Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234352e3138312e302f32342d3234203d3e20323034313730.roa
File: 3138352e3234352e3138312e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: XLhjYZOZude7wvyUUiM5NV79heTXFf58G7DXXls/2bg=
Subject key identifier: 41:A7:99:AF:6A:86:B0:F8:AA:22:EE:DB:FA:2E:10:81:C6:BB:42:8A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3C122B78A989D5C5EE2DFE8721CA6ED3E39B19DD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234352e3138312e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 28 Apr 2026 23:23:55 +0000
ROA not before: Tue 28 Apr 2026 23:18:55 +0000
ROA not after: Tue 27 Apr 2027 23:23:55 +0000
asID: 204170
IP address blocks: 185.245.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:12:2b:78:a9:89:d5:c5:ee:2d:fe:87:21:ca:6e:d3:e3:9b:19:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 28 23:18:55 2026 GMT
Not After : Apr 27 23:23:55 2027 GMT
Subject: CN=41A799AF6A86B0F8AA22EEDBFA2E1081C6BB428A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:99:2c:b9:f0:28:05:76:c2:fa:e5:95:86:8d:
31:39:d2:3b:02:99:0f:12:a8:8f:c3:4d:37:9e:c0:
fd:b8:40:2c:62:c9:3d:91:ec:f6:34:31:fa:c1:9c:
64:52:4a:e9:a0:10:84:b8:eb:93:6c:b9:45:1c:6e:
85:34:42:d7:39:1f:10:b2:dd:c6:50:83:5e:0f:f6:
3a:4e:f9:b5:c8:22:57:d8:08:5d:68:f8:b8:73:2d:
bf:79:8f:9b:73:55:1f:60:17:54:f0:ae:60:ee:74:
74:ac:6d:1f:27:cc:a3:f7:a6:a3:3d:38:87:67:83:
26:bd:ed:14:01:69:05:c5:91:b0:ab:a3:a5:5c:03:
e3:c5:47:18:db:51:17:73:e5:53:a1:4c:40:fd:a4:
51:b9:28:35:6b:16:60:ef:b1:32:2d:92:37:6d:c3:
c6:69:99:45:0c:09:5f:b3:1c:90:61:38:91:92:73:
8c:19:64:a2:f1:79:ba:b8:0f:a7:11:e8:fe:e9:77:
c5:f6:ae:b2:b1:9f:da:3a:f9:3a:e4:f4:e0:77:c0:
40:80:c3:35:c4:32:07:dd:a5:4d:de:b3:c1:22:63:
5e:5e:d8:39:66:42:22:46:06:b0:f0:71:bb:f5:02:
90:8d:2d:d1:c8:f6:48:ba:02:a0:32:55:f4:86:56:
30:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A7:99:AF:6A:86:B0:F8:AA:22:EE:DB:FA:2E:10:81:C6:BB:42:8A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234352e3138312e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.181.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:50:43:b5:76:95:d9:46:b3:df:f8:a6:d9:c9:2a:92:31:6e:
cd:cf:e5:78:53:d9:d1:fa:52:bf:5b:38:92:f4:7b:b1:a2:14:
16:bf:a6:ca:ea:35:52:5b:1d:53:15:e6:e2:19:b2:a8:16:11:
4f:f1:a6:bb:37:ca:a8:11:9f:60:09:fe:02:a5:33:80:4d:4e:
7f:51:8f:d7:57:2d:19:34:7f:09:b3:3d:6d:ed:42:4b:f8:d0:
11:3b:0d:b0:e4:d1:05:3f:ca:11:9c:58:c0:5f:02:2b:c0:10:
09:0c:fb:1a:98:fa:df:99:f1:f7:25:d0:ec:cf:63:3f:09:f8:
22:48:7f:7d:c9:cf:57:66:9a:34:04:59:7f:3d:cb:7a:cb:9a:
46:e1:da:b6:0f:b1:0c:68:cc:c7:22:f1:4d:81:04:4a:bc:f3:
fd:bc:e6:09:e5:52:12:99:c6:3f:25:30:ea:36:cc:40:c1:cf:
0d:b6:e5:82:dc:a3:ba:09:ff:dd:06:aa:80:0e:75:0b:17:f7:
57:35:fc:2b:52:07:fd:8a:db:0c:d8:d3:2f:c0:79:01:8b:c2:
db:15:09:22:6e:d0:2a:c3:76:5a:3e:7a:5c:0c:09:b3:9a:68:
8f:b9:1f:20:18:a6:c0:e8:b8:48:0c:41:83:38:e0:6a:a9:19:
74:3a:7e:c4
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPBIreKmJ1cXuLf6HIcpu0+ObGd0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjgyMzE4NTVaFw0yNzA0MjcyMzIzNTVaMDMxMTAvBgNV
BAMTKDQxQTc5OUFGNkE4NkIwRjhBQTIyRUVEQkZBMkUxMDgxQzZCQjQyOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8mSy58CgFdsL65ZWGjTE50jsC
mQ8SqI/DTTeewP24QCxiyT2R7PY0MfrBnGRSSumgEIS465NsuUUcboU0Qtc5HxCy
3cZQg14P9jpO+bXIIlfYCF1o+LhzLb95j5tzVR9gF1TwrmDudHSsbR8nzKP3pqM9
OIdngya97RQBaQXFkbCro6VcA+PFRxjbURdz5VOhTED9pFG5KDVrFmDvsTItkjdt
w8ZpmUUMCV+zHJBhOJGSc4wZZKLxebq4D6cR6P7pd8X2rrKxn9o6+Trk9OB3wECA
wzXEMgfdpU3es8EiY15e2DlmQiJGBrDwcbv1ApCNLdHI9ki6AqAyVfSGVjBLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQaeZr2qGsPiqIu7b+i4Qgca7QoowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzUyZTMx
MzgzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALn1tTANBgkqhkiG9w0BAQsFAAOCAQEAHFBDtXaV2Uaz3/im2ckqkjFuzc/l
eFPZ0fpSv1s4kvR7saIUFr+myuo1UlsdUxXm4hmyqBYRT/GmuzfKqBGfYAn+AqUz
gE1Of1GP11ctGTR/CbM9be1CS/jQETsNsOTRBT/KEZxYwF8CK8AQCQz7Gpj635nx
9yXQ7M9jPwn4Ikh/fcnPV2aaNARZfz3LesuaRuHatg+xDGjMxyLxTYEESrzz/bzm
CeVSEpnGPyUw6jbMQMHPDbblgtyjugn/3QaqgA51Cxf3VzX8K1IH/YrbDNjTL8B5
AYvC2xUJIm7QKsN2Wj56XAwJs5poj7kfIBimwOi4SAxBgzjgaqkZdDp+xA==
-----END CERTIFICATE-----
Generated at Wed May 13 06:46:35 2026 by rpki-client