Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3138342e302f32312d3234203d3e20323034313730.roa
File: 38322e3138302e3138342e302f32312d3234203d3e20323034313730.roa (raw, json)
Hash identifier: PnGFzGWZF9x4M0mr1dVmQv7tNpJfP94SnRugTswK6uk=
Subject key identifier: 77:3E:34:62:81:4C:60:77:D8:B2:48:45:B6:B4:A5:19:90:58:5A:AF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4160A11C2EBD339C00B3A3902512D2A290021D16
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3138342e302f32312d3234203d3e20323034313730.roa
Signing time: Mon 23 Mar 2026 19:23:30 +0000
ROA not before: Mon 23 Mar 2026 19:18:30 +0000
ROA not after: Mon 22 Mar 2027 19:23:30 +0000
asID: 204170
IP address blocks: 82.180.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:60:a1:1c:2e:bd:33:9c:00:b3:a3:90:25:12:d2:a2:90:02:1d:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 23 19:18:30 2026 GMT
Not After : Mar 22 19:23:30 2027 GMT
Subject: CN=773E3462814C6077D8B24845B6B4A51990585AAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:20:bc:f1:92:6f:7c:91:25:7f:0c:05:7c:0e:
82:15:7d:96:87:c8:b9:6e:b4:6d:89:99:47:2a:49:
e4:ee:10:a7:90:96:55:af:4a:42:47:cf:86:66:9a:
18:2e:88:b6:6a:02:40:b2:f9:47:ab:17:69:56:15:
06:fc:a5:9b:a3:13:62:d8:d1:44:94:75:87:79:81:
b4:90:ae:ea:80:89:5c:de:d4:00:a3:fe:44:84:96:
5f:fe:43:ce:9b:86:fc:20:9a:f4:45:c0:da:c7:f6:
49:75:39:eb:0f:ad:f4:b5:3d:0e:5b:d2:49:42:12:
e3:44:4f:02:42:af:1b:8d:fd:5d:40:f3:54:75:59:
84:1d:ea:97:30:c5:8e:60:ea:10:97:ef:d4:79:9f:
59:a2:14:51:e7:70:21:c1:95:e2:40:0f:2e:2e:8e:
d0:33:82:21:a2:78:fc:5d:a8:02:68:e2:f8:02:f4:
73:79:05:1c:cf:be:22:e7:67:45:5f:42:bd:55:38:
38:10:3a:28:1b:7b:f5:61:1b:33:b1:39:9a:b0:0a:
ac:f5:9b:3a:c0:5d:60:60:5f:b5:97:5c:79:11:6d:
70:07:35:39:4d:b8:a0:51:5f:ed:c0:4d:65:ee:14:
ca:a4:27:f4:e2:a3:a9:b1:45:25:88:28:73:82:87:
f4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3E:34:62:81:4C:60:77:D8:B2:48:45:B6:B4:A5:19:90:58:5A:AF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3138342e302f32312d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.184.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:39:34:a4:ef:d5:14:1b:10:47:62:3d:2d:ac:b1:cd:89:2c:
49:6b:e0:99:20:ee:db:0c:01:71:50:f4:9a:8d:53:06:b5:d2:
b1:a2:c3:36:f8:ce:4f:98:c9:5c:2b:e8:a3:df:9f:a2:8c:87:
42:60:9d:32:ec:3b:b2:b0:c4:fb:35:87:dd:10:83:67:df:09:
2c:ab:cb:20:6b:91:04:93:14:7d:06:08:e0:15:79:32:6d:82:
e6:a9:fd:c0:7f:44:e2:f4:da:b7:e0:98:af:fd:60:dd:c1:5b:
11:d9:c2:9f:38:ef:3d:7c:4c:26:b7:21:98:3d:cd:03:87:90:
9c:26:92:a0:e6:97:b2:bc:b3:b9:49:a9:ef:79:7d:8a:ef:bf:
0c:9b:31:17:90:f1:48:fb:17:39:54:21:e7:83:a1:e8:fd:65:
cd:d9:d9:10:a6:70:e1:a6:5d:a0:a2:48:cd:b6:f9:1e:2f:35:
44:3a:e5:bc:7f:53:ed:db:9e:70:6c:ed:59:5f:82:d2:41:83:
f4:f5:33:89:bf:93:da:c5:6b:39:f6:3f:50:93:db:74:c8:9b:
af:30:9a:c7:20:3a:20:2a:df:89:d9:a5:fb:51:db:28:22:7a:
f5:f7:00:52:84:95:15:89:98:93:36:b4:d3:7d:80:12:f8:b4:
60:1a:f6:16
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQWChHC69M5wAs6OQJRLSopACHRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjMxOTE4MzBaFw0yNzAzMjIxOTIzMzBaMDMxMTAvBgNV
BAMTKDc3M0UzNDYyODE0QzYwNzdEOEIyNDg0NUI2QjRBNTE5OTA1ODVBQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWILzxkm98kSV/DAV8DoIVfZaH
yLlutG2JmUcqSeTuEKeQllWvSkJHz4ZmmhguiLZqAkCy+UerF2lWFQb8pZujE2LY
0USUdYd5gbSQruqAiVze1ACj/kSEll/+Q86bhvwgmvRFwNrH9kl1OesPrfS1PQ5b
0klCEuNETwJCrxuN/V1A81R1WYQd6pcwxY5g6hCX79R5n1miFFHncCHBleJADy4u
jtAzgiGiePxdqAJo4vgC9HN5BRzPviLnZ0VfQr1VODgQOigbe/VhGzOxOZqwCqz1
mzrAXWBgX7WXXHkRbXAHNTlNuKBRX+3ATWXuFMqkJ/Tio6mxRSWIKHOCh/SdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdz40YoFMYHfYskhFtrSlGZBYWq8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM4
MzQyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANStLgwDQYJKoZIhvcNAQELBQADggEBAC45NKTv1RQbEEdiPS2ssc2JLElr4Jkg
7tsMAXFQ9JqNUwa10rGiwzb4zk+YyVwr6KPfn6KMh0JgnTLsO7KwxPs1h90Qg2ff
CSyryyBrkQSTFH0GCOAVeTJtguap/cB/ROL02rfgmK/9YN3BWxHZwp847z18TCa3
IZg9zQOHkJwmkqDml7K8s7lJqe95fYrvvwybMReQ8Uj7FzlUIeeDoej9Zc3Z2RCm
cOGmXaCiSM22+R4vNUQ65bx/U+3bnnBs7VlfgtJBg/T1M4m/k9rFazn2P1CT23TI
m68wmscgOiAq34nZpftR2ygievX3AFKElRWJmJM2tNN9gBL4tGAa9hY=
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:57:14 2026 by rpki-client