Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136342e352e3234382e302f32342d3234203d3e20323136323533.roa
File: 3136342e352e3234382e302f32342d3234203d3e20323136323533.roa (raw, json)
Hash identifier: peSnoUaavtu1Ybqodqz6b6VglYJaqR2adkKNynmD35U=
Subject key identifier: 12:30:BA:E5:EF:C7:46:CB:CF:2A:A8:AD:90:65:E9:38:B6:6B:D8:FE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7813FB66C61EE77C27673DF63BDE31F99E2A2240
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136342e352e3234382e302f32342d3234203d3e20323136323533.roa
Signing time: Mon 23 Mar 2026 20:58:32 +0000
ROA not before: Mon 23 Mar 2026 20:53:32 +0000
ROA not after: Mon 22 Mar 2027 20:58:32 +0000
asID: 216253
IP address blocks: 164.5.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:13:fb:66:c6:1e:e7:7c:27:67:3d:f6:3b:de:31:f9:9e:2a:22:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 23 20:53:32 2026 GMT
Not After : Mar 22 20:58:32 2027 GMT
Subject: CN=1230BAE5EFC746CBCF2AA8AD9065E938B66BD8FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:e9:46:4c:c3:66:ef:d3:44:d3:9c:4f:e2:93:
98:98:f2:6e:ab:ef:8a:24:33:83:b3:70:18:3b:0b:
09:24:bb:59:c3:89:59:09:f8:5c:1d:85:59:e1:af:
04:7c:73:14:23:1c:b7:61:9b:fc:2e:21:a7:f5:94:
41:1d:d4:c5:21:ef:45:23:d8:79:1c:26:da:9d:64:
56:97:09:73:24:76:d8:ed:f0:95:f3:85:bb:0d:15:
bc:f1:1d:71:18:b7:5d:19:8b:11:b1:a1:15:5e:74:
4b:b7:d8:b7:cf:7f:f4:8e:17:3b:84:49:ef:28:83:
09:18:4d:03:fe:0a:49:dc:5c:e3:63:b9:c0:b7:91:
58:31:5a:2d:07:f7:a8:15:1f:aa:b3:90:b3:93:70:
d3:9c:7c:eb:fd:29:63:92:d2:32:65:f1:18:25:30:
2d:54:a2:e3:4b:d4:41:0b:c4:ec:9d:e2:d7:de:2a:
bd:74:11:bf:86:7c:72:bc:5a:3c:c4:c8:51:68:27:
2c:87:67:6c:ae:cc:97:9a:62:33:26:2f:87:6c:f8:
8a:07:7d:da:70:40:55:7a:8f:9d:9f:12:d0:36:d9:
f8:46:fa:de:97:bd:c1:59:a2:b5:5d:8c:55:3e:6f:
47:68:f0:a3:a6:37:96:61:43:0c:bf:3f:81:0c:b0:
49:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:30:BA:E5:EF:C7:46:CB:CF:2A:A8:AD:90:65:E9:38:B6:6B:D8:FE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136342e352e3234382e302f32342d3234203d3e20323136323533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b3:74:95:ab:12:59:6a:86:24:32:05:39:23:35:25:c2:3f:
7f:b0:03:64:76:da:f3:44:cb:c5:7a:b8:8d:cf:32:cd:4f:61:
c8:6f:fd:7e:9a:b2:d3:0f:e9:80:1d:0f:36:dd:d9:96:73:72:
b6:29:1a:2c:d5:d7:cf:ff:59:6a:0e:6d:3e:bf:b8:46:de:41:
37:fc:68:e3:54:5a:06:c7:4e:e8:06:a3:db:35:b2:39:91:e1:
da:25:23:60:df:4e:fb:a9:27:57:e1:20:c4:ce:42:4c:1b:06:
6c:37:21:e3:48:51:55:ee:70:80:97:26:a5:5e:dc:c0:14:8a:
68:02:56:ea:66:6d:a2:12:5b:2b:ea:48:51:b2:4f:0e:2b:9d:
79:e2:27:4c:52:da:f0:df:73:b5:d7:e8:90:d3:0a:32:39:d1:
57:06:10:76:85:a1:58:0b:1e:0a:49:10:96:8b:8f:d0:a3:62:
c1:bf:09:24:b1:b5:7a:10:c9:89:56:4b:09:0d:22:75:ce:f2:
c0:0b:2e:05:ee:1b:80:4d:a7:2d:f5:df:31:02:5b:66:01:08:
4f:2c:07:13:46:4f:fa:53:09:2c:a2:df:37:56:9d:64:f0:00:
a0:ab:03:7f:41:68:fc:14:37:e3:e1:13:43:02:e9:39:5e:94:
2f:2d:6f:c9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeBP7ZsYe53wnZz32O94x+Z4qIkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjMyMDUzMzJaFw0yNzAzMjIyMDU4MzJaMDMxMTAvBgNV
BAMTKDEyMzBCQUU1RUZDNzQ2Q0JDRjJBQThBRDkwNjVFOTM4QjY2QkQ4RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDw6UZMw2bv00TTnE/ik5iY8m6r
74okM4OzcBg7Cwkku1nDiVkJ+FwdhVnhrwR8cxQjHLdhm/wuIaf1lEEd1MUh70Uj
2HkcJtqdZFaXCXMkdtjt8JXzhbsNFbzxHXEYt10ZixGxoRVedEu32LfPf/SOFzuE
Se8ogwkYTQP+CkncXONjucC3kVgxWi0H96gVH6qzkLOTcNOcfOv9KWOS0jJl8Rgl
MC1UouNL1EELxOyd4tfeKr10Eb+GfHK8WjzEyFFoJyyHZ2yuzJeaYjMmL4ds+IoH
fdpwQFV6j52fEtA22fhG+t6XvcFZorVdjFU+b0do8KOmN5ZhQwy/P4EMsElZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUEjC65e/HRsvPKqitkGXpOLZr2P4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNjM0MmUzNTJlMzIzNDM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM2MzIzNTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
pAX4MA0GCSqGSIb3DQEBCwUAA4IBAQARs3SVqxJZaoYkMgU5IzUlwj9/sANkdtrz
RMvFeriNzzLNT2HIb/1+mrLTD+mAHQ823dmWc3K2KRos1dfP/1lqDm0+v7hG3kE3
/GjjVFoGx07oBqPbNbI5keHaJSNg3077qSdX4SDEzkJMGwZsNyHjSFFV7nCAlyal
XtzAFIpoAlbqZm2iElsr6khRsk8OK5154idMUtrw33O11+iQ0woyOdFXBhB2haFY
Cx4KSRCWi4/Qo2LBvwkksbV6EMmJVksJDSJ1zvLACy4F7huATact9d8xAltmAQhP
LAcTRk/6Uwksot83Vp1k8ACgqwN/QWj8FDfj4RNDAuk5XpQvLW/J
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:49 2026 by rpki-client