:39:4c:2b:66:c7:38:6e:ab:bc:4d:91:cf:39:f4:72:b4:57:d0:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 24 10:13:07 2026 GMT
Not After : Apr 23 10:18:07 2027 GMT
Subject: CN=E120CEF82BFCD2E524DE2C5B3C77629A85782E7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:12:c5:5a:57:e7:db:f3:1f:45:f2:72:da:32:
c2:c9:a4:8a:e5:50:57:be:7a:7b:e8:04:75:82:dc:
ff:fb:6e:3f:72:35:f9:21:74:f8:82:f5:a3:4e:01:
60:26:02:68:08:76:a6:99:b3:b4:b8:60:5d:e6:40:
d5:cc:9b:84:7f:f0:57:4d:e9:f1:8c:9b:97:44:1e:
e6:36:b7:fc:bb:e1:ef:79:5e:d9:42:0b:c4:b3:c2:
77:61:58:76:c3:68:2a:98:a1:f0:37:72:3e:51:95:
ab:21:8d:ba:c2:89:d0:dc:03:b3:af:7a:6c:13:6c:
f4:d8:08:eb:a8:35:eb:73:59:a6:57:6a:93:fe:71:
2b:93:5b:04:6a:67:d3:a1:54:1d:9f:e6:34:cd:a4:
11:d9:80:ea:55:a6:3e:2d:e2:13:3a:8f:cc:a6:da:
d5:81:3c:6b:23:dc:08:96:af:67:bb:2d:28:96:24:
8b:5f:0a:09:ec:7d:48:06:90:47:fd:06:7f:90:85:
1c:e1:26:06:e2:a1:d0:e9:f1:86:0e:43:0b:87:ec:
d5:c7:ab:7d:b6:bd:6a:14:44:1e:8e:09:05:ba:30:
50:ab:cf:a0:b0:a7:01:30:90:d8:56:0e:8b:68:a7:
06:0a:a4:fd:b4:4b:fb:5a:e8:a8:80:56:d1:4a:39:
8e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:20:CE:F8:2B:FC:D2:E5:24:DE:2C:5B:3C:77:62:9A:85:78:2E:7F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134342e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.144.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:cf:9c:73:fe:15:13:58:9d:50:9b:d9:61:f6:38:38:9a:32:
0d:40:8f:03:16:cd:db:f3:12:de:da:03:00:b0:c3:0e:66:42:
79:56:86:3c:2d:bb:33:ed:34:25:e5:5d:57:2c:e4:a4:83:96:
c8:72:7b:0e:fc:5a:a3:d0:ef:7f:70:de:c4:60:f1:6b:12:11:
f3:84:d3:c1:1f:2e:98:b2:d3:2f:6d:71:53:1d:bc:b6:14:1c:
25:32:0b:a8:8c:ad:be:4d:ab:b1:b8:22:32:0a:d5:01:34:be:
46:fe:3a:d7:96:f9:0a:11:09:17:aa:20:0d:b3:0d:b9:60:ba:
79:05:33:9b:4e:23:b6:5a:bd:cc:80:c7:0a:16:f5:c3:7a:6f:
2e:d7:11:fa:1b:e2:31:52:1c:74:96:4e:f8:62:22:b5:64:a3:
93:89:d9:e1:5f:1c:44:48:b7:63:42:1f:c7:e1:47:11:1e:04:
d7:3d:cf:9a:6e:d9:d2:7a:ef:50:f9:c8:bd:85:ed:82:e0:73:
40:9c:d4:94:76:0f:ef:53:0c:85:de:87:8e:86:6b:b7:58:0d:
c5:73:24:48:bb:70:48:d0:03:50:7f:b5:77:98:46:45:6f:a0:
ac:7c:04:d1:76:14:86:2e:2a:ca:e0:6f:8e:14:5a:34:aa:fe:
b0:e2:4f:da
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUGjlMK2bHOG6rvE2Rzzn0crRX0EYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjQxMDEzMDdaFw0yNzA0MjMxMDE4MDdaMDMxMTAvBgNV
BAMTKEUxMjBDRUY4MkJGQ0QyRTUyNERFMkM1QjNDNzc2MjlBODU3ODJFN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClEsVaV+fb8x9F8nLaMsLJpIrl
UFe+envoBHWC3P/7bj9yNfkhdPiC9aNOAWAmAmgIdqaZs7S4YF3mQNXMm4R/8FdN
6fGMm5dEHuY2t/y74e95XtlCC8SzwndhWHbDaCqYofA3cj5RlashjbrCidDcA7Ov
emwTbPTYCOuoNetzWaZXapP+cSuTWwRqZ9OhVB2f5jTNpBHZgOpVpj4t4hM6j8ym
2tWBPGsj3AiWr2e7LSiWJItfCgnsfUgGkEf9Bn+QhRzhJgbiodDp8YYOQwuH7NXH
q322vWoURB6OCQW6MFCrz6CwpwEwkNhWDotopwYKpP20S/ta6KiAVtFKOY5XAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU4SDO+Cv80uUk3ixbPHdimoV4Ln8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACRT5Aw
DQYJKoZIhvcNAQELBQADggEBAD3PnHP+FRNYnVCb2WH2ODiaMg1AjwMWzdvzEt7a
AwCwww5mQnlWhjwtuzPtNCXlXVcs5KSDlshyew78WqPQ739w3sRg8WsSEfOE08Ef
Lpiy0y9tcVMdvLYUHCUyC6iMrb5Nq7G4IjIK1QE0vkb+OteW+QoRCReqIA2zDblg
unkFM5tOI7ZavcyAxwoW9cN6by7XEfob4jFSHHSWTvhiIrVko5OJ2eFfHERIt2NC
H8fhRxEeBNc9z5pu2dJ671D5yL2F7YLgc0Cc1JR2D+9TDIXeh46Ga7dYDcVzJEi7
cEjQA1B/tXeYRkVvoKx8BNF2FIYuKsrgb44UWjSq/rDiT9o=
-----END CERTIFICATE-----
Generated at Wed May 13 02:37:33 2026 by rpki-client