Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137322e302f32322d3234203d3e20333939393535.roa
File: 3134352e37392e3137322e302f32322d3234203d3e20333939393535.roa (raw, json)
Hash identifier: ejia6dxEhryUqmdIl1rSd5yA1ZX4RGz1R7SUypd5DTc=
Subject key identifier: E9:CE:D0:DE:10:B4:12:3C:6C:75:A5:05:26:E4:59:B0:07:C2:34:F3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A7611A30D985A821F6D3D48BD32F91073DBB823
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137322e302f32322d3234203d3e20333939393535.roa
Signing time: Thu 30 Apr 2026 13:46:21 +0000
ROA not before: Thu 30 Apr 2026 13:41:21 +0000
ROA not after: Thu 29 Apr 2027 13:46:21 +0000
asID: 399955
IP address blocks: 145.79.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:76:11:a3:0d:98:5a:82:1f:6d:3d:48:bd:32:f9:10:73:db:b8:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 13:41:21 2026 GMT
Not After : Apr 29 13:46:21 2027 GMT
Subject: CN=E9CED0DE10B4123C6C75A50526E459B007C234F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e3:c7:14:75:c6:93:86:8d:ed:d1:70:49:db:
7e:34:89:9c:a0:21:4f:b9:aa:df:68:e6:bc:d7:86:
b2:65:0f:24:5c:b7:ed:fe:db:a5:fa:d3:f1:32:fc:
b2:3e:dc:71:19:e3:da:a6:61:40:3a:fe:e0:d0:dd:
5a:f2:93:a8:a2:d5:63:f3:fb:66:70:44:17:1c:1b:
1e:77:77:65:42:e2:ca:e4:cd:72:01:0c:ac:2b:2c:
8c:b0:c1:67:a1:fa:07:df:4a:48:88:56:60:c2:60:
11:38:3f:54:a5:3c:a2:50:69:97:84:d0:c9:ec:29:
7c:6c:5c:c3:b8:7d:14:65:40:b4:7a:a1:fe:e8:cb:
21:e2:97:26:e1:0e:13:f5:35:59:00:b4:f3:2a:43:
92:4e:bb:5b:f9:74:9f:6d:4b:56:a5:9a:47:2d:42:
0c:71:43:2a:8f:94:73:73:52:d1:83:c9:bb:c0:0a:
98:8b:66:46:c6:46:7b:ae:b6:08:39:83:97:59:88:
25:19:60:b1:db:2a:f0:51:eb:5b:37:67:f3:9e:e0:
44:11:e7:6d:03:97:02:94:31:6f:b8:bb:97:05:03:
36:cd:65:f9:60:b8:ea:9f:c7:ba:84:b2:d3:85:d6:
52:ac:4f:b8:3c:18:7b:14:b2:05:69:63:27:31:70:
26:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:CE:D0:DE:10:B4:12:3C:6C:75:A5:05:26:E4:59:B0:07:C2:34:F3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3137322e302f32322d3234203d3e20333939393535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.172.0/22
Signature Algorithm: sha256WithRSAEncryption
13:ed:30:bb:07:f7:55:1e:08:33:52:8f:76:b6:74:ee:b5:61:
82:26:ea:61:1e:00:db:c2:a0:f1:2d:b5:fd:db:f3:9f:8a:7f:
65:2b:ef:ae:e2:a4:e1:d7:82:03:26:ca:0e:ff:74:c4:89:13:
7d:0c:68:43:af:e5:9c:68:31:f5:93:af:40:8f:73:1e:0f:de:
28:93:57:8e:79:6e:63:b2:a7:28:63:e7:d1:76:bb:d2:bc:42:
59:a9:b3:e2:b5:a1:d4:de:4b:f0:5e:8d:7a:ce:40:18:07:cf:
6e:87:95:35:19:e5:60:0f:9a:51:2e:49:fa:17:18:45:08:ef:
e7:40:59:36:03:e4:e4:57:93:be:14:58:d7:52:b8:ff:aa:3f:
d2:7f:d5:b8:ca:c8:54:78:52:d6:38:c0:54:45:5c:f2:68:f8:
12:bc:e0:73:ae:3c:09:e1:d9:c3:0f:e2:dd:8e:f4:f7:32:fa:
dc:5d:95:97:9f:5a:04:bc:f4:2a:ee:4f:aa:ce:7f:78:84:90:
72:6c:3c:7f:4a:6e:f6:f6:0d:88:0b:4c:6d:82:f4:81:57:69:
b5:88:6c:13:0a:69:69:0b:6e:59:8a:ce:82:5c:9d:7a:6a:72:
c9:7b:4b:da:cb:58:c4:b0:7e:ea:b8:9d:7a:41:b3:ff:71:65:
ea:4d:7d:32
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCnYRow2YWoIfbT1IvTL5EHPbuCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxMzQxMjFaFw0yNzA0MjkxMzQ2MjFaMDMxMTAvBgNV
BAMTKEU5Q0VEMERFMTBCNDEyM0M2Qzc1QTUwNTI2RTQ1OUIwMDdDMjM0RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe48cUdcaTho3t0XBJ2340iZyg
IU+5qt9o5rzXhrJlDyRct+3+26X60/Ey/LI+3HEZ49qmYUA6/uDQ3Vryk6ii1WPz
+2ZwRBccGx53d2VC4srkzXIBDKwrLIywwWeh+gffSkiIVmDCYBE4P1SlPKJQaZeE
0MnsKXxsXMO4fRRlQLR6of7oyyHilybhDhP1NVkAtPMqQ5JOu1v5dJ9tS1almkct
QgxxQyqPlHNzUtGDybvACpiLZkbGRnuutgg5g5dZiCUZYLHbKvBR61s3Z/Oe4EQR
520DlwKUMW+4u5cFAzbNZflguOqfx7qEstOF1lKsT7g8GHsUsgVpYycxcCa7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU6c7Q3hC0EjxsdaUFJuRZsAfCNPMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM3
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMzM5MzkzOTM1MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAKRT6wwDQYJKoZIhvcNAQELBQADggEBABPtMLsH91UeCDNSj3a2dO61YYIm6mEe
ANvCoPEttf3b85+Kf2Ur767ipOHXggMmyg7/dMSJE30MaEOv5ZxoMfWTr0CPcx4P
3iiTV455bmOypyhj59F2u9K8Qlmps+K1odTeS/BejXrOQBgHz26HlTUZ5WAPmlEu
SfoXGEUI7+dAWTYD5ORXk74UWNdSuP+qP9J/1bjKyFR4UtY4wFRFXPJo+BK84HOu
PAnh2cMP4t2O9Pcy+txdlZefWgS89CruT6rOf3iEkHJsPH9Kbvb2DYgLTG2C9IFX
abWIbBMKaWkLblmKzoJcnXpqcsl7S9rLWMSwfuq4nXpBs/9xZepNfTI=
-----END CERTIFICATE-----
Generated at Wed May 13 03:56:25 2026 by rpki-client