Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3138382e302f32342d3234203d3e20333935373933.roa
File: 3134352e37392e3138382e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: Y/Rz92sWESl47prRWqfMKU0u1igf2P/8rlTTugwj4Sk=
Subject key identifier: A3:85:BD:8D:14:D4:FA:2A:F8:22:C2:D1:9C:C6:BF:B7:2D:7D:77:18
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A70E0390AB485380E808637CF6FDCBDF861EA57
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3138382e302f32342d3234203d3e20333935373933.roa
Signing time: Thu 30 Apr 2026 19:24:00 +0000
ROA not before: Thu 30 Apr 2026 19:19:00 +0000
ROA not after: Thu 29 Apr 2027 19:24:00 +0000
asID: 395793
IP address blocks: 145.79.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:70:e0:39:0a:b4:85:38:0e:80:86:37:cf:6f:dc:bd:f8:61:ea:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 19:19:00 2026 GMT
Not After : Apr 29 19:24:00 2027 GMT
Subject: CN=A385BD8D14D4FA2AF822C2D19CC6BFB72D7D7718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6a:8f:1f:1c:77:4e:61:bc:c5:6c:6e:dc:c7:
bc:a0:b5:1f:a2:18:09:9e:e2:f2:57:9f:3d:ac:8d:
3a:c3:a1:c7:e9:9d:de:16:07:d5:d0:47:e6:cd:0a:
80:f3:56:e2:4a:05:0d:f6:2a:e2:71:0f:81:b1:0f:
54:3c:13:3d:7e:b8:7a:ca:1a:6c:84:76:fb:52:90:
b9:8a:2d:68:02:92:1e:11:c6:0b:45:1d:6e:c2:f0:
00:31:b9:22:36:12:48:b6:4d:e7:f4:c1:8f:c9:80:
09:93:bf:a8:4e:f9:a4:92:ee:f1:f8:dc:07:9b:6a:
ef:0f:78:1d:ad:5d:63:eb:70:7c:6a:e2:83:6c:5e:
56:81:26:21:97:2e:31:f4:21:31:6f:01:71:c2:bd:
c8:07:66:2a:f9:ce:85:3e:54:a6:1a:76:47:4f:76:
a3:1c:4c:aa:82:46:f6:6a:e8:24:82:d0:5a:e7:8c:
a1:cf:1c:e7:a8:d2:85:8f:ce:49:79:73:e6:a5:66:
8a:08:a4:6f:0f:85:5c:d4:4c:2d:0a:c6:cb:71:0b:
ec:cf:9f:57:1d:21:36:89:14:b1:a2:41:00:66:a9:
45:bd:5c:05:fa:02:6e:29:d4:6c:70:49:7b:d2:d3:
02:69:b9:41:c0:ae:71:45:08:d0:5d:c4:8d:2b:8f:
bc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:85:BD:8D:14:D4:FA:2A:F8:22:C2:D1:9C:C6:BF:B7:2D:7D:77:18
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3138382e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.188.0/24
Signature Algorithm: sha256WithRSAEncryption
00:63:1e:90:29:11:8d:f4:aa:d5:06:87:c4:84:47:35:06:4b:
1f:72:81:d2:e9:f1:20:1c:14:11:12:a1:15:42:8c:fd:9a:15:
16:98:ef:53:58:51:76:72:2c:90:fd:69:55:d1:ba:87:0c:fc:
2a:d7:55:47:4e:2b:e9:46:30:0b:dd:4e:c1:07:36:86:52:21:
88:18:f2:a1:b0:34:15:1a:46:f4:b1:92:4e:96:b1:d3:fa:5b:
b3:4e:35:5e:7f:b4:11:89:34:18:a9:e8:5f:a1:47:eb:34:ca:
79:23:1d:87:84:20:16:c8:fb:ac:f3:84:cc:1a:26:9b:f2:67:
77:5e:77:37:57:d1:c1:a6:a6:f3:10:64:a7:2a:84:ae:7d:44:
3a:7d:66:db:34:83:94:d9:91:ee:df:14:a4:51:db:97:c6:98:
9e:c9:ed:2c:78:0d:7c:ad:2a:bc:da:10:f3:1d:bb:0b:de:b5:
9b:e9:94:da:5c:69:d9:70:0f:38:09:9f:c0:0a:13:7b:e0:a3:
fd:57:b7:3b:ae:68:58:11:14:df:6b:45:73:6d:ae:de:7d:14:
9e:eb:23:3a:57:58:38:fb:a3:c0:55:9c:16:37:df:a0:54:8d:
06:0a:d2:f4:7a:01:0d:46:48:55:77:ab:de:ed:2c:bf:49:4a:
f1:ae:4c:be
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCnDgOQq0hTgOgIY3z2/cvfhh6lcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxOTE5MDBaFw0yNzA0MjkxOTI0MDBaMDMxMTAvBgNV
BAMTKEEzODVCRDhEMTRENEZBMkFGODIyQzJEMTlDQzZCRkI3MkQ3RDc3MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlao8fHHdOYbzFbG7cx7ygtR+i
GAme4vJXnz2sjTrDocfpnd4WB9XQR+bNCoDzVuJKBQ32KuJxD4GxD1Q8Ez1+uHrK
GmyEdvtSkLmKLWgCkh4RxgtFHW7C8AAxuSI2Eki2Tef0wY/JgAmTv6hO+aSS7vH4
3Aebau8PeB2tXWPrcHxq4oNsXlaBJiGXLjH0ITFvAXHCvcgHZir5zoU+VKYadkdP
dqMcTKqCRvZq6CSC0FrnjKHPHOeo0oWPzkl5c+alZooIpG8PhVzUTC0KxstxC+zP
n1cdITaJFLGiQQBmqUW9XAX6Am4p1GxwSXvS0wJpuUHArnFFCNBdxI0rj7zzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUo4W9jRTU+ir4IsLRnMa/ty19dxgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM4
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT7wwDQYJKoZIhvcNAQELBQADggEBAABjHpApEY30qtUGh8SERzUGSx9ygdLp
8SAcFBESoRVCjP2aFRaY71NYUXZyLJD9aVXRuocM/CrXVUdOK+lGMAvdTsEHNoZS
IYgY8qGwNBUaRvSxkk6WsdP6W7NONV5/tBGJNBip6F+hR+s0ynkjHYeEIBbI+6zz
hMwaJpvyZ3dedzdX0cGmpvMQZKcqhK59RDp9Zts0g5TZke7fFKRR25fGmJ7J7Sx4
DXytKrzaEPMduwvetZvplNpcadlwDzgJn8AKE3vgo/1XtzuuaFgRFN9rRXNtrt59
FJ7rIzpXWDj7o8BVnBY336BUjQYK0vR6AQ1GSFV3q97tLL9JSvGuTL4=
-----END CERTIFICATE-----
Generated at Wed May 13 06:17:02 2026 by rpki-client