Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137322e302f32322d3234203d3e203230313135.roa
File: 3134352e37392e3137322e302f32322d3234203d3e203230313135.roa (raw, json)
Hash identifier: RxS8Iy7G7FKFtOkQsysqrXDiyTubnseIZrhnOfVUH4g=
Subject key identifier: B0:24:9B:71:A3:64:C6:8F:5F:05:C7:10:CA:BB:E9:0A:1C:1F:58:95
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 162D51DD322187617B68B8345E7140FCFDD5D53E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137322e302f32322d3234203d3e203230313135.roa
Signing time: Tue 05 May 2026 20:24:03 +0000
ROA not before: Tue 05 May 2026 20:19:03 +0000
ROA not after: Tue 04 May 2027 20:24:03 +0000
asID: 20115
IP address blocks: 145.79.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:2d:51:dd:32:21:87:61:7b:68:b8:34:5e:71:40:fc:fd:d5:d5:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 5 20:19:03 2026 GMT
Not After : May 4 20:24:03 2027 GMT
Subject: CN=B0249B71A364C68F5F05C710CABBE90A1C1F5895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ad:52:a4:e8:18:df:54:ed:c6:60:6d:e3:8a:
41:58:4c:f4:5a:32:f0:7d:70:2a:a3:fc:a9:85:63:
d2:be:43:0b:e1:99:4f:13:13:46:a2:1d:ab:1b:d8:
7d:99:f9:8e:86:33:48:fb:dc:32:fe:e5:e5:b0:55:
1c:84:c9:dc:a1:0a:1b:ae:65:66:c6:27:c8:c2:50:
b8:b5:00:c1:e0:f0:85:75:a6:c7:d4:55:38:7d:60:
1f:3f:fa:b1:93:47:99:35:4a:f7:70:cf:ea:d7:d0:
f7:10:0d:e9:c8:01:23:e2:8d:6c:51:21:c0:d3:b9:
78:66:21:b3:74:5a:fb:d9:85:2c:66:9c:f6:1c:a9:
cb:e9:a8:ad:c6:0b:4f:c8:f5:bb:b6:98:d8:69:c9:
d5:bf:18:09:e6:1b:25:45:b5:8f:28:fb:fd:e5:ca:
4d:32:83:d0:89:7e:aa:e2:d0:e4:a6:2b:ac:94:bb:
2a:87:c2:6e:4a:86:09:82:3c:b1:b5:a6:37:29:08:
4f:57:bd:4f:30:c7:e1:43:73:f6:81:21:dc:74:14:
79:9b:a5:8e:c8:7b:21:9b:40:0d:61:7c:08:b2:b1:
fd:d0:88:f7:ac:41:f6:95:0b:ff:d0:b4:b5:30:80:
0b:84:94:90:7d:03:7c:8b:f2:be:2f:ac:88:43:78:
94:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:24:9B:71:A3:64:C6:8F:5F:05:C7:10:CA:BB:E9:0A:1C:1F:58:95
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137322e302f32322d3234203d3e203230313135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.172.0/22
Signature Algorithm: sha256WithRSAEncryption
64:16:24:42:eb:00:4a:5a:ae:e2:87:79:61:0a:05:95:fe:f6:
4e:13:18:14:95:f8:32:13:bb:79:3c:53:54:88:84:20:06:33:
af:ea:8f:bf:ad:67:59:61:62:cb:a5:42:e1:5d:30:65:92:7a:
ea:3f:76:6c:c2:cc:90:6f:63:5b:1a:06:47:4b:ed:e3:a1:90:
52:53:b6:51:82:67:c9:47:df:56:50:61:fa:63:ee:b8:00:77:
28:42:ec:c1:0e:96:53:f0:84:18:de:c0:cd:37:35:c4:75:fe:
94:a2:a0:aa:82:55:fc:db:e7:cf:78:da:da:a8:06:17:42:81:
72:84:89:11:33:f9:0b:1c:1c:33:d6:c4:89:2b:25:18:c5:d2:
ec:44:31:2c:18:32:17:fd:6e:5f:cf:f5:04:51:89:c4:67:b1:
a0:5f:91:84:19:fb:96:2e:6b:4d:ad:71:80:62:4e:15:ed:da:
92:52:43:85:ac:60:7e:be:22:01:b3:01:e3:94:e6:69:26:98:
2c:e7:a5:ef:c1:c5:b4:1d:8c:27:58:1e:97:39:e0:60:78:25:
e4:ce:c4:b9:67:61:a0:a4:9b:03:48:86:fc:52:b7:3a:01:03:
2c:13:4b:81:fd:7c:19:6c:c7:b9:df:50:1b:c6:69:1d:8a:7c:
e7:93:f0:ac
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFi1R3TIhh2F7aLg0XnFA/P3V1T4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MDUyMDE5MDNaFw0yNzA1MDQyMDI0MDNaMDMxMTAvBgNV
BAMTKEIwMjQ5QjcxQTM2NEM2OEY1RjA1QzcxMENBQkJFOTBBMUMxRjU4OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMrVKk6BjfVO3GYG3jikFYTPRa
MvB9cCqj/KmFY9K+QwvhmU8TE0aiHasb2H2Z+Y6GM0j73DL+5eWwVRyEydyhChuu
ZWbGJ8jCULi1AMHg8IV1psfUVTh9YB8/+rGTR5k1Svdwz+rX0PcQDenIASPijWxR
IcDTuXhmIbN0WvvZhSxmnPYcqcvpqK3GC0/I9bu2mNhpydW/GAnmGyVFtY8o+/3l
yk0yg9CJfqri0OSmK6yUuyqHwm5KhgmCPLG1pjcpCE9XvU8wx+FDc/aBIdx0FHmb
pY7IeyGbQA1hfAiysf3QiPesQfaVC//QtLUwgAuElJB9A3yL8r4vrIhDeJSjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsCSbcaNkxo9fBccQyrvpChwfWJUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM3
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzEzMTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
kU+sMA0GCSqGSIb3DQEBCwUAA4IBAQBkFiRC6wBKWq7ih3lhCgWV/vZOExgUlfgy
E7t5PFNUiIQgBjOv6o+/rWdZYWLLpULhXTBlknrqP3ZswsyQb2NbGgZHS+3joZBS
U7ZRgmfJR99WUGH6Y+64AHcoQuzBDpZT8IQY3sDNNzXEdf6UoqCqglX82+fPeNra
qAYXQoFyhIkRM/kLHBwz1sSJKyUYxdLsRDEsGDIX/W5fz/UEUYnEZ7GgX5GEGfuW
LmtNrXGAYk4V7dqSUkOFrGB+viIBswHjlOZpJpgs56XvwcW0HYwnWB6XOeBgeCXk
zsS5Z2GgpJsDSIb8Urc6AQMsE0uB/XwZbMe531Abxmkdinznk/Cs
-----END CERTIFICATE-----
Generated at Wed May 13 05:08:43 2026 by rpki-client