Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131302e302f32342d3234203d3e20313336373837.roa
File: 3137382e3133322e3131302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: m1F9sD7IJQqJsXzx0Srj4NhyDn2LkInFd9tQXr5tfYQ=
Subject key identifier: 3A:AF:D1:D1:86:C5:6B:74:F6:4F:58:FA:1A:9F:0C:F0:1B:89:34:15
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6845C78DA232B4FDD5EDCEC13C00045FE5739BD6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131302e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 23 Mar 2026 18:23:29 +0000
ROA not before: Mon 23 Mar 2026 18:18:29 +0000
ROA not after: Mon 22 Mar 2027 18:23:29 +0000
asID: 136787
IP address blocks: 178.132.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:45:c7:8d:a2:32:b4:fd:d5:ed:ce:c1:3c:00:04:5f:e5:73:9b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 23 18:18:29 2026 GMT
Not After : Mar 22 18:23:29 2027 GMT
Subject: CN=3AAFD1D186C56B74F64F58FA1A9F0CF01B893415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:9a:be:c7:d1:94:db:50:b3:26:92:ca:8f:35:
96:91:c8:3d:52:e7:17:13:1d:0f:dd:16:3a:54:aa:
da:95:31:28:be:05:83:4c:e4:e5:6d:63:ae:02:aa:
1c:19:ee:bf:ae:5e:8e:c0:f2:53:5f:ed:f2:5b:52:
37:3e:c2:b1:6c:fb:f9:5d:a5:d0:89:c7:8b:31:c0:
a8:b7:3f:b5:fa:62:90:14:67:4e:70:59:6c:f7:43:
d6:2c:cd:fd:e0:67:f5:5c:03:71:5c:f5:4e:14:8c:
b6:9d:00:2a:6c:6e:ce:d6:77:82:93:d6:05:24:34:
14:8a:05:c2:39:7f:6f:d6:ae:73:96:4a:98:23:66:
a9:d4:99:e8:97:a8:ff:9a:1a:c9:81:10:bc:02:9f:
51:00:a4:00:47:31:3b:b9:38:35:2a:09:c2:8f:d4:
af:2a:33:30:a0:ba:af:9c:31:01:7e:00:d4:df:f3:
9d:24:1c:2b:fd:4e:ab:25:d0:bd:f9:c6:51:8d:bd:
ef:8a:b4:1c:68:57:99:37:51:60:f7:bd:38:37:19:
cf:08:55:54:aa:c2:5f:f9:3b:24:be:8d:95:27:7e:
3d:51:b0:6c:58:7d:1d:f9:9a:a9:45:de:49:a3:32:
dc:83:14:75:f1:d3:22:f7:e9:79:cb:c4:ca:f0:5d:
29:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AF:D1:D1:86:C5:6B:74:F6:4F:58:FA:1A:9F:0C:F0:1B:89:34:15
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.110.0/24
Signature Algorithm: sha256WithRSAEncryption
14:f2:e8:d4:27:c2:9c:3b:d5:50:5c:a6:ae:ab:bc:3e:50:e3:
f3:0a:a5:97:df:63:6e:5b:3e:b6:31:15:44:42:79:bf:83:46:
20:3a:13:ca:2d:08:9f:75:e1:93:84:a8:f0:f3:4f:c4:3c:58:
d6:56:d0:15:8a:00:7d:69:50:63:66:6c:ad:e3:94:bd:97:e3:
73:ed:95:24:4a:ea:2a:8f:e2:1f:c3:7a:10:e4:e6:fe:2d:4b:
e9:45:e4:c7:5f:8a:fc:4d:3a:8a:ea:37:39:eb:3e:0d:56:46:
fc:eb:96:af:0a:bd:55:e1:b1:dc:1a:67:03:29:da:09:d8:e5:
c7:5f:a8:61:93:1f:0b:9e:d7:18:a2:05:5f:d7:32:18:c4:c1:
0e:c0:85:65:9e:6c:dc:e7:f4:a8:36:3b:71:0f:bb:bc:46:56:
a6:72:6a:c0:d2:00:d1:89:4a:c4:b3:8b:ec:4b:af:bc:b3:3a:
ff:22:87:3a:ca:ae:79:05:9e:b4:6f:8c:6c:2a:3d:7e:87:f5:
81:53:e6:ff:fe:85:d2:8a:09:65:73:56:6c:2b:51:25:56:82:
04:21:ef:c8:c3:6c:2a:83:32:3c:06:da:fa:5d:53:34:cb:2a:
90:25:8c:90:21:96:85:29:0c:e8:0b:99:17:3a:07:d1:26:64:
fd:0f:13:89
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUaEXHjaIytP3V7c7BPAAEX+Vzm9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjMxODE4MjlaFw0yNzAzMjIxODIzMjlaMDMxMTAvBgNV
BAMTKDNBQUZEMUQxODZDNTZCNzRGNjRGNThGQTFBOUYwQ0YwMUI4OTM0MTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2mr7H0ZTbULMmksqPNZaRyD1S
5xcTHQ/dFjpUqtqVMSi+BYNM5OVtY64CqhwZ7r+uXo7A8lNf7fJbUjc+wrFs+/ld
pdCJx4sxwKi3P7X6YpAUZ05wWWz3Q9Yszf3gZ/VcA3Fc9U4UjLadACpsbs7Wd4KT
1gUkNBSKBcI5f2/WrnOWSpgjZqnUmeiXqP+aGsmBELwCn1EApABHMTu5ODUqCcKP
1K8qMzCguq+cMQF+ANTf850kHCv9Tqsl0L35xlGNve+KtBxoV5k3UWD3vTg3Gc8I
VVSqwl/5OyS+jZUnfj1RsGxYfR35mqlF3kmjMtyDFHXx0yL36XnLxMrwXSnxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUOq/R0YbFa3T2T1j6Gp8M8BuJNBUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTMzMzIyZTMx
MzEzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEbjANBgkqhkiG9w0BAQsFAAOCAQEAFPLo1CfCnDvVUFymrqu8PlDj8wql
l99jbls+tjEVREJ5v4NGIDoTyi0In3Xhk4So8PNPxDxY1lbQFYoAfWlQY2ZsreOU
vZfjc+2VJErqKo/iH8N6EOTm/i1L6UXkx1+K/E06iuo3Oes+DVZG/OuWrwq9VeGx
3BpnAynaCdjlx1+oYZMfC57XGKIFX9cyGMTBDsCFZZ5s3Of0qDY7cQ+7vEZWpnJq
wNIA0YlKxLOL7EuvvLM6/yKHOsqueQWetG+MbCo9fof1gVPm//6F0ooJZXNWbCtR
JVaCBCHvyMNsKoMyPAba+l1TNMsqkCWMkCGWhSkM6AuZFzoH0SZk/Q8TiQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:10:59 2026 by rpki-client