Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37382e302f32342d3234203d3e20323034313730.roa
File: 3135352e3133332e37382e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: bbRoa0w/5i9UBzcRaaSIkf99djhNxR+dYV7PHjYZPjU=
Subject key identifier: 39:01:B1:52:02:4F:B2:0E:E0:EE:86:A6:A9:C2:18:04:D5:C5:2F:13
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1675DAABAF907AC32E1433B94E6C2CB894672790
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37382e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 28 Apr 2026 23:23:55 +0000
ROA not before: Tue 28 Apr 2026 23:18:55 +0000
ROA not after: Tue 27 Apr 2027 23:23:55 +0000
asID: 204170
IP address blocks: 155.133.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:75:da:ab:af:90:7a:c3:2e:14:33:b9:4e:6c:2c:b8:94:67:27:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 28 23:18:55 2026 GMT
Not After : Apr 27 23:23:55 2027 GMT
Subject: CN=3901B152024FB20EE0EE86A6A9C21804D5C52F13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:39:f4:b5:93:3c:30:0e:66:c1:de:95:ee:0b:
a5:bb:dd:78:f6:91:d0:34:7a:5f:09:7e:11:a8:78:
fa:65:61:c9:cd:55:67:c5:3b:3f:7e:9c:b5:1c:09:
6d:a6:05:05:df:e6:b6:24:bd:e1:2e:a0:4a:7b:b3:
b8:fa:ed:67:fb:bd:22:06:5f:cd:86:76:8e:40:e6:
0a:2d:94:86:33:4d:30:13:4c:76:bc:57:6b:ae:ce:
b8:bb:4c:98:1a:02:4b:96:c8:45:41:da:d7:08:ef:
7d:f3:fe:90:d8:c8:d1:76:88:9b:3d:de:d1:94:4d:
c4:1a:31:63:2b:ec:a6:4b:a8:0c:63:18:5b:45:dc:
40:a9:2d:43:b9:68:bb:4b:c2:0a:2d:fc:2f:96:50:
30:c4:88:b4:90:f5:7e:9e:bc:8a:05:c2:67:8d:4c:
05:10:1f:a7:a2:b5:49:71:15:2a:9d:18:07:ef:52:
92:f5:62:7e:cd:c6:72:a1:a4:79:bd:1e:5e:18:47:
3b:1b:7c:a9:c8:65:90:88:f9:73:66:cd:bf:72:5e:
54:b9:e9:24:ad:fa:0d:16:93:20:02:ec:b8:1e:c7:
bb:fc:4f:e7:45:2d:68:d6:b6:9f:91:42:86:c9:3e:
7c:1a:33:a1:00:68:ad:14:07:3c:c0:dd:de:4d:9b:
bb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:01:B1:52:02:4F:B2:0E:E0:EE:86:A6:A9:C2:18:04:D5:C5:2F:13
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37382e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.78.0/24
Signature Algorithm: sha256WithRSAEncryption
47:78:00:f1:23:b6:27:fd:a0:f7:c0:e2:98:93:3a:66:fe:91:
7b:bc:75:c4:87:8a:a2:50:29:b6:c2:bc:a7:87:60:e5:6e:ff:
7c:68:54:ae:eb:c8:db:01:b5:dd:4a:46:4e:8d:c0:c4:d7:73:
f8:c1:e4:8e:3a:d3:84:49:12:7e:e5:2c:1e:99:b6:a6:b4:3a:
ba:cd:1f:3b:c8:8c:a0:bb:2c:84:68:26:e1:13:68:11:a9:e8:
75:c3:20:d6:55:9c:c1:9b:22:8c:ae:87:00:b6:10:45:a5:2a:
0d:48:39:1b:0d:88:ed:de:0b:57:76:c2:c1:f1:77:83:72:c8:
a0:54:b1:b2:45:d7:8d:6c:9a:91:6d:fc:94:3e:33:5e:7b:0a:
28:e2:7a:df:ac:63:91:d9:33:9a:1a:6f:0c:87:f2:3e:ad:df:
bb:1f:32:92:1b:e1:8a:8b:5a:79:3d:d6:42:d6:a8:df:3f:7e:
0b:5c:67:33:02:cb:fd:db:ba:b2:f1:3b:47:c7:f4:b9:33:ea:
90:31:d7:e5:00:10:95:5e:d6:58:89:36:56:f8:26:9f:96:08:
9b:4f:d7:a4:2b:bf:8d:fc:a3:91:8f:9d:d5:05:d5:b3:3e:38:
9d:46:90:58:4b:7b:b4:89:3b:df:66:af:62:e1:6f:32:e6:9d:
b7:c2:75:b7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFnXaq6+QesMuFDO5TmwsuJRnJ5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjgyMzE4NTVaFw0yNzA0MjcyMzIzNTVaMDMxMTAvBgNV
BAMTKDM5MDFCMTUyMDI0RkIyMEVFMEVFODZBNkE5QzIxODA0RDVDNTJGMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkOfS1kzwwDmbB3pXuC6W73Xj2
kdA0el8JfhGoePplYcnNVWfFOz9+nLUcCW2mBQXf5rYkveEuoEp7s7j67Wf7vSIG
X82Gdo5A5gotlIYzTTATTHa8V2uuzri7TJgaAkuWyEVB2tcI733z/pDYyNF2iJs9
3tGUTcQaMWMr7KZLqAxjGFtF3ECpLUO5aLtLwgot/C+WUDDEiLSQ9X6evIoFwmeN
TAUQH6eitUlxFSqdGAfvUpL1Yn7NxnKhpHm9Hl4YRzsbfKnIZZCI+XNmzb9yXlS5
6SSt+g0WkyAC7Lgex7v8T+dFLWjWtp+RQobJPnwaM6EAaK0UBzzA3d5Nm7uZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOQGxUgJPsg7g7oamqcIYBNXFLxMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM3
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhU4wDQYJKoZIhvcNAQELBQADggEBAEd4APEjtif9oPfA4piTOmb+kXu8dcSH
iqJQKbbCvKeHYOVu/3xoVK7ryNsBtd1KRk6NwMTXc/jB5I4604RJEn7lLB6Ztqa0
OrrNHzvIjKC7LIRoJuETaBGp6HXDINZVnMGbIoyuhwC2EEWlKg1IORsNiO3eC1d2
wsHxd4NyyKBUsbJF141smpFt/JQ+M157Cijiet+sY5HZM5oabwyH8j6t37sfMpIb
4YqLWnk91kLWqN8/fgtcZzMCy/3burLxO0fH9Lkz6pAx1+UAEJVe1liJNlb4Jp+W
CJtP16Qrv438o5GPndUF1bM+OJ1GkFhLe7SJO99mr2LhbzLmnbfCdbc=
-----END CERTIFICATE-----
Generated at Wed May 13 08:33:59 2026 by rpki-client