Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 7JY8KMWSoK5dyXrIl6a3c0XzPVh7J1a3FRyduqDwfmI=
Subject key identifier: F0:D2:50:4A:AD:04:44:02:54:DD:F8:D1:DD:D0:DE:C7:B5:CF:68:EE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7723461CF64D0308F9D2F566FB833DCB274EBE81
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 28 Apr 2026 16:23:55 +0000
ROA not before: Tue 28 Apr 2026 16:18:55 +0000
ROA not after: Tue 27 Apr 2027 16:23:55 +0000
asID: 136787
IP address blocks: 185.197.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:23:46:1c:f6:4d:03:08:f9:d2:f5:66:fb:83:3d:cb:27:4e:be:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 28 16:18:55 2026 GMT
Not After : Apr 27 16:23:55 2027 GMT
Subject: CN=F0D2504AAD04440254DDF8D1DDD0DEC7B5CF68EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:af:fa:3f:32:40:07:df:ca:ca:ca:74:8e:e2:
95:5b:36:2c:e7:2e:8e:3a:e6:a2:be:98:cc:ba:34:
95:58:20:50:f7:27:10:51:c0:46:ec:76:72:15:4b:
ee:5a:83:33:cc:c8:ed:86:f0:ae:f2:e8:6d:d3:ee:
17:ff:bb:c4:b2:e1:ed:eb:4a:87:ff:d8:0f:20:75:
45:6f:04:b6:20:be:0b:37:76:30:89:e4:7e:f1:20:
ca:38:7a:a8:b9:7b:74:99:3c:f3:db:e0:5e:f9:8c:
ba:96:bf:10:9b:ab:34:68:c8:8d:6a:65:5d:55:59:
78:20:b2:02:08:8f:65:a4:c9:c3:e1:78:e5:14:ce:
aa:25:91:c4:e7:a4:7a:f0:e1:a2:f1:06:28:f4:02:
86:c0:ae:fa:54:dc:90:2b:f0:90:62:46:36:c2:65:
93:be:32:fa:35:95:4f:cf:68:18:70:2e:25:f8:0c:
fa:e6:99:7f:e0:ed:20:ec:97:22:59:de:5f:5f:aa:
4c:84:42:29:a6:e1:46:f2:eb:6a:ad:1c:47:88:cc:
48:06:27:18:93:43:aa:3e:eb:d0:69:1f:06:51:d2:
bd:0f:04:c0:63:d8:23:22:cd:b7:36:7e:da:0d:35:
a1:5f:5c:f5:6e:81:3b:ac:f0:a4:01:d2:b7:91:90:
93:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:D2:50:4A:AD:04:44:02:54:DD:F8:D1:DD:D0:DE:C7:B5:CF:68:EE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139372e3234382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.248.0/24
Signature Algorithm: sha256WithRSAEncryption
96:a3:f1:90:d6:74:0c:48:65:6f:94:00:5f:07:1f:d1:99:dd:
fd:81:84:0c:50:34:c6:ff:fa:6c:25:2d:95:1c:df:84:b6:fe:
8c:f6:6b:28:5d:a1:4d:5c:7a:25:26:d0:0f:f5:1a:a9:7d:da:
74:95:57:a9:79:b0:a1:db:8d:e9:7a:24:43:ad:13:35:ed:72:
dd:ab:0e:46:20:b0:94:2e:d0:1e:0d:b8:69:ec:d6:ed:b6:9d:
79:38:b8:e0:db:94:6f:7f:f0:38:34:c9:23:e2:07:24:1b:25:
3e:ce:0e:aa:00:e3:a9:da:c5:2d:23:8f:d5:e3:cb:b6:e9:91:
3e:59:d0:10:f4:15:5c:58:9b:68:cd:0a:df:42:bb:e8:5c:cf:
f0:57:20:8d:ff:c0:14:5a:2f:d9:03:9a:2d:b0:29:f2:2a:b2:
00:d7:9a:af:82:45:2d:92:2c:f4:e3:32:ef:87:50:58:ea:06:
e1:99:36:00:d0:31:ed:8b:8c:71:50:65:90:68:f2:88:4c:84:
9f:b3:42:4b:1f:0a:ac:89:9e:2e:00:df:eb:5f:d1:0d:88:6d:
70:be:93:2c:64:64:95:37:68:28:d5:ee:69:0c:27:a8:dc:1d:
c2:71:d3:6a:ba:7f:51:7d:13:7a:9b:8b:64:cb:f3:59:fa:06:
a7:87:8b:bc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdyNGHPZNAwj50vVm+4M9yydOvoEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjgxNjE4NTVaFw0yNzA0MjcxNjIzNTVaMDMxMTAvBgNV
BAMTKEYwRDI1MDRBQUQwNDQ0MDI1NERERjhEMURERDBERUM3QjVDRjY4RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAr/o/MkAH38rKynSO4pVbNizn
Lo465qK+mMy6NJVYIFD3JxBRwEbsdnIVS+5agzPMyO2G8K7y6G3T7hf/u8Sy4e3r
Sof/2A8gdUVvBLYgvgs3djCJ5H7xIMo4eqi5e3SZPPPb4F75jLqWvxCbqzRoyI1q
ZV1VWXggsgIIj2WkycPheOUUzqolkcTnpHrw4aLxBij0AobArvpU3JAr8JBiRjbC
ZZO+Mvo1lU/PaBhwLiX4DPrmmX/g7SDslyJZ3l9fqkyEQimm4Uby62qtHEeIzEgG
JxiTQ6o+69BpHwZR0r0PBMBj2CMizbc2ftoNNaFfXPVugTus8KQB0reRkJOHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU8NJQSq0ERAJU3fjR3dDex7XPaO4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzcyZTMy
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnF+DANBgkqhkiG9w0BAQsFAAOCAQEAlqPxkNZ0DEhlb5QAXwcf0Znd/YGE
DFA0xv/6bCUtlRzfhLb+jPZrKF2hTVx6JSbQD/UaqX3adJVXqXmwoduN6XokQ60T
Ne1y3asORiCwlC7QHg24aezW7badeTi44NuUb3/wODTJI+IHJBslPs4OqgDjqdrF
LSOP1ePLtumRPlnQEPQVXFibaM0K30K76FzP8Fcgjf/AFFov2QOaLbAp8iqyANea
r4JFLZIs9OMy74dQWOoG4Zk2ANAx7YuMcVBlkGjyiEyEn7NCSx8KrImeLgDf61/R
DYhtcL6TLGRklTdoKNXuaQwnqNwdwnHTarp/UX0TepuLZMvzWfoGp4eLvA==
-----END CERTIFICATE-----
Generated at Wed May 13 09:29:18 2026 by rpki-client