Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3234342e302f32342d3234203d3e20333935373933.roa
File: 38322e3139382e3234342e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: //G9Y6/CU5Is9PIjMKTWLjEVI8dzGH0geGsYwYCd5H0=
Subject key identifier: DA:27:CD:F4:B2:7D:DC:40:6C:04:2A:72:1A:6A:B0:AC:FA:C5:2F:DA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 607C3D54834789D4137C593B480E8569FD26BD5A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3234342e302f32342d3234203d3e20333935373933.roa
Signing time: Wed 22 Apr 2026 21:23:51 +0000
ROA not before: Wed 22 Apr 2026 21:18:51 +0000
ROA not after: Wed 21 Apr 2027 21:23:51 +0000
asID: 395793
IP address blocks: 82.198.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:7c:3d:54:83:47:89:d4:13:7c:59:3b:48:0e:85:69:fd:26:bd:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 22 21:18:51 2026 GMT
Not After : Apr 21 21:23:51 2027 GMT
Subject: CN=DA27CDF4B27DDC406C042A721A6AB0ACFAC52FDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:48:d9:3c:bc:af:72:e9:51:4d:41:45:4b:47:
42:ca:bc:32:6f:b9:4b:1c:c2:66:22:11:97:e8:f8:
03:2a:f5:40:65:c5:be:4b:dc:4d:c6:3c:b6:b2:ab:
82:d3:67:93:c3:ee:75:f4:73:92:c2:a5:86:e6:47:
e5:24:cc:2a:6a:8d:f1:6c:4c:ba:13:b6:0c:82:c3:
6b:2a:a5:6f:75:a7:e2:7f:1d:3f:62:50:70:81:af:
9e:f5:cb:83:f3:8c:cd:36:5f:13:2f:52:b4:14:a2:
4b:a8:0f:0c:8c:e9:ff:75:bb:fd:dd:05:4e:5e:62:
54:0d:09:4e:c6:7e:27:52:99:f7:10:2a:7a:0b:1f:
66:20:0f:88:63:0e:59:02:15:2f:02:73:cc:6d:88:
af:1f:0e:77:27:f2:b5:f1:93:e3:19:b6:59:77:bc:
05:23:2d:f4:15:3d:e3:cb:b2:e7:fe:76:cf:8c:3a:
1c:98:dc:54:6d:ab:ca:bc:73:8d:13:15:e3:9a:3c:
53:54:04:2b:a9:06:4d:75:76:a4:3b:2b:79:11:ba:
7e:5e:d1:45:1a:c2:67:45:65:6f:e9:60:58:e9:90:
2f:93:ac:cd:31:70:7b:ae:82:c2:00:43:a8:26:74:
96:16:75:e0:e8:c8:2e:33:b6:fd:95:61:7d:07:d1:
e7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:27:CD:F4:B2:7D:DC:40:6C:04:2A:72:1A:6A:B0:AC:FA:C5:2F:DA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3234342e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.198.244.0/24
Signature Algorithm: sha256WithRSAEncryption
58:cb:5c:54:ab:95:3c:e1:ef:13:86:37:d7:e6:b1:4a:74:05:
94:6a:55:23:98:be:8a:6d:c9:0f:8e:03:97:93:c7:d0:7f:0a:
e5:28:47:42:2f:78:72:3c:2f:d4:1a:a9:37:4f:f5:8f:08:d7:
72:6c:3a:66:18:4c:5f:98:73:b9:b5:b6:fe:98:08:4c:27:b4:
04:47:2e:5e:03:bc:7c:f2:50:fb:60:3c:d0:ed:b9:ce:60:18:
d9:bd:ca:4e:60:6d:26:2e:00:3c:7c:45:dc:c4:11:b0:a2:d8:
d5:1f:51:d3:18:06:7e:1d:fe:05:84:ba:7b:2d:7f:1b:38:8f:
55:d9:d7:03:9b:37:a3:fa:51:ae:d5:ba:ef:a9:43:1b:fb:42:
99:e7:3d:90:cb:55:cf:af:cd:3a:68:d2:cb:0f:3f:95:68:5a:
21:2a:38:76:41:04:0e:52:67:fc:f4:20:34:6b:d9:4f:8b:48:
72:27:05:50:ce:05:4b:ce:cd:d3:8b:76:c5:04:23:46:14:e7:
21:2f:2b:a2:c4:74:40:7f:03:78:26:00:af:9c:4c:3a:61:87:
34:2b:b9:e9:32:3d:db:38:f9:a6:a2:f1:d6:f0:3a:57:0a:94:
c2:43:cb:99:63:4b:78:c9:bc:2e:ae:ef:ca:17:b6:ef:c7:3a:
c6:0b:4c:8d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYHw9VINHidQTfFk7SA6Faf0mvVowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjIyMTE4NTFaFw0yNzA0MjEyMTIzNTFaMDMxMTAvBgNV
BAMTKERBMjdDREY0QjI3RERDNDA2QzA0MkE3MjFBNkFCMEFDRkFDNTJGREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcSNk8vK9y6VFNQUVLR0LKvDJv
uUscwmYiEZfo+AMq9UBlxb5L3E3GPLayq4LTZ5PD7nX0c5LCpYbmR+UkzCpqjfFs
TLoTtgyCw2sqpW91p+J/HT9iUHCBr571y4PzjM02XxMvUrQUokuoDwyM6f91u/3d
BU5eYlQNCU7GfidSmfcQKnoLH2YgD4hjDlkCFS8Cc8xtiK8fDncn8rXxk+MZtll3
vAUjLfQVPePLsuf+ds+MOhyY3FRtq8q8c40TFeOaPFNUBCupBk11dqQ7K3kRun5e
0UUawmdFZW/pYFjpkC+TrM0xcHuugsIAQ6gmdJYWdeDoyC4ztv2VYX0H0edpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2ifN9LJ93EBsBCpyGmqwrPrFL9owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM4MmUzMjM0
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSxvQwDQYJKoZIhvcNAQELBQADggEBAFjLXFSrlTzh7xOGN9fmsUp0BZRqVSOY
voptyQ+OA5eTx9B/CuUoR0IveHI8L9QaqTdP9Y8I13JsOmYYTF+Yc7m1tv6YCEwn
tARHLl4DvHzyUPtgPNDtuc5gGNm9yk5gbSYuADx8RdzEEbCi2NUfUdMYBn4d/gWE
unstfxs4j1XZ1wObN6P6Ua7Vuu+pQxv7QpnnPZDLVc+vzTpo0ssPP5VoWiEqOHZB
BA5SZ/z0IDRr2U+LSHInBVDOBUvOzdOLdsUEI0YU5yEvK6LEdEB/A3gmAK+cTDph
hzQruekyPds4+aai8dbwOlcKlMJDy5ljS3jJvC6u78oXtu/HOsYLTI0=
-----END CERTIFICATE-----
Generated at Wed May 13 09:37:56 2026 by rpki-client