Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa
File: 3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: j0WozP6jRtCNdFyPD3gNomsMvkhgkhVVFEKUjz92vMw=
Subject key identifier: 93:58:DE:06:36:5F:73:1F:CB:E3:C2:3C:C3:05:A6:D9:E4:82:9E:A0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5199E2F1AD114C86EED3D5747CF4B17D8416526E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 23 Mar 2026 18:23:29 +0000
ROA not before: Mon 23 Mar 2026 18:18:29 +0000
ROA not after: Mon 22 Mar 2027 18:23:29 +0000
asID: 136787
IP address blocks: 178.132.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:99:e2:f1:ad:11:4c:86:ee:d3:d5:74:7c:f4:b1:7d:84:16:52:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 23 18:18:29 2026 GMT
Not After : Mar 22 18:23:29 2027 GMT
Subject: CN=9358DE06365F731FCBE3C23CC305A6D9E4829EA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:29:29:9e:dd:5a:2a:20:19:00:63:dc:cf:b3:
ba:fc:9e:65:d5:4f:9a:58:e4:fb:10:e5:d9:8b:4a:
a9:40:fb:a2:e3:25:63:b4:1b:fe:62:bb:31:47:6a:
83:91:e2:2e:03:c1:63:c6:96:39:f2:05:56:d5:40:
82:68:85:13:86:d7:f5:77:e9:33:77:e8:02:b1:db:
61:bc:3e:20:77:78:8c:e2:49:c4:d4:ee:0a:53:ec:
5b:69:23:af:7c:58:09:82:29:2d:47:d2:d0:ca:3e:
a2:8b:60:5e:e7:ee:b9:45:6a:cd:ed:d7:f4:08:7c:
57:52:33:b6:96:cf:96:3d:92:7e:d4:47:1c:45:40:
95:53:a7:0f:52:5a:57:4a:aa:71:e4:3c:bf:98:45:
4f:7d:22:03:e4:bc:a4:54:48:a6:a2:40:22:0f:32:
1d:7e:39:e6:38:86:bd:d8:67:c1:27:fd:f1:86:6e:
49:e3:7e:a9:c9:53:d0:88:df:86:26:aa:e3:90:ec:
fd:44:d3:32:4d:45:e9:96:40:3c:ba:90:6c:32:bc:
14:c8:3a:4b:78:09:c5:36:22:6d:a7:c5:df:c7:5a:
6f:0a:aa:70:14:9e:fa:34:f0:61:d4:3c:ec:ad:bb:
ec:6a:16:51:8b:bb:1a:ad:f2:74:d3:0e:dd:ef:62:
be:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:58:DE:06:36:5F:73:1F:CB:E3:C2:3C:C3:05:A6:D9:E4:82:9E:A0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.111.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:29:92:ff:5a:bf:cc:b0:66:82:fe:13:c6:e3:44:5d:b9:f6:
3d:8b:c2:1b:90:02:06:a1:fd:2c:fd:61:73:0a:01:75:4b:ac:
57:6f:b2:e3:eb:7c:8b:03:1e:9d:5d:1c:43:ad:4d:e0:97:c6:
7c:33:66:18:2e:3c:a8:7b:ef:37:06:b6:08:ec:d5:ea:f9:02:
5f:0e:2c:d4:63:a5:dc:1c:99:c0:c8:ae:6d:9c:12:92:32:5c:
9d:47:79:0d:fd:c8:bb:72:6d:7e:5a:09:71:71:fc:2f:a7:cd:
21:ea:b9:c1:1b:f6:22:48:75:ab:bf:9a:0e:66:2b:40:53:12:
8c:0a:7e:08:31:3f:2e:03:db:61:d1:ea:fa:cf:eb:01:5e:a1:
e0:11:4e:28:2f:c4:06:b9:60:03:36:35:9e:f8:de:2b:29:c6:
33:68:4a:f3:fe:d4:ab:26:48:91:96:2a:ce:b1:b0:d0:8a:64:
ba:09:ca:c4:f7:b3:1f:70:0a:7e:45:31:8d:a3:4f:25:26:b0:
ac:0a:86:12:5c:f7:51:17:48:fd:cb:ca:b8:55:a9:64:52:92:
ab:cc:be:64:69:03:7e:6e:ae:b5:0d:16:c4:dc:02:29:a5:5e:
11:56:3f:19:7e:b1:98:ad:d0:7d:4b:34:b0:85:de:74:48:b2:
06:c9:59:26
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUZni8a0RTIbu09V0fPSxfYQWUm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjMxODE4MjlaFw0yNzAzMjIxODIzMjlaMDMxMTAvBgNV
BAMTKDkzNThERTA2MzY1RjczMUZDQkUzQzIzQ0MzMDVBNkQ5RTQ4MjlFQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpKSme3VoqIBkAY9zPs7r8nmXV
T5pY5PsQ5dmLSqlA+6LjJWO0G/5iuzFHaoOR4i4DwWPGljnyBVbVQIJohROG1/V3
6TN36AKx22G8PiB3eIziScTU7gpT7FtpI698WAmCKS1H0tDKPqKLYF7n7rlFas3t
1/QIfFdSM7aWz5Y9kn7URxxFQJVTpw9SWldKqnHkPL+YRU99IgPkvKRUSKaiQCIP
Mh1+OeY4hr3YZ8En/fGGbknjfqnJU9CI34YmquOQ7P1E0zJNRemWQDy6kGwyvBTI
Okt4CcU2Im2nxd/HWm8KqnAUnvo08GHUPOytu+xqFlGLuxqt8nTTDt3vYr5HAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUk1jeBjZfcx/L48I8wwWm2eSCnqAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTMzMzIyZTMx
MzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEbzANBgkqhkiG9w0BAQsFAAOCAQEATCmS/1q/zLBmgv4TxuNEXbn2PYvC
G5ACBqH9LP1hcwoBdUusV2+y4+t8iwMenV0cQ61N4JfGfDNmGC48qHvvNwa2COzV
6vkCXw4s1GOl3ByZwMiubZwSkjJcnUd5Df3Iu3JtfloJcXH8L6fNIeq5wRv2Ikh1
q7+aDmYrQFMSjAp+CDE/LgPbYdHq+s/rAV6h4BFOKC/EBrlgAzY1nvjeKynGM2hK
8/7UqyZIkZYqzrGw0IpkugnKxPezH3AKfkUxjaNPJSawrAqGElz3URdI/cvKuFWp
ZFKSq8y+ZGkDfm6utQ0WxNwCKaVeEVY/GX6xmK3QfUs0sIXedEiyBslZJg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:01:25 2026 by rpki-client