Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136362e302f32342d3234203d3e20333935373933.roa
File: 3134352e37392e3136362e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: mRfaRxPFayVq9Nlv/eO4rzM51izUzowKHVso5soJ7dQ=
Subject key identifier: 59:1F:97:6E:6D:78:24:9B:A5:9A:07:91:03:78:E9:79:85:C0:2E:BA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 12365224825EA881F2F8E5A9BE34D49FBBA2EE55
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136362e302f32342d3234203d3e20333935373933.roa
Signing time: Thu 30 Apr 2026 19:23:59 +0000
ROA not before: Thu 30 Apr 2026 19:18:59 +0000
ROA not after: Thu 29 Apr 2027 19:23:59 +0000
asID: 395793
IP address blocks: 145.79.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:36:52:24:82:5e:a8:81:f2:f8:e5:a9:be:34:d4:9f:bb:a2:ee:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 19:18:59 2026 GMT
Not After : Apr 29 19:23:59 2027 GMT
Subject: CN=591F976E6D78249BA59A07910378E97985C02EBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:96:b8:eb:f1:f6:c9:ad:69:f0:db:36:7a:2d:
f6:d2:fa:70:c9:65:41:5f:a4:94:b9:1b:ab:07:c8:
ca:d1:23:d1:7b:e4:2c:b5:8f:44:63:3e:88:c0:f0:
f6:ca:21:ca:8f:a2:05:fb:89:64:a3:61:11:c3:c7:
18:ce:cd:d7:87:aa:48:7e:df:94:b7:14:ac:ce:c9:
e4:08:5a:68:0d:fe:75:8b:bc:eb:79:de:8e:52:76:
0c:ad:3c:fa:bc:28:61:1d:0e:e8:5d:ab:38:9e:d3:
70:bd:07:29:c4:4c:01:38:b0:4a:09:da:db:f9:9e:
d4:e2:fd:40:a0:57:b9:a5:56:6a:1f:3b:69:02:8c:
21:56:b4:ac:cc:c7:1b:b2:64:18:5c:d5:70:18:a8:
e7:39:4e:9d:fb:68:01:4e:80:b8:9e:f5:13:a4:a1:
d5:6b:98:ad:2b:9d:20:5c:a7:5b:31:de:85:74:00:
f5:34:da:9c:6c:a0:e0:c1:73:06:20:f3:29:0b:70:
10:b5:17:51:9d:64:10:09:2c:ae:98:d2:91:1c:1a:
cd:a5:96:ae:ba:db:27:aa:0d:81:da:0c:f8:23:dc:
54:4e:69:53:40:77:6e:11:b5:3c:75:66:fa:54:51:
46:0e:cb:86:2b:0f:02:91:0f:53:de:e6:09:4a:4c:
19:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:1F:97:6E:6D:78:24:9B:A5:9A:07:91:03:78:E9:79:85:C0:2E:BA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136362e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.166.0/24
Signature Algorithm: sha256WithRSAEncryption
40:54:99:6c:4e:a9:1d:82:f8:24:38:e8:5f:63:27:18:34:a7:
02:57:30:bc:8a:a2:03:b1:de:08:c6:eb:b8:b1:ce:9e:f7:e9:
aa:c2:e1:a4:f4:f4:be:6b:94:db:d6:66:36:9c:a2:6b:11:20:
73:7f:88:0e:60:a2:03:a8:a0:d6:cc:60:a7:40:eb:31:8f:b5:
0f:6d:a8:3d:c6:62:b2:60:41:b1:1c:b9:55:40:f1:5a:d9:6f:
d8:2a:2e:04:3a:35:d8:99:ee:54:d1:6c:40:ef:2e:e6:fb:7d:
c0:e6:b4:54:39:ec:b4:d3:4e:09:4f:ad:28:84:ec:da:89:c1:
25:aa:df:15:dc:1c:16:32:4a:23:ae:2e:91:18:5c:27:94:b7:
9e:a4:09:1d:ef:f0:25:00:20:12:de:86:2a:a2:6e:21:ab:52:
f9:85:0d:14:9e:c5:61:dc:9f:b5:8e:6e:a8:38:a3:4f:a7:ba:
da:28:b9:8d:17:fa:94:13:f8:f3:50:c0:57:10:5e:3a:60:24:
d8:23:80:46:b9:44:0e:6d:15:20:c0:55:a8:95:27:1a:1f:08:
cc:2b:b4:f8:b1:6c:8b:49:37:d4:23:fc:ec:5d:ff:f5:82:40:
08:80:12:47:ae:35:f9:98:55:66:00:69:a4:c5:4e:62:c9:2d:
fa:ad:d1:ae
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEjZSJIJeqIHy+OWpvjTUn7ui7lUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxOTE4NTlaFw0yNzA0MjkxOTIzNTlaMDMxMTAvBgNV
BAMTKDU5MUY5NzZFNkQ3ODI0OUJBNTlBMDc5MTAzNzhFOTc5ODVDMDJFQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdlrjr8fbJrWnw2zZ6LfbS+nDJ
ZUFfpJS5G6sHyMrRI9F75Cy1j0RjPojA8PbKIcqPogX7iWSjYRHDxxjOzdeHqkh+
35S3FKzOyeQIWmgN/nWLvOt53o5SdgytPPq8KGEdDuhdqzie03C9BynETAE4sEoJ
2tv5ntTi/UCgV7mlVmofO2kCjCFWtKzMxxuyZBhc1XAYqOc5Tp37aAFOgLie9ROk
odVrmK0rnSBcp1sx3oV0APU02pxsoODBcwYg8ykLcBC1F1GdZBAJLK6Y0pEcGs2l
lq662yeqDYHaDPgj3FROaVNAd24RtTx1ZvpUUUYOy4YrDwKRD1Pe5glKTBkDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWR+Xbm14JJulmgeRA3jpeYXALrowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT6YwDQYJKoZIhvcNAQELBQADggEBAEBUmWxOqR2C+CQ46F9jJxg0pwJXMLyK
ogOx3gjG67ixzp736arC4aT09L5rlNvWZjacomsRIHN/iA5gogOooNbMYKdA6zGP
tQ9tqD3GYrJgQbEcuVVA8VrZb9gqLgQ6NdiZ7lTRbEDvLub7fcDmtFQ57LTTTglP
rSiE7NqJwSWq3xXcHBYySiOuLpEYXCeUt56kCR3v8CUAIBLehiqibiGrUvmFDRSe
xWHcn7WObqg4o0+nutoouY0X+pQT+PNQwFcQXjpgJNgjgEa5RA5tFSDAVaiVJxof
CMwrtPixbItJN9Qj/Oxd//WCQAiAEkeuNfmYVWYAaaTFTmLJLfqt0a4=
-----END CERTIFICATE-----
Generated at Wed May 13 04:39:05 2026 by rpki-client