Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39302e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e39302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ZmitLlY8RMMoGWPlxsGxWmL1N96IrXnlv81XcaJnG2A=
Subject key identifier: F7:63:38:72:0D:AB:0E:F9:5C:6B:0C:2E:D2:9E:B6:AA:54:EE:F1:DA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6A1CD4C49A736347509E81C96FEBCF9FB4A9DC28
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:26 +0000
ROA not before: Sun 15 Mar 2026 12:18:26 +0000
ROA not after: Sun 14 Mar 2027 12:23:26 +0000
asID: 136787
IP address blocks: 156.67.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:1c:d4:c4:9a:73:63:47:50:9e:81:c9:6f:eb:cf:9f:b4:a9:dc:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 15 12:18:26 2026 GMT
Not After : Mar 14 12:23:26 2027 GMT
Subject: CN=F76338720DAB0EF95C6B0C2ED29EB6AA54EEF1DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:45:d8:20:02:bd:dd:e8:bf:ca:16:bd:c1:e5:
1a:ad:ef:d6:ca:a5:06:5f:99:7d:ae:d3:58:df:01:
d7:19:c8:e9:ef:09:52:f4:3c:48:04:de:69:94:9a:
34:f4:70:0e:f9:cd:a0:3b:1c:3f:76:1c:61:86:25:
67:dc:6b:7d:60:59:37:05:8c:d4:18:b8:e2:4a:01:
96:39:48:e2:43:02:72:ab:04:6a:4d:70:00:8b:f4:
79:a8:21:6a:27:1b:6b:01:75:ed:d9:f7:0d:b2:83:
dd:d9:ef:49:01:a2:73:3d:ac:8e:3f:a3:5d:f4:2e:
ff:98:4c:7b:a7:4e:93:3d:7a:ef:66:bb:d3:3e:d8:
2e:21:f6:ad:c8:68:a4:e3:aa:17:a7:09:5d:b5:fd:
0e:57:26:72:8e:56:7e:00:17:6a:ce:8b:c8:bb:a9:
9f:64:64:f1:f7:27:cf:9d:da:a7:fc:a4:fe:12:b9:
99:31:e9:c8:97:cf:14:de:b6:52:26:55:21:06:b1:
95:90:af:45:68:92:dd:84:1f:b4:32:c3:b0:88:74:
99:ca:29:69:d5:50:7b:96:8f:0d:1a:b8:2c:a8:6b:
17:59:e2:4e:5d:32:ca:2b:7e:10:22:70:48:81:43:
2a:1c:1c:e9:f7:9d:00:96:61:95:87:7a:66:68:b0:
5a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:63:38:72:0D:AB:0E:F9:5C:6B:0C:2E:D2:9E:B6:AA:54:EE:F1:DA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.90.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:08:f8:e1:0a:3c:1d:8d:77:71:e8:04:2a:0a:90:f4:83:cd:
09:27:f0:4a:27:f1:39:19:36:37:f6:a5:ce:da:90:60:e5:1c:
69:20:16:4d:42:2e:be:ea:d8:fb:12:a4:a3:a6:34:e4:cc:fe:
68:b6:58:5c:25:9a:50:fd:9c:b5:09:fb:16:45:6d:9f:74:9f:
dc:0d:bb:4e:3c:08:25:39:8c:12:29:9e:b5:8b:60:47:27:c4:
a7:60:ea:8c:48:ae:b5:58:1d:b6:79:32:ff:ec:d1:e8:f7:6d:
f4:00:42:4c:e0:c4:ec:a1:b5:c6:d9:65:a9:b8:04:a7:9f:1a:
78:8b:2a:2d:8a:43:db:54:90:2e:67:f9:f9:44:e0:c8:32:d5:
3f:24:92:7c:6b:db:72:ee:3c:b7:e0:6c:2f:1a:5b:d7:5a:c7:
24:b7:eb:69:ac:80:24:bc:11:0d:74:d1:7e:af:0c:cf:e5:be:
09:c7:b1:27:f4:7c:38:23:3e:af:c8:82:3b:f7:05:21:3e:3e:
3b:64:64:eb:ad:2e:ed:ee:ce:8d:ba:94:26:80:88:45:c9:6b:
e5:f5:25:cd:a6:86:86:96:52:22:b1:fb:fb:d1:d3:37:c5:02:
f9:cd:63:85:d6:c4:21:65:35:e7:e4:93:c1:d2:1a:6c:19:41:
c5:f4:ae:e9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUahzUxJpzY0dQnoHJb+vPn7Sp3CgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTUxMjE4MjZaFw0yNzAzMTQxMjIzMjZaMDMxMTAvBgNV
BAMTKEY3NjMzODcyMERBQjBFRjk1QzZCMEMyRUQyOUVCNkFBNTRFRUYxREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFRdggAr3d6L/KFr3B5Rqt79bK
pQZfmX2u01jfAdcZyOnvCVL0PEgE3mmUmjT0cA75zaA7HD92HGGGJWfca31gWTcF
jNQYuOJKAZY5SOJDAnKrBGpNcACL9HmoIWonG2sBde3Z9w2yg93Z70kBonM9rI4/
o130Lv+YTHunTpM9eu9mu9M+2C4h9q3IaKTjqhenCV21/Q5XJnKOVn4AF2rOi8i7
qZ9kZPH3J8+d2qf8pP4SuZkx6ciXzxTetlImVSEGsZWQr0Vokt2EH7Qyw7CIdJnK
KWnVUHuWjw0auCyoaxdZ4k5dMsorfhAicEiBQyocHOn3nQCWYZWHemZosFoxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU92M4cg2rDvlcawwu0p62qlTu8dowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzOTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
nENaMA0GCSqGSIb3DQEBCwUAA4IBAQAuCPjhCjwdjXdx6AQqCpD0g80JJ/BKJ/E5
GTY39qXO2pBg5RxpIBZNQi6+6tj7EqSjpjTkzP5otlhcJZpQ/Zy1CfsWRW2fdJ/c
DbtOPAglOYwSKZ61i2BHJ8SnYOqMSK61WB22eTL/7NHo9230AEJM4MTsobXG2WWp
uASnnxp4iyotikPbVJAuZ/n5RODIMtU/JJJ8a9ty7jy34GwvGlvXWsckt+tprIAk
vBENdNF+rwzP5b4Jx7En9Hw4Iz6vyII79wUhPj47ZGTrrS7t7s6NupQmgIhFyWvl
9SXNpoaGllIisfv70dM3xQL5zWOF1sQhZTXn5JPB0hpsGUHF9K7p
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:23:15 2026 by rpki-client