Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136392e34302e31352e302f32342d3234203d3e20323033333830.roa
File: 3136392e34302e31352e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: GAOJ8vNKFCnVPkeXptixdoPa01xjiRYhcfEm4qd/wy4=
Subject key identifier: C3:28:3A:0C:6E:DE:87:39:80:8B:BC:6E:E0:E8:17:A3:8E:49:4B:E5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6F3375B0A4635A6B704A288A8E2278EC6BFBC5CC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136392e34302e31352e302f32342d3234203d3e20323033333830.roa
Signing time: Fri 08 May 2026 21:44:49 +0000
ROA not before: Fri 08 May 2026 21:39:49 +0000
ROA not after: Fri 07 May 2027 21:44:49 +0000
asID: 203380
IP address blocks: 169.40.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:33:75:b0:a4:63:5a:6b:70:4a:28:8a:8e:22:78:ec:6b:fb:c5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 8 21:39:49 2026 GMT
Not After : May 7 21:44:49 2027 GMT
Subject: CN=C3283A0C6EDE8739808BBC6EE0E817A38E494BE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:cf:ab:f7:6d:d6:df:c8:6c:3d:13:e7:48:4c:
a5:58:85:59:ea:8e:42:18:ef:db:38:a3:ca:e4:10:
c2:c0:85:d0:78:77:63:93:ca:f2:81:52:d7:b3:73:
8c:23:d3:69:ca:78:41:df:4c:21:0b:d7:a4:b4:58:
e7:4e:99:79:be:94:e0:6f:a4:86:26:a0:6d:b3:88:
19:33:b7:a2:a1:8f:2c:43:c6:11:80:97:11:ce:78:
12:b2:73:6e:e4:81:88:d3:61:df:06:6a:c6:48:be:
06:00:cd:09:94:cd:4c:bf:8f:ef:b9:38:4f:8b:81:
79:99:cf:31:aa:ad:ee:6b:8f:09:d8:e2:25:bf:5e:
da:89:d8:c8:5f:64:0c:6d:d5:69:dc:b9:a1:c6:a7:
2b:df:02:1e:67:2f:16:9f:d7:79:f2:13:15:cf:d1:
b6:80:97:b1:f9:ba:35:ea:ee:66:45:ac:04:c9:54:
23:60:3b:ca:2d:de:24:a8:44:6e:4b:a6:d4:a3:03:
65:63:e4:fe:42:b0:43:3a:32:9c:9e:0a:a5:b9:02:
33:08:ea:d5:99:d8:a8:08:66:d0:2e:df:89:f1:2b:
ed:a0:dd:8a:00:c4:e7:5d:c0:3d:2b:52:f7:ad:2a:
cd:53:8c:42:66:45:23:51:20:3e:c8:84:08:7a:94:
5d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:28:3A:0C:6E:DE:87:39:80:8B:BC:6E:E0:E8:17:A3:8E:49:4B:E5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136392e34302e31352e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
169.40.15.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:e4:41:5a:27:7a:99:21:f1:0a:9c:9a:5c:79:2b:3e:c8:bc:
9c:a2:ee:94:1f:dc:8a:51:32:58:95:b9:bf:48:4b:72:11:f9:
0b:25:23:f6:a2:32:d7:af:e9:7d:5a:b0:16:72:f1:54:f6:d8:
95:4f:f7:10:a6:d3:96:7d:d7:60:1c:18:e2:37:5f:6f:b1:ff:
dd:60:35:56:25:3d:97:8c:12:b0:58:29:eb:e1:89:cb:d2:98:
1d:8f:2a:28:ca:34:5e:87:4c:e1:94:a9:30:ae:ba:95:61:4c:
3d:b3:d7:cc:fc:d4:62:c8:d8:46:f4:41:82:b4:93:5b:ec:72:
53:d3:16:6d:a7:4f:aa:b2:19:38:70:8d:f0:e8:84:e7:13:9f:
83:9a:cf:0e:f4:f8:ef:1c:5f:a4:3b:be:b3:0f:19:bf:51:44:
23:d0:95:f1:0e:34:1b:b8:3c:10:b9:ab:da:c8:51:fd:f4:ab:
be:42:a8:68:2d:82:04:f7:b6:0a:86:a2:fe:b8:85:16:d9:91:
a1:1f:13:a5:bd:20:cf:77:0a:2d:28:bc:83:bf:d1:e9:af:33:
39:16:e8:bb:c4:a3:8e:9f:fe:0d:28:01:4c:47:1c:8e:0d:0d:
66:57:65:4d:5e:61:ac:d7:ad:09:03:2c:86:27:42:5b:13:42:
c9:1e:a3:50
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbzN1sKRjWmtwSiiKjiJ47Gv7xcwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MDgyMTM5NDlaFw0yNzA1MDcyMTQ0NDlaMDMxMTAvBgNV
BAMTKEMzMjgzQTBDNkVERTg3Mzk4MDhCQkM2RUUwRTgxN0EzOEU0OTRCRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFz6v3bdbfyGw9E+dITKVYhVnq
jkIY79s4o8rkEMLAhdB4d2OTyvKBUtezc4wj02nKeEHfTCEL16S0WOdOmXm+lOBv
pIYmoG2ziBkzt6KhjyxDxhGAlxHOeBKyc27kgYjTYd8GasZIvgYAzQmUzUy/j++5
OE+LgXmZzzGqre5rjwnY4iW/XtqJ2MhfZAxt1WncuaHGpyvfAh5nLxaf13nyExXP
0baAl7H5ujXq7mZFrATJVCNgO8ot3iSoRG5LptSjA2Vj5P5CsEM6MpyeCqW5AjMI
6tWZ2KgIZtAu34nxK+2g3YoAxOddwD0rUvetKs1TjEJmRSNRID7IhAh6lF0nAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwyg6DG7ehzmAi7xu4OgXo45JS+UwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNjM5MmUzNDMwMmUzMTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMzMzMzODMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
qSgPMA0GCSqGSIb3DQEBCwUAA4IBAQA95EFaJ3qZIfEKnJpceSs+yLycou6UH9yK
UTJYlbm/SEtyEfkLJSP2ojLXr+l9WrAWcvFU9tiVT/cQptOWfddgHBjiN19vsf/d
YDVWJT2XjBKwWCnr4YnL0pgdjyooyjReh0zhlKkwrrqVYUw9s9fM/NRiyNhG9EGC
tJNb7HJT0xZtp0+qshk4cI3w6ITnE5+Dms8O9PjvHF+kO76zDxm/UUQj0JXxDjQb
uDwQuavayFH99Ku+QqhoLYIE97YKhqL+uIUW2ZGhHxOlvSDPdwotKLyDv9HprzM5
Fui7xKOOn/4NKAFMRxyODQ1mV2VNXmGs160JAyyGJ0JbE0LJHqNQ
-----END CERTIFICATE-----
Generated at Tue May 12 21:44:43 2026 by rpki-client