Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230302e33342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3230302e33342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: rjlt8KQHSGV1gJGia852MDUawWjiPbFn8SF/uKrgtQU=
Subject key identifier: F6:69:F0:98:A9:8C:C5:48:99:01:9A:38:27:B5:5A:79:0A:20:DB:19
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1089BE916836B45921D84F604860FECB2F92414F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230302e33342e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:27 +0000
ROA not before: Sun 15 Mar 2026 12:18:27 +0000
ROA not after: Sun 14 Mar 2027 12:23:27 +0000
asID: 136787
IP address blocks: 185.200.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:89:be:91:68:36:b4:59:21:d8:4f:60:48:60:fe:cb:2f:92:41:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 15 12:18:27 2026 GMT
Not After : Mar 14 12:23:27 2027 GMT
Subject: CN=F669F098A98CC54899019A3827B55A790A20DB19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:98:a1:a4:df:00:34:3d:d7:93:b7:03:99:d1:
06:08:8d:db:32:da:9a:65:bf:60:2c:5f:e0:57:c1:
44:d1:9a:e7:28:b1:a9:79:34:41:0a:a2:50:3e:6d:
30:25:c1:48:59:44:a0:78:e1:6f:c9:6d:b7:a0:05:
83:11:91:e4:22:34:36:b9:e5:13:b9:74:f7:78:7b:
d4:ee:c8:f9:49:2e:b5:e4:16:9a:c3:c3:77:0e:b4:
ff:95:f5:f2:de:1a:2d:5b:50:c9:56:46:5e:78:7a:
db:26:e7:b2:7e:50:af:55:07:d8:03:32:07:da:ab:
cf:d7:dd:ea:44:6f:1e:00:09:14:e5:df:4c:0d:be:
f1:cf:89:1e:59:20:77:c8:f4:4e:9f:eb:2b:5f:1e:
34:c2:f5:e5:73:59:6e:aa:3e:b8:0a:c8:ac:c8:39:
75:86:61:2f:64:33:38:ea:a5:70:f0:0d:dc:d3:f8:
17:a6:69:68:b1:38:c9:35:71:cf:84:0d:76:a8:11:
db:3f:f2:18:37:dd:69:8f:11:c2:cd:bb:af:60:fe:
7d:8e:89:4b:65:39:8f:4b:32:b4:0d:96:18:81:3d:
23:58:42:50:7a:22:c6:8f:98:2e:0c:44:ee:ac:40:
1c:f2:d8:eb:24:c0:f4:a0:90:a0:de:04:44:fb:18:
2a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:69:F0:98:A9:8C:C5:48:99:01:9A:38:27:B5:5A:79:0A:20:DB:19
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230302e33342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.34.0/24
Signature Algorithm: sha256WithRSAEncryption
06:8d:a1:6a:ff:f7:1e:9e:39:ba:8a:e9:0a:6e:08:aa:d3:45:
fd:df:5e:30:3a:f3:3a:f2:7a:22:e4:59:e1:97:9b:fa:ee:6f:
e1:e1:ae:57:12:12:9b:13:e0:d8:79:5c:0c:9f:10:04:52:90:
e8:e5:55:c6:2c:9e:77:84:da:c8:a4:57:24:16:85:b2:3e:a9:
b2:83:3e:5b:a0:e7:aa:98:31:a2:83:4e:79:5c:1a:b7:7d:13:
66:bd:b6:58:5c:35:6d:9f:04:5d:2b:11:81:47:40:94:03:83:
84:81:d3:cb:40:0b:54:91:f3:63:46:00:c0:e4:5a:34:0f:d5:
87:1b:21:3a:41:7c:80:6c:f1:14:ba:c6:a2:ab:e7:30:3a:c2:
eb:3f:74:3c:cb:b6:e9:cb:ff:0c:0e:34:33:06:4d:64:53:c1:
cc:61:9c:ac:95:6e:96:f6:41:e3:1d:c7:78:5b:81:66:87:7b:
25:4b:3c:11:c1:d6:2e:39:b8:06:eb:af:5c:9f:c6:92:1c:ce:
d5:3a:1b:5c:90:e9:92:00:1e:a6:ff:27:91:33:4a:4d:5b:c5:
7f:e8:a3:ac:35:61:16:db:49:f3:fc:34:12:1b:5b:65:15:1f:
4a:89:c6:60:9a:82:02:50:8e:c7:8c:86:a5:1f:7c:ae:63:61:
b6:08:13:0b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEIm+kWg2tFkh2E9gSGD+yy+SQU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTUxMjE4MjdaFw0yNzAzMTQxMjIzMjdaMDMxMTAvBgNV
BAMTKEY2NjlGMDk4QTk4Q0M1NDg5OTAxOUEzODI3QjU1QTc5MEEyMERCMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkmKGk3wA0PdeTtwOZ0QYIjdsy
2pplv2AsX+BXwUTRmucosal5NEEKolA+bTAlwUhZRKB44W/JbbegBYMRkeQiNDa5
5RO5dPd4e9TuyPlJLrXkFprDw3cOtP+V9fLeGi1bUMlWRl54etsm57J+UK9VB9gD
Mgfaq8/X3epEbx4ACRTl30wNvvHPiR5ZIHfI9E6f6ytfHjTC9eVzWW6qPrgKyKzI
OXWGYS9kMzjqpXDwDdzT+BemaWixOMk1cc+EDXaoEds/8hg33WmPEcLNu69g/n2O
iUtlOY9LMrQNlhiBPSNYQlB6IsaPmC4MRO6sQBzy2OskwPSgkKDeBET7GCpzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9mnwmKmMxUiZAZo4J7VaeQog2xkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzAyZTMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5yCIwDQYJKoZIhvcNAQELBQADggEBAAaNoWr/9x6eObqK6QpuCKrTRf3fXjA6
8zryeiLkWeGXm/rub+HhrlcSEpsT4Nh5XAyfEARSkOjlVcYsnneE2sikVyQWhbI+
qbKDPlug56qYMaKDTnlcGrd9E2a9tlhcNW2fBF0rEYFHQJQDg4SB08tAC1SR82NG
AMDkWjQP1YcbITpBfIBs8RS6xqKr5zA6wus/dDzLtunL/wwONDMGTWRTwcxhnKyV
bpb2QeMdx3hbgWaHeyVLPBHB1i45uAbrr1yfxpIcztU6G1yQ6ZIAHqb/J5EzSk1b
xX/oo6w1YRbbSfP8NBIbW2UVH0qJxmCaggJQjseMhqUffK5jYbYIEws=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:19:47 2026 by rpki-client