Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136342e35342e302f32342d3234203d3e20323134393134.roa
File: 3138352e3136342e35342e302f32342d3234203d3e20323134393134.roa (raw, json)
Hash identifier: RSMEC5Wsm3FaiJPOzj6XYFHrHyCYE6IU69gHJEKKtsE=
Subject key identifier: AA:75:23:6C:34:3A:74:B1:1F:66:2A:08:4C:5E:D3:FD:FA:23:90:C2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1097611072C48CF58D892A677707943702CD5116
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136342e35342e302f32342d3234203d3e20323134393134.roa
Signing time: Tue 21 Apr 2026 07:23:49 +0000
ROA not before: Tue 21 Apr 2026 07:18:49 +0000
ROA not after: Tue 20 Apr 2027 07:23:49 +0000
asID: 214914
IP address blocks: 185.164.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:97:61:10:72:c4:8c:f5:8d:89:2a:67:77:07:94:37:02:cd:51:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 21 07:18:49 2026 GMT
Not After : Apr 20 07:23:49 2027 GMT
Subject: CN=AA75236C343A74B11F662A084C5ED3FDFA2390C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:98:de:5f:06:ee:ae:65:22:81:d8:59:d7:97:
21:b3:9a:01:21:54:71:fc:51:49:b6:d7:0a:8e:40:
dc:1e:10:d2:3d:60:1d:10:d7:cc:3f:19:a1:b7:0c:
b4:db:df:87:43:19:36:e3:cb:29:25:fd:29:f2:af:
90:79:b9:88:10:0d:8e:55:d3:3b:1d:10:44:bb:3c:
97:e0:e6:62:92:a5:ee:d8:cc:e4:de:d3:3f:72:cc:
87:e6:78:f8:9a:f5:94:f1:15:7b:fb:06:0e:66:7a:
df:0d:53:78:d7:f8:e7:5d:44:32:34:da:e4:cd:db:
94:75:d3:b8:4a:aa:b9:88:f6:f6:ca:ed:45:f6:df:
e8:89:7f:c7:1a:d6:8f:ff:dd:43:27:6b:94:b8:3c:
cb:48:00:14:84:8c:57:95:5f:5d:94:ed:27:17:2c:
c3:70:08:d5:ee:27:4a:0d:64:ac:bf:27:48:9d:9b:
fb:c0:85:02:3b:47:19:59:9c:3a:7c:31:3d:f8:df:
10:23:9d:91:ab:ea:5d:13:c0:78:a6:c7:84:4f:b9:
bc:a6:db:ee:a3:03:15:08:84:1f:dd:bb:19:7f:ef:
f5:82:ae:03:79:ba:ee:3d:4d:58:b5:4a:5c:ef:90:
c5:d5:10:5d:03:59:92:87:0a:9f:31:63:09:40:e1:
a5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:75:23:6C:34:3A:74:B1:1F:66:2A:08:4C:5E:D3:FD:FA:23:90:C2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136342e35342e302f32342d3234203d3e20323134393134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.54.0/24
Signature Algorithm: sha256WithRSAEncryption
89:0b:f0:cb:50:13:eb:8d:a1:fe:a6:a6:4e:ed:d4:91:50:af:
32:d3:fd:9f:85:b8:0d:4a:e8:1e:42:ca:3e:52:ae:f6:90:29:
06:fc:91:28:9c:64:bb:b5:f9:de:e4:a9:80:32:a3:87:0f:da:
c8:47:1c:78:38:3f:0a:8b:69:2c:6e:26:30:d5:f7:f9:0d:10:
79:dc:89:8e:bb:d9:20:8f:90:b6:fe:68:52:5a:0b:1d:0d:43:
96:e0:a2:6e:89:be:ba:86:f8:31:42:41:10:4d:75:0c:5c:fe:
63:95:4b:c2:cb:79:67:e3:6e:fd:83:0b:70:74:de:1a:8e:53:
87:ce:c4:fd:cd:4d:d8:69:c9:80:d1:aa:8c:ef:3b:cb:e9:8c:
d2:97:8b:e9:ff:7f:8f:20:ae:56:21:b8:d3:aa:21:07:1e:7c:
38:68:14:f6:f7:2a:b9:ee:64:24:34:0a:6f:c7:e1:48:40:a4:
15:51:f1:07:c4:44:fa:ce:16:89:8b:8a:0a:ba:35:82:df:a6:
ef:33:57:00:5f:26:55:5c:6b:96:62:13:ae:f6:5e:81:e6:32:
e0:aa:47:52:5b:77:cd:ca:fc:f7:fd:96:d2:98:6d:76:2b:b5:
6f:37:ab:ee:02:0c:69:a8:81:ae:f3:66:a7:da:39:1e:62:c5:
d2:4f:98:b8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEJdhEHLEjPWNiSpndweUNwLNURYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjEwNzE4NDlaFw0yNzA0MjAwNzIzNDlaMDMxMTAvBgNV
BAMTKEFBNzUyMzZDMzQzQTc0QjExRjY2MkEwODRDNUVEM0ZERkEyMzkwQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqmN5fBu6uZSKB2FnXlyGzmgEh
VHH8UUm21wqOQNweENI9YB0Q18w/GaG3DLTb34dDGTbjyykl/Snyr5B5uYgQDY5V
0zsdEES7PJfg5mKSpe7YzOTe0z9yzIfmePia9ZTxFXv7Bg5met8NU3jX+OddRDI0
2uTN25R107hKqrmI9vbK7UX23+iJf8ca1o//3UMna5S4PMtIABSEjFeVX12U7ScX
LMNwCNXuJ0oNZKy/J0idm/vAhQI7RxlZnDp8MT343xAjnZGr6l0TwHimx4RPubym
2+6jAxUIhB/duxl/7/WCrgN5uu49TVi1SlzvkMXVEF0DWZKHCp8xYwlA4aVRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqnUjbDQ6dLEfZioITF7T/fojkMIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM2MzQyZTM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzOTMxMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5pDYwDQYJKoZIhvcNAQELBQADggEBAIkL8MtQE+uNof6mpk7t1JFQrzLT/Z+F
uA1K6B5Cyj5SrvaQKQb8kSicZLu1+d7kqYAyo4cP2shHHHg4PwqLaSxuJjDV9/kN
EHnciY672SCPkLb+aFJaCx0NQ5bgom6JvrqG+DFCQRBNdQxc/mOVS8LLeWfjbv2D
C3B03hqOU4fOxP3NTdhpyYDRqozvO8vpjNKXi+n/f48grlYhuNOqIQcefDhoFPb3
KrnuZCQ0Cm/H4UhApBVR8QfERPrOFomLigq6NYLfpu8zVwBfJlVca5ZiE672XoHm
MuCqR1Jbd83K/Pf9ltKYbXYrtW83q+4CDGmoga7zZqfaOR5ixdJPmLg=
-----END CERTIFICATE-----
Generated at Wed May 13 05:11:33 2026 by rpki-client