Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135362e302f32322d3234203d3e203133333437.roa
File: 3134352e37392e3135362e302f32322d3234203d3e203133333437.roa (raw, json)
Hash identifier: ZzUboWwRM4xfqNk5W98GtOrrZmqLoW3ZM0oW+ueqPcA=
Subject key identifier: 61:1F:77:EB:34:F1:0F:62:02:59:72:55:14:4B:5F:79:51:C2:C3:3A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7B59471566BE5CDCD78FEFEF8AA9D661CA9430BD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135362e302f32322d3234203d3e203133333437.roa
Signing time: Wed 29 Apr 2026 11:23:57 +0000
ROA not before: Wed 29 Apr 2026 11:18:57 +0000
ROA not after: Wed 28 Apr 2027 11:23:57 +0000
asID: 13347
IP address blocks: 145.79.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:59:47:15:66:be:5c:dc:d7:8f:ef:ef:8a:a9:d6:61:ca:94:30:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 29 11:18:57 2026 GMT
Not After : Apr 28 11:23:57 2027 GMT
Subject: CN=611F77EB34F10F6202597255144B5F7951C2C33A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ef:cc:03:fe:98:f5:03:c1:21:55:48:21:b8:
9e:1f:eb:d4:67:05:7a:db:fd:cf:0d:fe:62:8e:58:
58:55:3e:ba:9c:da:15:c5:65:b6:e4:69:ea:30:6d:
1c:b1:e8:c5:0a:0d:9d:0f:c4:d3:3c:c1:b6:21:08:
56:69:69:59:eb:54:94:4a:80:d8:94:9a:fb:0f:1f:
52:bc:35:f6:6a:6f:0f:14:54:95:6e:f3:55:06:2a:
3d:8f:45:4b:a5:e3:79:d6:9b:5f:6e:6a:95:b3:b0:
97:4a:a5:8e:10:79:ef:c0:35:c3:57:1e:08:8c:f3:
8f:c5:89:32:c5:9d:18:80:67:92:68:9c:5d:d6:e0:
42:40:62:32:e5:03:d5:88:9e:98:8b:a8:32:7a:f9:
48:8b:4b:51:e5:19:71:61:cd:92:dc:6a:e9:ae:c8:
79:7d:96:3b:83:1f:b0:57:01:d2:96:5e:fb:c1:35:
b4:7b:82:bb:a2:65:ac:9d:09:b9:76:9f:47:24:1c:
1e:49:ab:ea:86:78:41:5f:a6:dd:e9:e9:4e:71:f0:
b8:33:e5:17:09:3e:fc:5a:1f:a2:d3:fd:f8:d3:c7:
d2:e3:14:09:52:2d:17:2f:1e:c7:4e:d9:75:0e:40:
aa:ad:6c:17:cd:98:20:93:90:da:71:88:b6:b3:71:
2b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:1F:77:EB:34:F1:0F:62:02:59:72:55:14:4B:5F:79:51:C2:C3:3A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3135362e302f32322d3234203d3e203133333437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.156.0/22
Signature Algorithm: sha256WithRSAEncryption
35:64:19:f9:e2:bd:06:cc:21:0e:1d:0c:9c:8d:88:7c:d6:dd:
a1:4c:fe:a9:50:e0:0b:3d:81:3e:2c:68:55:a0:b1:2f:92:be:
29:22:21:49:01:03:04:f7:0f:06:d1:c1:3b:5f:9b:22:12:9b:
ae:5d:a8:68:e0:9c:6e:07:c4:71:e6:45:16:ad:01:14:5b:96:
d2:0d:9d:aa:79:94:9e:37:46:8f:01:58:d6:41:2d:54:72:96:
65:51:e8:34:51:ff:f9:4f:d3:4e:69:74:28:b9:33:bd:59:b6:
66:3e:21:6a:64:28:48:ff:09:0d:74:71:ec:1e:ed:ef:42:6e:
36:92:d9:06:59:b1:5b:a8:70:ef:c0:bc:f5:da:33:af:06:6a:
6c:1c:f6:5d:0c:34:c7:e0:29:6a:a9:c9:00:46:4c:b5:25:d2:
11:06:47:9d:d0:a0:dd:41:9d:b0:b9:6e:5a:81:13:37:97:4e:
07:7f:7b:d7:a3:f0:8a:6f:e4:67:de:7d:a9:28:62:ba:87:7f:
dd:df:1b:e8:89:f0:38:a7:f5:94:4d:bd:4d:c0:d1:b4:ee:85:
a7:af:f9:5c:e0:9f:6e:30:21:12:bd:a6:e0:e2:ec:15:11:4f:
e9:4f:e3:0c:7f:c7:e3:ec:25:e6:e0:43:f4:59:db:c1:97:f4:
39:aa:08:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUe1lHFWa+XNzXj+/viqnWYcqUML0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjkxMTE4NTdaFw0yNzA0MjgxMTIzNTdaMDMxMTAvBgNV
BAMTKDYxMUY3N0VCMzRGMTBGNjIwMjU5NzI1NTE0NEI1Rjc5NTFDMkMzM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY78wD/pj1A8EhVUghuJ4f69Rn
BXrb/c8N/mKOWFhVPrqc2hXFZbbkaeowbRyx6MUKDZ0PxNM8wbYhCFZpaVnrVJRK
gNiUmvsPH1K8NfZqbw8UVJVu81UGKj2PRUul43nWm19uapWzsJdKpY4Qee/ANcNX
HgiM84/FiTLFnRiAZ5JonF3W4EJAYjLlA9WInpiLqDJ6+UiLS1HlGXFhzZLcaumu
yHl9ljuDH7BXAdKWXvvBNbR7gruiZaydCbl2n0ckHB5Jq+qGeEFfpt3p6U5x8Lgz
5RcJPvxaH6LT/fjTx9LjFAlSLRcvHsdO2XUOQKqtbBfNmCCTkNpxiLazcSuZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUYR936zTxD2ICWXJVFEtfeVHCwzowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM1
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMTMzMzMzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
kU+cMA0GCSqGSIb3DQEBCwUAA4IBAQA1ZBn54r0GzCEOHQycjYh81t2hTP6pUOAL
PYE+LGhVoLEvkr4pIiFJAQME9w8G0cE7X5siEpuuXaho4JxuB8Rx5kUWrQEUW5bS
DZ2qeZSeN0aPAVjWQS1UcpZlUeg0Uf/5T9NOaXQouTO9WbZmPiFqZChI/wkNdHHs
Hu3vQm42ktkGWbFbqHDvwLz12jOvBmpsHPZdDDTH4ClqqckARky1JdIRBked0KDd
QZ2wuW5agRM3l04Hf3vXo/CKb+Rn3n2pKGK6h3/d3xvoifA4p/WUTb1NwNG07oWn
r/lc4J9uMCESvabg4uwVEU/pT+MMf8fj7CXm4EP0WdvBl/Q5qghO
-----END CERTIFICATE-----
Generated at Wed May 13 06:28:23 2026 by rpki-client