Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa
File: 3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: vOroyViqMwBHcsXx7PjFwOfSeNKvIERIRerGnhmrXGM=
Subject key identifier: DF:DB:BD:45:F7:F2:E3:7E:74:AA:4C:E4:5C:F2:87:BE:D8:1E:32:A0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 79240C7EB83B843B7C4F1973564A892E2FA5388E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa
Signing time: Wed 25 Mar 2026 14:23:32 +0000
ROA not before: Wed 25 Mar 2026 14:18:32 +0000
ROA not after: Wed 24 Mar 2027 14:23:32 +0000
asID: 51167
IP address blocks: 185.203.216.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:24:0c:7e:b8:3b:84:3b:7c:4f:19:73:56:4a:89:2e:2f:a5:38:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 14:18:32 2026 GMT
Not After : Mar 24 14:23:32 2027 GMT
Subject: CN=DFDBBD45F7F2E37E74AA4CE45CF287BED81E32A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:40:99:05:9e:55:52:f2:ad:66:2c:66:df:8c:
5d:04:f7:bd:06:e1:ef:d4:e3:7a:a4:5f:4d:89:0e:
94:c5:54:60:6c:5a:de:f1:76:73:9e:94:fe:e4:0c:
1f:34:44:2e:79:66:3f:46:20:e8:da:ee:a4:4e:86:
17:ad:61:28:64:13:1c:76:32:e6:e2:da:6d:7c:21:
e4:c0:97:18:89:ea:29:30:f9:46:e8:e4:7b:0e:1b:
e2:84:f0:a6:a1:74:14:93:8a:f5:70:15:f1:e2:36:
25:ad:17:7e:f3:39:2a:06:2e:f2:6f:90:6b:4b:0f:
54:1a:c3:5e:67:d9:1b:76:5d:53:ff:41:d4:b3:e1:
4a:9c:00:8d:29:9b:45:a5:33:4e:3e:da:40:a7:39:
74:74:94:eb:5b:32:87:9b:25:6f:ef:a1:1c:ee:7d:
be:9f:da:7c:2c:35:f2:2f:d2:ac:62:9b:03:c4:1b:
51:64:be:b6:2c:c6:15:52:e9:18:9c:aa:15:39:4c:
79:7b:ac:31:27:2d:15:3a:cf:56:53:fc:e4:67:9f:
fa:db:05:01:b8:aa:2d:0d:03:9f:03:e4:46:dc:1e:
2b:71:6a:02:b5:d1:83:9b:5f:16:94:d9:2c:cd:2c:
da:63:28:bc:fe:19:1c:1f:01:56:2d:27:d6:e3:c6:
0a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DB:BD:45:F7:F2:E3:7E:74:AA:4C:E4:5C:F2:87:BE:D8:1E:32:A0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.216.0/23
Signature Algorithm: sha256WithRSAEncryption
59:13:47:ec:43:bf:f3:82:74:1b:af:87:3a:98:06:fe:33:54:
99:c7:9c:d4:9c:df:3f:46:91:d6:51:22:f0:d9:7a:6b:ce:92:
0e:47:0f:94:ca:64:1f:e7:f2:e2:86:3e:39:19:8b:fd:93:7b:
ce:7b:6f:d9:4e:b7:33:26:b0:68:ef:22:d9:c3:42:a9:3e:5d:
e5:50:c3:7b:ae:31:bc:42:89:7d:f0:77:a2:bc:f3:bb:98:24:
d3:c2:35:a4:eb:7a:a2:8a:5d:52:9a:b3:16:0d:b8:6e:54:d9:
ae:e2:a4:be:23:fc:d0:9e:1f:3d:25:64:84:9e:fb:7e:af:f3:
da:08:56:b9:01:ac:e5:f3:0d:cc:5e:ad:c6:6b:7b:30:f3:c4:
ff:cf:3f:b1:83:83:fc:43:54:67:20:27:67:94:89:38:c9:9e:
b3:ab:f2:48:d8:01:ab:13:b5:4b:81:47:f7:f1:07:3d:42:8f:
b7:ba:c5:b2:a8:4a:5d:88:25:76:e4:a2:8b:ca:bb:1f:07:16:
21:b1:9d:3a:84:b7:8a:86:b5:da:2b:12:24:f8:76:86:b6:7b:
7b:d9:83:30:f0:16:38:84:c3:d9:2f:b4:45:6e:cf:b6:d0:4c:
1d:29:f2:43:3c:d9:46:33:c4:ff:eb:85:23:29:92:4f:4b:ec:
a1:d2:26:e6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeSQMfrg7hDt8TxlzVkqJLi+lOI4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUxNDE4MzJaFw0yNzAzMjQxNDIzMzJaMDMxMTAvBgNV
BAMTKERGREJCRDQ1RjdGMkUzN0U3NEFBNENFNDVDRjI4N0JFRDgxRTMyQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+QJkFnlVS8q1mLGbfjF0E970G
4e/U43qkX02JDpTFVGBsWt7xdnOelP7kDB80RC55Zj9GIOja7qROhhetYShkExx2
Mubi2m18IeTAlxiJ6ikw+Ubo5HsOG+KE8KahdBSTivVwFfHiNiWtF37zOSoGLvJv
kGtLD1Qaw15n2Rt2XVP/QdSz4UqcAI0pm0WlM04+2kCnOXR0lOtbMoebJW/voRzu
fb6f2nwsNfIv0qximwPEG1FkvrYsxhVS6RicqhU5THl7rDEnLRU6z1ZT/ORnn/rb
BQG4qi0NA58D5EbcHitxagK10YObXxaU2SzNLNpjKLz+GRwfAVYtJ9bjxgo1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU39u9Rffy4350qkzkXPKHvtgeMqAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzMyZTMy
MzEzNjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5y9gwDQYJKoZIhvcNAQELBQADggEBAFkTR+xDv/OCdBuvhzqYBv4zVJnHnNSc
3z9GkdZRIvDZemvOkg5HD5TKZB/n8uKGPjkZi/2Te857b9lOtzMmsGjvItnDQqk+
XeVQw3uuMbxCiX3wd6K887uYJNPCNaTreqKKXVKasxYNuG5U2a7ipL4j/NCeHz0l
ZISe+36v89oIVrkBrOXzDcxercZrezDzxP/PP7GDg/xDVGcgJ2eUiTjJnrOr8kjY
AasTtUuBR/fxBz1Cj7e6xbKoSl2IJXbkoovKux8HFiGxnTqEt4qGtdorEiT4doa2
e3vZgzDwFjiEw9kvtEVuz7bQTB0p8kM82UYzxP/rhSMpkk9L7KHSJuY=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:15:56 2026 by rpki-client