Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32322d3232203d3e20323034313730.roa
File: 38322e3134392e37322e302f32322d3232203d3e20323034313730.roa (raw, json)
Hash identifier: 1Gac91/kvvGDrh6WAlJ28sioChtkHlj3RM0slPj/6ww=
Subject key identifier: D9:FF:0E:F2:B5:EB:57:BC:06:F8:39:74:A6:76:EE:F1:0B:6C:3C:F8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7A21A82730CD01EDF3EAC7D25197060757E70882
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32322d3232203d3e20323034313730.roa
Signing time: Tue 12 May 2026 10:24:08 +0000
ROA not before: Tue 12 May 2026 10:19:08 +0000
ROA not after: Tue 11 May 2027 10:24:08 +0000
asID: 204170
IP address blocks: 82.149.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:21:a8:27:30:cd:01:ed:f3:ea:c7:d2:51:97:06:07:57:e7:08:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 12 10:19:08 2026 GMT
Not After : May 11 10:24:08 2027 GMT
Subject: CN=D9FF0EF2B5EB57BC06F83974A676EEF10B6C3CF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e3:8f:2f:ad:0f:b4:ce:c3:99:e0:42:11:e0:
44:cf:a9:11:f2:5d:84:01:3c:99:1e:a6:f4:2e:d0:
a9:fa:8f:02:24:95:c3:c7:91:92:ef:a9:8b:94:82:
fd:7a:53:d9:e1:fe:60:ac:29:33:76:17:d6:82:53:
69:6c:9f:de:7f:6f:17:d2:dc:f0:18:2e:b1:12:28:
b9:bc:19:cf:93:e1:3e:e6:9e:91:7e:37:0d:70:8d:
7a:f8:28:76:1b:6b:ef:2d:35:47:5a:9c:3d:8e:57:
fe:86:c4:35:47:52:41:79:5d:7f:ad:5c:6e:f9:a2:
bd:0f:4d:4f:22:d3:6a:0a:18:ae:bd:5f:5a:a0:76:
9b:ee:11:52:05:eb:71:9f:34:34:83:85:d9:31:f5:
3c:d6:56:5f:16:d8:01:b7:b6:4f:ef:6e:8c:a4:d5:
cd:98:3e:24:db:88:63:02:de:59:02:4e:88:bf:d1:
0c:f2:ef:81:ae:76:0c:16:26:cf:b2:2f:a0:cd:5f:
1d:ec:b4:eb:71:24:8f:7e:f2:5e:20:e3:d6:a8:8f:
ea:c3:97:2d:d7:e3:13:d0:b1:14:05:4f:72:1a:17:
44:ec:76:c2:08:23:7b:bb:8a:37:46:ef:c1:d7:5b:
16:ed:aa:4b:f7:fa:e8:af:e1:60:dd:9a:bb:dd:5f:
6a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FF:0E:F2:B5:EB:57:BC:06:F8:39:74:A6:76:EE:F1:0B:6C:3C:F8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32322d3232203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.72.0/22
Signature Algorithm: sha256WithRSAEncryption
30:92:51:6f:fa:42:35:94:75:15:57:93:39:ee:0b:96:e7:6d:
e5:a7:5a:71:fc:25:cc:08:5f:ec:4d:e3:ef:4d:d0:13:65:7a:
14:19:35:d2:b9:17:f4:65:6a:be:2c:c5:59:c7:17:1b:7e:29:
a3:8e:0d:2c:4d:2b:b8:20:02:62:e7:55:95:c0:32:30:02:88:
76:7e:a8:27:a3:2e:22:8b:57:0f:e9:fc:57:ae:be:f9:ab:13:
98:4e:d9:94:60:de:a6:0f:2c:92:5a:da:07:d7:ff:49:59:77:
80:4f:54:0e:7b:29:74:7c:f2:53:51:e4:f7:63:0b:a8:7e:cf:
9f:b0:2c:bc:62:33:aa:67:86:d0:29:d1:64:a5:3a:cd:bb:ae:
ec:f8:a7:08:44:4d:e9:eb:62:69:47:4e:15:a8:1f:22:5c:1d:
f4:e2:22:a4:ec:b6:07:ef:e6:fe:4c:8a:fa:77:fe:10:3b:26:
f7:47:69:1d:02:0f:e7:c0:1b:7e:a9:3b:40:0a:bb:0c:3e:3a:
9c:f6:16:71:42:20:54:ff:5d:7e:33:15:95:c4:72:23:c7:97:
e0:09:16:01:29:b6:ff:b6:5c:c0:77:58:ed:f4:fb:fc:84:4b:
3a:3d:c4:50:13:3a:dd:a2:ae:92:10:1f:78:54:4e:ae:b3:34:
bc:bd:f5:cf
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeiGoJzDNAe3z6sfSUZcGB1fnCIIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MTIxMDE5MDhaFw0yNzA1MTExMDI0MDhaMDMxMTAvBgNV
BAMTKEQ5RkYwRUYyQjVFQjU3QkMwNkY4Mzk3NEE2NzZFRUYxMEI2QzNDRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9448vrQ+0zsOZ4EIR4ETPqRHy
XYQBPJkepvQu0Kn6jwIklcPHkZLvqYuUgv16U9nh/mCsKTN2F9aCU2lsn95/bxfS
3PAYLrESKLm8Gc+T4T7mnpF+Nw1wjXr4KHYba+8tNUdanD2OV/6GxDVHUkF5XX+t
XG75or0PTU8i02oKGK69X1qgdpvuEVIF63GfNDSDhdkx9TzWVl8W2AG3tk/vboyk
1c2YPiTbiGMC3lkCToi/0Qzy74GudgwWJs+yL6DNXx3stOtxJI9+8l4g49aoj+rD
ly3X4xPQsRQFT3IaF0TsdsIII3u7ijdG78HXWxbtqkv3+uiv4WDdmrvdX2pBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2f8O8rXrV7wG+Dl0pnbu8QtsPPgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzMy
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
UpVIMA0GCSqGSIb3DQEBCwUAA4IBAQAwklFv+kI1lHUVV5M57guW523lp1px/CXM
CF/sTePvTdATZXoUGTXSuRf0ZWq+LMVZxxcbfimjjg0sTSu4IAJi51WVwDIwAoh2
fqgnoy4ii1cP6fxXrr75qxOYTtmUYN6mDyySWtoH1/9JWXeAT1QOeyl0fPJTUeT3
Ywuofs+fsCy8YjOqZ4bQKdFkpTrNu67s+KcIRE3p62JpR04VqB8iXB304iKk7LYH
7+b+TIr6d/4QOyb3R2kdAg/nwBt+qTtACrsMPjqc9hZxQiBU/11+MxWVxHIjx5fg
CRYBKbb/tlzAd1jt9Pv8hEs6PcRQEzrdoq6SEB94VE6uszS8vfXP
-----END CERTIFICATE-----
Generated at Wed May 13 06:22:11 2026 by rpki-client