Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37342e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: khtr0rHKLUdR/tagd+WRcFThLuABm8hE04cLSXHWFPc=
Subject key identifier: B5:7D:5F:43:08:11:3B:1D:7C:31:98:6F:C4:82:48:70:DD:95:34:20
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 354973421961403F0DAD309D71E8990DB912444B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37342e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:25 +0000
ROA not before: Sun 15 Mar 2026 12:18:25 +0000
ROA not after: Sun 14 Mar 2027 12:23:25 +0000
asID: 136787
IP address blocks: 158.220.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:49:73:42:19:61:40:3f:0d:ad:30:9d:71:e8:99:0d:b9:12:44:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 15 12:18:25 2026 GMT
Not After : Mar 14 12:23:25 2027 GMT
Subject: CN=B57D5F4308113B1D7C31986FC4824870DD953420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4b:08:44:52:08:ee:0c:df:ca:ba:82:9d:1c:
e2:2c:51:25:16:44:5d:b6:bf:a4:6d:05:c5:e9:a9:
d1:de:5b:67:68:6d:fa:56:db:27:73:ac:e0:e9:de:
b0:76:b5:06:ab:cd:85:1e:9f:97:81:58:a5:9c:da:
83:1b:5c:53:98:ae:7b:06:c1:1e:5f:c3:49:05:cb:
d4:b9:71:3f:72:49:e8:28:e3:7e:4b:f0:46:bd:86:
d2:14:97:85:52:e7:7c:47:9b:01:a6:c7:65:ad:d0:
0a:39:a4:5c:3d:a3:a9:d0:b5:44:39:3d:a7:c0:5d:
1b:ff:78:a6:40:3c:e6:75:1e:25:ab:ce:d3:45:72:
32:d7:6c:d3:16:2d:6d:1a:1e:a3:06:04:43:33:06:
31:48:41:58:e6:bc:0f:63:fa:a2:34:b9:d8:08:53:
e9:62:a0:ac:63:74:ad:63:da:89:34:13:12:01:01:
15:f8:de:ca:8e:96:6a:b8:ed:63:f9:b5:0e:e2:93:
92:23:74:84:35:de:9b:02:f5:b3:35:ff:14:38:12:
50:04:d9:e8:3f:fb:eb:5a:b5:3e:79:e1:4a:cb:54:
8e:38:e9:e6:1d:21:67:a2:91:0e:28:1e:02:2d:4a:
5a:b0:37:3d:5b:5b:4f:aa:ac:ae:02:c3:90:fb:5e:
80:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7D:5F:43:08:11:3B:1D:7C:31:98:6F:C4:82:48:70:DD:95:34:20
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.74.0/24
Signature Algorithm: sha256WithRSAEncryption
45:11:f1:16:9e:33:35:e2:35:78:3b:42:32:66:d3:ed:4d:77:
fb:12:27:86:9a:8f:40:c5:91:00:24:aa:f5:ef:3b:4e:e4:d6:
4f:3d:98:75:05:44:07:f3:f8:83:1a:6a:9a:85:41:24:9a:59:
9e:30:4e:9f:02:e3:95:73:75:71:41:51:59:ad:9d:1c:11:81:
26:c2:13:43:99:e2:1d:2f:24:a0:0c:8a:51:dc:e1:82:cd:8a:
1a:27:f2:66:89:49:0d:50:57:f0:8f:18:8a:92:8a:65:d8:7e:
b2:c5:f1:e8:2b:bb:18:c9:d3:b4:a2:17:aa:83:f0:1c:28:32:
87:f3:b7:3f:58:45:2e:45:2d:80:20:4a:f5:72:4b:11:bc:d5:
b5:00:14:2f:31:a1:69:14:97:3d:3c:b9:b6:3f:27:ca:66:dc:
62:e5:c1:ba:4b:b2:45:fe:b9:87:39:e4:99:05:77:cc:d0:a5:
6a:a3:54:19:07:0c:c5:f9:97:20:53:68:da:6c:f2:c0:74:28:
f1:ad:d6:ca:6e:19:43:e1:6d:89:ba:1b:e8:b1:47:25:4e:80:
22:31:87:1c:87:8f:90:94:43:90:53:af:99:4b:5e:d8:3b:50:
6a:e8:5d:ca:f4:d2:3a:79:94:76:65:5d:42:88:0e:9a:94:3a:
3d:f9:12:f3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNUlzQhlhQD8NrTCdceiZDbkSREswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTUxMjE4MjVaFw0yNzAzMTQxMjIzMjVaMDMxMTAvBgNV
BAMTKEI1N0Q1RjQzMDgxMTNCMUQ3QzMxOTg2RkM0ODI0ODcwREQ5NTM0MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfSwhEUgjuDN/KuoKdHOIsUSUW
RF22v6RtBcXpqdHeW2dobfpW2ydzrODp3rB2tQarzYUen5eBWKWc2oMbXFOYrnsG
wR5fw0kFy9S5cT9ySego435L8Ea9htIUl4VS53xHmwGmx2Wt0Ao5pFw9o6nQtUQ5
PafAXRv/eKZAPOZ1HiWrztNFcjLXbNMWLW0aHqMGBEMzBjFIQVjmvA9j+qI0udgI
U+lioKxjdK1j2ok0ExIBARX43sqOlmq47WP5tQ7ik5IjdIQ13psC9bM1/xQ4ElAE
2eg/++tatT554UrLVI446eYdIWeikQ4oHgItSlqwNz1bW0+qrK4Cw5D7XoDRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtX1fQwgROx18MZhvxIJIcN2VNCAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3EowDQYJKoZIhvcNAQELBQADggEBAEUR8RaeMzXiNXg7QjJm0+1Nd/sSJ4aa
j0DFkQAkqvXvO07k1k89mHUFRAfz+IMaapqFQSSaWZ4wTp8C45VzdXFBUVmtnRwR
gSbCE0OZ4h0vJKAMilHc4YLNihon8maJSQ1QV/CPGIqSimXYfrLF8egruxjJ07Si
F6qD8BwoMofztz9YRS5FLYAgSvVySxG81bUAFC8xoWkUlz08ubY/J8pm3GLlwbpL
skX+uYc55JkFd8zQpWqjVBkHDMX5lyBTaNps8sB0KPGt1spuGUPhbYm6G+ixRyVO
gCIxhxyHj5CUQ5BTr5lLXtg7UGroXcr00jp5lHZlXUKIDpqUOj35EvM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:25:49 2026 by rpki-client