Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3137372e3131392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: slSbFbZQ+3NgwzmxxWqqLOsuX4wXQrsuPxb+uJIsGxs=
Subject key identifier: 4B:C0:83:CC:58:87:3B:2D:DA:78:B8:8F:8E:DC:EB:A7:F3:74:5C:38
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 174FD82EFA1A8A2F0309FE2BC8303CE3621FE2CF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131392e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:25 +0000
ROA not before: Sun 15 Mar 2026 12:18:25 +0000
ROA not after: Sun 14 Mar 2027 12:23:25 +0000
asID: 136787
IP address blocks: 185.177.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:4f:d8:2e:fa:1a:8a:2f:03:09:fe:2b:c8:30:3c:e3:62:1f:e2:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 15 12:18:25 2026 GMT
Not After : Mar 14 12:23:25 2027 GMT
Subject: CN=4BC083CC58873B2DDA78B88F8EDCEBA7F3745C38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:20:65:50:61:8c:8b:a6:a9:1a:07:cf:07:3d:
08:1f:33:20:73:51:38:ee:00:55:60:61:ed:94:05:
19:e4:ec:02:2a:66:bf:41:60:1b:1c:10:2e:8a:2f:
ed:00:7c:7e:bc:d2:c3:58:3f:67:2d:c0:db:7b:fc:
2a:f9:09:66:1e:3f:d3:3f:59:47:2a:d5:b5:ac:cd:
21:f0:b7:98:8e:3f:fb:02:b6:42:6d:47:43:77:7e:
67:99:58:a3:95:d9:0d:f8:37:d5:16:ee:91:a4:d9:
1e:64:60:1b:ed:0c:d7:6a:77:21:9b:10:b7:83:90:
09:c3:44:da:31:f7:37:d5:4a:f1:ea:5e:bf:f9:98:
73:91:70:72:69:8d:29:64:c8:76:55:1c:82:2e:ef:
96:a4:44:7e:56:93:1b:9d:b7:02:98:34:0c:f8:12:
a6:dc:d4:d5:18:3a:51:c0:fe:65:bd:05:99:30:d0:
92:de:a1:c0:09:f7:54:d4:82:32:53:54:de:29:b8:
25:6b:c0:4c:b6:1f:4a:63:52:1c:11:f2:39:e6:1a:
ba:3f:42:df:90:81:09:b7:36:ba:01:10:8b:c8:f7:
62:02:7d:37:39:34:fa:94:52:8b:93:6a:a3:d3:79:
a2:81:02:2f:7e:76:31:7d:5f:35:2c:1f:dd:61:c0:
6b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C0:83:CC:58:87:3B:2D:DA:78:B8:8F:8E:DC:EB:A7:F3:74:5C:38
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.119.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:c9:36:28:4b:5b:18:cc:7a:23:eb:9b:01:16:a3:1e:5a:37:
50:37:f6:a6:97:cb:e2:6f:fb:cb:b2:dc:88:d3:c3:1c:b5:5f:
b5:0f:0f:af:e1:bf:67:b7:72:7d:a1:76:db:c5:13:48:6f:a3:
6f:ee:1c:7e:64:ef:eb:ad:eb:14:2f:2a:16:46:28:9b:57:84:
f8:63:6b:49:e2:ea:0d:0e:ee:0f:08:c0:81:95:8f:00:2e:52:
17:0c:1e:00:93:72:4b:ce:2f:39:d9:5c:bb:48:4f:8e:42:3b:
d5:e6:4c:da:a9:2d:7e:e3:4b:47:b6:1b:31:e3:ce:fc:5f:9d:
ae:e1:f0:9b:5f:71:1b:bb:34:fd:49:6a:91:80:16:7f:dc:ee:
50:4b:5a:25:4d:6c:e6:1a:65:ed:65:bf:ad:ce:60:9d:ea:4d:
19:c9:47:99:ee:14:07:7d:ee:86:a0:59:c7:13:b8:7a:ab:34:
14:5a:c1:11:a2:b1:da:a6:2b:4b:80:54:5b:e4:c5:fb:48:3d:
ce:c2:79:74:c3:a9:2d:41:3d:bb:57:37:03:8a:d3:fc:1d:bf:
1b:6f:1f:1d:41:97:ca:c7:82:c6:00:fd:2d:cb:59:61:4c:6f:
88:45:fc:48:bc:23:2a:53:85:47:87:de:c7:60:07:d5:bc:2c:
28:b7:34:14
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUF0/YLvoaii8DCf4ryDA842If4s8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTUxMjE4MjVaFw0yNzAzMTQxMjIzMjVaMDMxMTAvBgNV
BAMTKDRCQzA4M0NDNTg4NzNCMkREQTc4Qjg4RjhFRENFQkE3RjM3NDVDMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPIGVQYYyLpqkaB88HPQgfMyBz
UTjuAFVgYe2UBRnk7AIqZr9BYBscEC6KL+0AfH680sNYP2ctwNt7/Cr5CWYeP9M/
WUcq1bWszSHwt5iOP/sCtkJtR0N3fmeZWKOV2Q34N9UW7pGk2R5kYBvtDNdqdyGb
ELeDkAnDRNox9zfVSvHqXr/5mHORcHJpjSlkyHZVHIIu75akRH5WkxudtwKYNAz4
Eqbc1NUYOlHA/mW9BZkw0JLeocAJ91TUgjJTVN4puCVrwEy2H0pjUhwR8jnmGro/
Qt+QgQm3NroBEIvI92ICfTc5NPqUUouTaqPTeaKBAi9+djF9XzUsH91hwGtNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUS8CDzFiHOy3aeLiPjtzrp/N0XDgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM3MzcyZTMx
MzEzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmxdzANBgkqhkiG9w0BAQsFAAOCAQEAm8k2KEtbGMx6I+ubARajHlo3UDf2
ppfL4m/7y7LciNPDHLVftQ8Pr+G/Z7dyfaF228UTSG+jb+4cfmTv663rFC8qFkYo
m1eE+GNrSeLqDQ7uDwjAgZWPAC5SFwweAJNyS84vOdlcu0hPjkI71eZM2qktfuNL
R7YbMePO/F+druHwm19xG7s0/UlqkYAWf9zuUEtaJU1s5hpl7WW/rc5gnepNGclH
me4UB33uhqBZxxO4eqs0FFrBEaKx2qYrS4BUW+TF+0g9zsJ5dMOpLUE9u1c3A4rT
/B2/G28fHUGXyseCxgD9LctZYUxviEX8SLwjKlOFR4fex2AH1bwsKLc0FA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:39:23 2026 by rpki-client