Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230352e3234352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3230352e3234352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: fX/PBm2AbyXjG5jbmM0tyJcwKhW54Msb80ouMucvgiQ=
Subject key identifier: A9:3F:03:6D:B8:E5:B5:F3:D9:EC:1F:96:54:97:AE:28:79:8B:44:8C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 27D04AB60F4072EE11E6CE7133C1AC0F9C78F321
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230352e3234352e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Mar 2026 12:23:26 +0000
ROA not before: Sun 15 Mar 2026 12:18:26 +0000
ROA not after: Sun 14 Mar 2027 12:23:26 +0000
asID: 136787
IP address blocks: 185.205.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:d0:4a:b6:0f:40:72:ee:11:e6:ce:71:33:c1:ac:0f:9c:78:f3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 15 12:18:26 2026 GMT
Not After : Mar 14 12:23:26 2027 GMT
Subject: CN=A93F036DB8E5B5F3D9EC1F965497AE28798B448C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c4:ff:14:c1:82:12:8c:e6:ed:1a:d5:13:19:
40:22:d8:5e:02:b8:ab:f4:f5:9a:4f:ac:10:27:7e:
db:4c:d8:23:16:37:aa:f8:12:39:57:07:98:a8:fb:
dc:42:62:1b:84:b0:52:de:4c:52:21:ee:58:b6:ec:
9c:50:77:0b:84:f6:a8:5a:97:d9:4a:6b:3a:59:40:
ed:29:24:9b:8f:d2:47:08:d5:0d:9a:1f:9c:c0:2f:
2e:cd:2e:fe:ba:d2:39:a3:ca:2b:24:6d:21:de:58:
a8:4f:cb:b3:c3:35:12:9e:d9:88:50:59:7b:32:68:
32:83:12:d1:e8:7a:91:be:78:ed:82:06:7c:77:cf:
4e:09:3f:42:9d:e6:5a:65:b6:62:f9:b7:d2:79:c7:
17:51:54:12:3c:44:61:00:8f:49:94:7e:a1:99:9a:
e6:c0:70:63:af:a8:d1:bc:2b:9a:74:4e:b5:38:2e:
83:47:38:64:0b:6b:0c:60:f2:4b:7b:8e:12:8f:68:
ad:cf:65:7c:2c:0f:03:83:65:a2:13:42:3d:8c:2e:
67:d9:36:6a:c0:4f:2a:fe:e9:2c:1a:16:35:f9:f0:
58:90:29:f0:52:10:9d:80:dd:f5:18:3a:a0:e3:7a:
db:fd:cc:9f:c8:18:78:c7:0a:39:ee:5d:63:17:b0:
50:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3F:03:6D:B8:E5:B5:F3:D9:EC:1F:96:54:97:AE:28:79:8B:44:8C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230352e3234352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.245.0/24
Signature Algorithm: sha256WithRSAEncryption
06:7f:ca:c8:cd:0f:f3:b6:db:40:cd:a2:2a:38:61:e6:3c:89:
53:70:5a:00:7e:29:fc:3c:d8:40:34:02:0d:23:13:ec:06:42:
5e:57:50:59:cb:be:dd:30:12:b7:65:fb:a0:d2:33:70:b5:8f:
a8:40:6c:05:bb:9e:c4:ca:3a:e7:47:62:b5:6b:99:2d:86:dc:
1a:ad:63:95:56:34:bf:10:4a:7c:7f:c6:b1:b3:e3:ac:b9:4e:
e9:06:ab:0c:a3:b1:db:73:1d:96:72:6b:9a:66:b1:d7:98:87:
f1:c9:5d:e2:af:3f:0e:2f:0d:15:f1:ff:28:06:74:9b:e4:27:
17:12:7b:69:12:d7:aa:92:40:cb:89:c7:e1:14:68:e5:8a:a8:
db:34:e5:5c:22:17:ed:a6:e1:bb:e9:20:d7:45:8a:d2:49:3c:
70:69:11:02:c9:7f:02:b6:b9:bb:22:6a:ef:57:3a:4f:19:6c:
6a:23:6e:c2:75:97:5d:69:29:3d:54:41:75:ab:61:fb:ea:e5:
8f:8b:92:1e:a1:ca:dc:b3:25:38:c9:5c:47:81:46:e0:68:be:
75:53:d8:3c:5e:4a:7a:73:c2:84:45:15:7c:32:72:bd:ba:16:
04:98:a3:df:ff:6a:02:88:dd:be:d5:38:af:4f:16:1c:ed:21:
ce:e0:9f:47
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJ9BKtg9Acu4R5s5xM8GsD5x48yEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMTUxMjE4MjZaFw0yNzAzMTQxMjIzMjZaMDMxMTAvBgNV
BAMTKEE5M0YwMzZEQjhFNUI1RjNEOUVDMUY5NjU0OTdBRTI4Nzk4QjQ0OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/xP8UwYISjObtGtUTGUAi2F4C
uKv09ZpPrBAnfttM2CMWN6r4EjlXB5io+9xCYhuEsFLeTFIh7li27JxQdwuE9qha
l9lKazpZQO0pJJuP0kcI1Q2aH5zALy7NLv660jmjyiskbSHeWKhPy7PDNRKe2YhQ
WXsyaDKDEtHoepG+eO2CBnx3z04JP0Kd5lpltmL5t9J5xxdRVBI8RGEAj0mUfqGZ
mubAcGOvqNG8K5p0TrU4LoNHOGQLawxg8kt7jhKPaK3PZXwsDwODZaITQj2MLmfZ
NmrATyr+6SwaFjX58FiQKfBSEJ2A3fUYOqDjetv9zJ/IGHjHCjnuXWMXsFAvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUqT8DbbjltfPZ7B+WVJeuKHmLRIwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzUyZTMy
MzQzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnN9TANBgkqhkiG9w0BAQsFAAOCAQEABn/KyM0P87bbQM2iKjhh5jyJU3Ba
AH4p/DzYQDQCDSMT7AZCXldQWcu+3TASt2X7oNIzcLWPqEBsBbuexMo650ditWuZ
LYbcGq1jlVY0vxBKfH/GsbPjrLlO6QarDKOx23MdlnJrmmax15iH8cld4q8/Di8N
FfH/KAZ0m+QnFxJ7aRLXqpJAy4nH4RRo5Yqo2zTlXCIX7abhu+kg10WK0kk8cGkR
Asl/Ara5uyJq71c6TxlsaiNuwnWXXWkpPVRBdath++rlj4uSHqHK3LMlOMlcR4FG
4Gi+dVPYPF5KenPChEUVfDJyvboWBJij3/9qAojdvtU4r08WHO0hzuCfRw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:11:21 2026 by rpki-client