Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3231362e302f32312d3234203d3e203437353833.roa
File: 3134352e37392e3231362e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: py1YV8Nf0ASyNKXDJVEHYzLAOIKbFQkZWswJOLoMcfc=
Subject key identifier: AB:46:FD:DF:42:16:8A:3D:92:2E:85:D0:AF:A1:27:41:1D:BE:6F:C1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 306D3F96AED1427A8E6F8DA516FC7A3EB7BA6053
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3231362e302f32312d3234203d3e203437353833.roa
Signing time: Thu 12 Mar 2026 10:23:24 +0000
ROA not before: Thu 12 Mar 2026 10:18:24 +0000
ROA not after: Thu 11 Mar 2027 10:23:24 +0000
asID: 47583
IP address blocks: 145.79.216.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:26:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:6d:3f:96:ae:d1:42:7a:8e:6f:8d:a5:16:fc:7a:3e:b7:ba:60:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 12 10:18:24 2026 GMT
Not After : Mar 11 10:23:24 2027 GMT
Subject: CN=AB46FDDF42168A3D922E85D0AFA127411DBE6FC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9b:7d:25:11:7c:a4:0a:0d:a1:61:54:f5:24:
89:2d:85:33:8b:a9:06:a3:fc:31:e1:1f:3c:65:12:
38:4c:c9:e5:2a:eb:2c:5b:a3:e2:39:a8:57:d7:f4:
57:03:7f:91:1b:65:67:d8:d8:35:39:4a:ed:8b:de:
2d:f3:d4:49:ef:03:7c:7e:b3:0f:96:67:8d:e8:1f:
e2:bb:63:84:6d:71:42:07:ce:a7:cd:76:7d:09:54:
e9:a9:7e:53:b8:1f:56:af:31:25:cc:f7:95:72:07:
ba:94:0c:57:67:d2:42:8c:a0:e0:1a:04:0a:79:cb:
7e:18:ad:9f:10:97:91:5f:a1:ca:d5:b2:c3:51:1e:
69:6d:1a:4e:9c:d0:43:8a:a3:0b:f9:89:80:49:a3:
dc:85:e5:71:68:d7:85:f1:90:5e:12:3a:f2:5c:c6:
89:5d:39:eb:9d:a1:8c:40:58:9b:2e:5e:00:fb:40:
63:c0:1a:a2:c5:61:65:10:4f:53:0d:87:8d:45:e1:
b3:0b:90:75:1b:e9:69:b6:d9:6f:9f:c9:6f:c8:90:
41:dd:99:6e:c5:bd:1c:f8:17:55:bc:28:49:fb:3f:
1a:14:ad:67:0b:94:cf:68:3a:50:8a:47:4a:f8:16:
7b:28:ea:46:ae:1a:fc:80:48:92:44:d7:de:42:33:
30:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:46:FD:DF:42:16:8A:3D:92:2E:85:D0:AF:A1:27:41:1D:BE:6F:C1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3231362e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.216.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:1e:3b:78:3f:89:d7:66:f8:4c:e2:96:66:ac:86:64:10:5f:
04:ee:58:15:d9:29:1b:45:59:02:58:99:80:73:8c:4a:4b:6e:
5b:50:5f:6b:9d:5a:8f:91:9d:04:a3:ae:ae:48:9a:e0:9a:2e:
0a:e6:3a:e3:9a:4d:60:75:8a:50:a2:a8:0c:d9:a9:1b:61:c4:
e5:69:c9:37:07:1e:47:25:71:1f:df:78:dd:7f:45:63:b6:53:
fd:0e:df:ac:5e:0c:69:af:aa:26:e2:55:14:67:be:99:d4:81:
dd:ed:34:42:4f:e8:70:68:23:db:46:26:eb:77:80:e3:b1:22:
40:c2:64:42:c9:da:6d:ed:4b:99:e6:fa:58:e0:78:0f:98:96:
6d:09:77:e2:44:2a:83:df:43:35:bc:be:5e:4d:16:32:cc:1b:
71:35:69:1c:99:31:3b:e3:36:00:33:a6:05:29:22:b3:1a:d6:
91:f7:52:35:71:7e:a6:54:73:e6:f6:78:b6:e0:ab:2e:8d:f5:
31:30:cd:86:8a:25:08:4f:ba:35:48:4a:ce:cf:46:45:ab:ec:
d2:67:b2:74:70:2b:35:68:2e:3a:51:fe:79:65:7f:7a:4c:a5:
ea:55:08:60:5a:00:32:8f:12:54:05:ee:1a:6c:5c:b0:21:53:
12:ce:de:4a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMG0/lq7RQnqOb42lFvx6Pre6YFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTIxMDE4MjRaFw0yNzAzMTExMDIzMjRaMDMxMTAvBgNV
BAMTKEFCNDZGRERGNDIxNjhBM0Q5MjJFODVEMEFGQTEyNzQxMURCRTZGQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCm30lEXykCg2hYVT1JIkthTOL
qQaj/DHhHzxlEjhMyeUq6yxbo+I5qFfX9FcDf5EbZWfY2DU5Su2L3i3z1EnvA3x+
sw+WZ43oH+K7Y4RtcUIHzqfNdn0JVOmpflO4H1avMSXM95VyB7qUDFdn0kKMoOAa
BAp5y34YrZ8Ql5FfocrVssNRHmltGk6c0EOKowv5iYBJo9yF5XFo14XxkF4SOvJc
xoldOeudoYxAWJsuXgD7QGPAGqLFYWUQT1MNh41F4bMLkHUb6Wm22W+fyW/IkEHd
mW7FvRz4F1W8KEn7PxoUrWcLlM9oOlCKR0r4Fnso6kauGvyASJJE195CMzB9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUq0b930IWij2SLoXQr6EnQR2+b8EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMjMx
MzYyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
kU/YMA0GCSqGSIb3DQEBCwUAA4IBAQAtHjt4P4nXZvhM4pZmrIZkEF8E7lgV2Skb
RVkCWJmAc4xKS25bUF9rnVqPkZ0Eo66uSJrgmi4K5jrjmk1gdYpQoqgM2akbYcTl
ack3Bx5HJXEf33jdf0VjtlP9Dt+sXgxpr6om4lUUZ76Z1IHd7TRCT+hwaCPbRibr
d4DjsSJAwmRCydpt7UuZ5vpY4HgPmJZtCXfiRCqD30M1vL5eTRYyzBtxNWkcmTE7
4zYAM6YFKSKzGtaR91I1cX6mVHPm9ni24KsujfUxMM2GiiUIT7o1SErOz0ZFq+zS
Z7J0cCs1aC46Uf55ZX96TKXqVQhgWgAyjxJUBe4abFywIVMSzt5K
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:03:46 2026 by rpki-client