Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134352e302f32342d3234203d3e20343032323033.roa
File: 3134352e37392e3134352e302f32342d3234203d3e20343032323033.roa (raw, json)
Hash identifier: 13KcMA/sF1NHA9Yoe8T+EOxj3nDA+0HMcAT8Cq72YpY=
Subject key identifier: D9:DF:1E:49:26:AB:72:2B:94:5C:5F:F7:DE:96:A8:41:DF:7C:73:EE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6B395E6D00BC0B23FDC2A1712BC1AD50EE95C06B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134352e302f32342d3234203d3e20343032323033.roa
Signing time: Wed 25 Mar 2026 11:55:33 +0000
ROA not before: Wed 25 Mar 2026 11:50:33 +0000
ROA not after: Wed 24 Mar 2027 11:55:33 +0000
asID: 402203
IP address blocks: 145.79.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:39:5e:6d:00:bc:0b:23:fd:c2:a1:71:2b:c1:ad:50:ee:95:c0:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 11:50:33 2026 GMT
Not After : Mar 24 11:55:33 2027 GMT
Subject: CN=D9DF1E4926AB722B945C5FF7DE96A841DF7C73EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:16:c5:3a:57:86:52:d2:8b:02:ee:32:52:ad:
fe:35:ab:75:78:87:8e:b5:21:4a:ef:ae:d6:80:6e:
f0:66:74:1a:72:63:bb:1b:85:5f:bc:e8:06:8f:29:
06:4d:1b:c2:b8:f8:56:42:4d:50:1f:f1:a2:9f:e6:
c1:99:2b:89:7a:cf:17:90:a6:ab:5c:ee:43:13:20:
dd:05:74:22:97:fa:73:03:af:ca:e2:aa:6d:78:3a:
a6:6f:9a:15:47:ec:a8:80:43:f7:36:93:f6:ef:23:
9a:2d:76:56:2d:bf:82:9d:ed:26:05:74:db:53:83:
8f:27:05:69:45:b6:d8:78:d0:c5:24:22:5d:66:cc:
05:71:82:eb:58:52:20:d3:c0:28:f7:0b:0c:e0:38:
a8:30:52:ca:bb:7d:7a:62:31:cc:b1:f1:4b:52:4d:
d8:99:d1:89:76:7a:29:55:47:bf:fe:d1:50:0a:30:
3b:81:f9:23:2b:cc:3d:ee:85:a1:79:c0:71:2d:6a:
80:de:2e:b8:84:0d:b2:12:57:97:fd:0a:e5:67:27:
d8:fd:60:6f:05:c3:bf:3e:42:61:36:c7:9e:38:9d:
7b:f0:c3:74:b2:9e:4f:46:7b:17:48:f2:fe:45:2d:
bd:5e:3e:ba:e6:ac:a4:7d:33:e4:29:df:bc:0a:59:
10:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DF:1E:49:26:AB:72:2B:94:5C:5F:F7:DE:96:A8:41:DF:7C:73:EE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3134352e302f32342d3234203d3e20343032323033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.145.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:e3:55:53:ea:6e:f2:16:64:19:20:3a:64:c1:69:07:10:e5:
7b:74:7d:3b:49:d6:f7:1b:35:03:7a:ff:10:8b:cd:33:4a:67:
81:55:bc:65:34:8c:34:50:b1:a5:f1:51:f4:16:de:8c:6b:68:
92:b0:b9:52:84:da:7f:f2:33:2c:0b:a4:f0:71:8b:af:bd:c7:
36:c5:48:fb:42:48:2b:21:98:5d:3f:05:ab:a8:8a:db:32:88:
c3:ce:6a:0d:d3:c2:d4:92:19:3e:27:d4:0e:25:94:57:1b:1d:
2f:4e:7c:b9:4c:5c:a2:0b:00:fb:c7:1b:be:96:da:ea:d5:d0:
c9:ab:f8:42:32:58:fc:2e:3c:3e:30:ab:5f:b8:82:e1:f9:2d:
a5:5e:73:03:5a:37:2e:b2:24:24:cd:e2:08:c3:da:e0:20:a7:
61:c4:5a:03:9e:43:34:4a:c2:4d:6f:a2:e8:14:73:b1:7b:41:
fd:69:75:e5:f0:de:88:21:62:f7:78:af:63:3b:0b:f4:9a:2a:
c6:0e:c0:05:20:ef:75:20:07:40:9f:7f:63:99:1a:eb:89:ff:
78:85:4e:43:5a:84:db:5e:e8:5e:90:e5:bf:df:ec:8f:69:3e:
b1:1c:ce:a7:85:b9:58:a0:19:37:3d:0f:d1:38:ee:d2:46:5d:
8b:33:df:69
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUazlebQC8CyP9wqFxK8GtUO6VwGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUxMTUwMzNaFw0yNzAzMjQxMTU1MzNaMDMxMTAvBgNV
BAMTKEQ5REYxRTQ5MjZBQjcyMkI5NDVDNUZGN0RFOTZBODQxREY3QzczRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwFsU6V4ZS0osC7jJSrf41q3V4
h461IUrvrtaAbvBmdBpyY7sbhV+86AaPKQZNG8K4+FZCTVAf8aKf5sGZK4l6zxeQ
pqtc7kMTIN0FdCKX+nMDr8riqm14OqZvmhVH7KiAQ/c2k/bvI5otdlYtv4Kd7SYF
dNtTg48nBWlFtth40MUkIl1mzAVxgutYUiDTwCj3CwzgOKgwUsq7fXpiMcyx8UtS
TdiZ0Yl2eilVR7/+0VAKMDuB+SMrzD3uhaF5wHEtaoDeLriEDbISV5f9CuVnJ9j9
YG8Fw78+QmE2x544nXvww3Synk9GexdI8v5FLb1ePrrmrKR9M+Qp37wKWRCZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2d8eSSarciuUXF/33paoQd98c+4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM0
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzIzMjMwMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT5EwDQYJKoZIhvcNAQELBQADggEBAI7jVVPqbvIWZBkgOmTBaQcQ5Xt0fTtJ
1vcbNQN6/xCLzTNKZ4FVvGU0jDRQsaXxUfQW3oxraJKwuVKE2n/yMywLpPBxi6+9
xzbFSPtCSCshmF0/BauoitsyiMPOag3TwtSSGT4n1A4llFcbHS9OfLlMXKILAPvH
G76W2urV0Mmr+EIyWPwuPD4wq1+4guH5LaVecwNaNy6yJCTN4gjD2uAgp2HEWgOe
QzRKwk1vougUc7F7Qf1pdeXw3oghYvd4r2M7C/SaKsYOwAUg73UgB0Cff2OZGuuJ
/3iFTkNahNte6F6Q5b/f7I9pPrEczqeFuVigGTc9D9E47tJGXYsz32k=
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:13:07 2026 by rpki-client