Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130372e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: QtjZwCVFGZPJSASBpwod5Trk87k23FwOR90g6B7UfWE=
Subject key identifier: 1E:BC:43:BD:C1:9F:BB:58:03:13:E1:AA:8D:76:4D:6A:2F:FB:ED:F8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 672B1E9BBC723005BAB29929A60BD168AA7DD508
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:26 +0000
ROA not before: Sun 15 Mar 2026 12:18:26 +0000
ROA not after: Sun 14 Mar 2027 12:23:26 +0000
asID: 136787
IP address blocks: 156.67.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:2b:1e:9b:bc:72:30:05:ba:b2:99:29:a6:0b:d1:68:aa:7d:d5:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 15 12:18:26 2026 GMT
Not After : Mar 14 12:23:26 2027 GMT
Subject: CN=1EBC43BDC19FBB580313E1AA8D764D6A2FFBEDF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:46:c9:bf:83:0f:16:7d:50:cb:5a:48:fa:93:
6a:c8:f0:61:97:b9:1e:99:ee:8c:f7:2e:99:b6:50:
4d:61:76:3e:ed:d6:7d:f7:94:a1:a2:5d:6d:db:85:
9d:ba:cc:08:37:08:d5:da:49:19:ba:5a:7c:b2:2a:
fc:82:3d:08:ba:0d:80:e8:9f:a1:44:96:21:63:f4:
a4:4f:f6:bd:79:44:ea:e8:e6:dd:7c:0e:71:7c:34:
10:9f:a1:cf:53:1f:b9:0c:2d:2b:ac:bb:17:36:d7:
7b:6f:7f:c6:4e:5e:5f:d1:a1:45:ce:06:9f:b4:dd:
dd:a5:69:ab:27:ad:0e:61:36:33:2e:41:0e:1d:f7:
8a:1b:58:a8:c1:42:57:3f:a5:ee:85:49:89:7f:51:
f2:ac:66:7f:f7:a9:77:9f:d2:09:9f:ce:31:12:d4:
ed:51:9c:29:4e:eb:47:43:22:94:8f:7e:70:f2:72:
73:bb:1f:ad:45:8a:13:2e:d5:0f:b7:41:30:9d:0e:
a3:36:7a:02:2e:3a:ca:2f:b9:f9:59:1f:8c:26:de:
ad:a5:08:75:f4:c4:58:01:88:7b:7e:ce:7e:23:d9:
bc:9d:60:f2:bc:ad:27:37:ef:7d:30:2b:83:8f:84:
18:18:78:f6:d7:e4:67:b4:fa:0e:93:fd:35:9a:e6:
4e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:BC:43:BD:C1:9F:BB:58:03:13:E1:AA:8D:76:4D:6A:2F:FB:ED:F8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.107.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:4c:55:9a:df:ca:1f:85:c2:e1:03:5c:96:e0:2b:90:cf:59:
0e:b6:e2:59:38:91:c2:9c:ff:ba:98:ed:ed:79:9b:13:6c:4a:
a4:5d:95:4a:0c:30:c0:98:5b:d2:ce:91:78:ad:fc:f7:8a:eb:
1b:a9:15:0a:04:ed:04:f7:e2:42:3b:04:3d:50:fc:6c:31:5c:
e9:03:f8:b0:e8:c3:d0:e8:bf:7b:bc:49:1e:1d:66:53:2c:77:
6d:95:5b:5b:87:77:b3:9f:f7:68:4a:dd:84:c3:dc:25:e4:a4:
45:0c:88:1d:f3:48:7c:24:8f:b0:3b:94:cc:66:43:91:70:f6:
53:45:64:a9:ec:93:dd:8c:e1:26:18:15:2f:2e:34:d6:be:3b:
19:5d:f8:5d:b2:6d:e5:e0:62:84:cd:ca:e6:da:27:dc:f5:53:
c6:de:eb:50:2f:d9:9a:0c:7f:42:4d:2f:60:75:68:d4:3e:66:
ef:ed:83:f7:c9:d5:c9:ec:14:08:f7:e1:67:e7:c0:04:83:a9:
57:aa:88:03:b7:ca:1a:26:43:f4:78:e1:dd:a5:54:bf:c4:6f:
5b:54:57:2b:6a:d2:93:44:41:57:c8:ad:cf:9f:dd:be:40:ff:
9e:e7:ba:c3:c7:2e:68:78:b9:8e:f2:60:51:44:2a:7b:d8:0a:
3f:fd:df:21
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZysem7xyMAW6spkppgvRaKp91QgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTUxMjE4MjZaFw0yNzAzMTQxMjIzMjZaMDMxMTAvBgNV
BAMTKDFFQkM0M0JEQzE5RkJCNTgwMzEzRTFBQThENzY0RDZBMkZGQkVERjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQRsm/gw8WfVDLWkj6k2rI8GGX
uR6Z7oz3Lpm2UE1hdj7t1n33lKGiXW3bhZ26zAg3CNXaSRm6WnyyKvyCPQi6DYDo
n6FEliFj9KRP9r15ROro5t18DnF8NBCfoc9TH7kMLSusuxc213tvf8ZOXl/RoUXO
Bp+03d2laasnrQ5hNjMuQQ4d94obWKjBQlc/pe6FSYl/UfKsZn/3qXef0gmfzjES
1O1RnClO60dDIpSPfnDycnO7H61FihMu1Q+3QTCdDqM2egIuOsovuflZH4wm3q2l
CHX0xFgBiHt+zn4j2bydYPK8rSc3730wK4OPhBgYePbX5Ge0+g6T/TWa5k5rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHrxDvcGfu1gDE+GqjXZNai/77fgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ2swDQYJKoZIhvcNAQELBQADggEBAF5MVZrfyh+FwuEDXJbgK5DPWQ624lk4
kcKc/7qY7e15mxNsSqRdlUoMMMCYW9LOkXit/PeK6xupFQoE7QT34kI7BD1Q/Gwx
XOkD+LDow9Dov3u8SR4dZlMsd22VW1uHd7Of92hK3YTD3CXkpEUMiB3zSHwkj7A7
lMxmQ5Fw9lNFZKnsk92M4SYYFS8uNNa+Oxld+F2ybeXgYoTNyubaJ9z1U8be61Av
2ZoMf0JNL2B1aNQ+Zu/tg/fJ1cnsFAj34WfnwASDqVeqiAO3yhomQ/R44d2lVL/E
b1tUVytq0pNEQVfIrc+f3b5A/57nusPHLmh4uY7yYFFEKnvYCj/93yE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:41:39 2026 by rpki-client