Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/31332e3134302e32382e302f32342d3234203d3e20323033333830.roa
File: 31332e3134302e32382e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: y+w6ESD8eY0XIM5rjR7qc8MmeJ9JU0sAPrjS3Sj29OY=
Subject key identifier: ED:F3:8E:D1:D3:9E:77:C6:88:82:2E:41:D1:6D:19:E4:1A:A6:90:73
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4DCFA928F5CA952553A9092B117CB766D53BC5AB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/31332e3134302e32382e302f32342d3234203d3e20323033333830.roa
Signing time: Fri 29 May 2026 05:21:55 +0000
ROA not before: Fri 29 May 2026 05:16:55 +0000
ROA not after: Fri 28 May 2027 05:21:55 +0000
asID: 203380
IP address blocks: 13.140.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:cf:a9:28:f5:ca:95:25:53:a9:09:2b:11:7c:b7:66:d5:3b:c5:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 29 05:16:55 2026 GMT
Not After : May 28 05:21:55 2027 GMT
Subject: CN=EDF38ED1D39E77C688822E41D16D19E41AA69073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ee:ba:19:98:60:71:a9:a8:00:23:d8:df:55:
91:73:39:f5:68:e4:fa:6a:7c:e0:33:e8:54:d9:d8:
8f:63:f7:5e:ea:84:d3:8a:8f:88:18:aa:cc:71:c7:
d5:63:29:58:80:2e:f2:1e:6d:21:cb:06:49:5d:a0:
9d:11:f1:a3:b2:a4:f1:43:6c:50:7a:a0:d0:7e:7a:
5d:91:90:2f:77:09:5c:4d:e9:26:b8:40:76:17:38:
8b:b3:eb:f0:60:e3:be:a0:6b:7c:8d:56:0e:8a:5a:
0c:47:5d:87:ea:09:dd:d7:d5:3c:47:38:f8:cf:b2:
c8:ce:fc:7b:a9:03:c6:69:4a:ed:4c:04:a0:a0:6a:
8b:57:21:1e:ad:f6:f5:53:88:0a:42:8f:46:1c:29:
2e:52:45:f1:fc:16:d2:51:a6:d7:8b:7d:82:7e:df:
f1:34:40:d0:7c:25:19:ab:45:4b:bc:ed:ae:95:8b:
78:2c:b6:23:ae:4d:2b:e3:69:06:c1:1b:2e:ad:f7:
55:4c:ad:e3:3b:2b:14:f6:5f:fd:cc:3f:ec:98:10:
16:40:4c:19:e4:a5:c4:9a:92:ff:2d:60:27:66:f5:
67:6a:67:12:c0:e2:82:a1:9c:6c:3e:fb:96:bf:1d:
c0:fa:17:ec:a5:c3:d3:77:d9:48:c8:8b:42:30:0e:
7d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F3:8E:D1:D3:9E:77:C6:88:82:2E:41:D1:6D:19:E4:1A:A6:90:73
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/31332e3134302e32382e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.140.28.0/24
Signature Algorithm: sha256WithRSAEncryption
26:32:b7:55:e6:bf:80:8c:78:fb:3e:37:df:32:88:2d:ab:f5:
12:4f:e8:0e:91:8d:2b:71:bc:b1:b9:f1:8a:07:13:1f:6f:e3:
f7:63:96:6e:26:df:f4:28:ff:63:bd:7f:a2:08:d4:2e:10:1d:
4a:86:75:ee:55:8c:35:05:1a:9a:6f:3a:4d:ad:b9:2b:62:9f:
a1:05:73:8b:52:e6:89:4c:db:4b:02:1e:42:36:00:86:89:6f:
3d:0e:ab:21:43:27:3c:9f:60:ec:bc:0b:fe:64:c1:82:39:b3:
21:4c:83:3a:cb:3d:fa:28:8d:c5:a3:2b:f3:4f:81:d7:7c:c4:
55:76:ff:74:0c:d8:06:37:e8:94:00:a8:92:2d:5a:4f:05:c5:
39:0d:32:2f:59:9f:58:04:4d:83:ca:14:7e:8d:f3:6a:9f:51:
5a:1e:7c:c7:9e:b4:bf:4e:28:ab:1b:a9:3d:c7:28:9c:41:24:
af:95:f4:6b:eb:83:bd:b3:2a:c4:37:89:4a:42:6e:9b:56:d8:
c6:cf:51:b5:3e:c7:fa:5f:64:0e:df:ad:21:c5:eb:71:d4:aa:
88:08:4b:a2:ef:16:e2:6f:55:88:8e:0a:94:76:6a:72:40:11:
a8:b9:c1:08:7c:4b:e2:04:50:89:97:25:d7:bf:18:85:4a:ee:
c4:78:a4:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTc+pKPXKlSVTqQkrEXy3ZtU7xaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjkwNTE2NTVaFw0yNzA1MjgwNTIxNTVaMDMxMTAvBgNV
BAMTKEVERjM4RUQxRDM5RTc3QzY4ODgyMkU0MUQxNkQxOUU0MUFBNjkwNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC97roZmGBxqagAI9jfVZFzOfVo
5PpqfOAz6FTZ2I9j917qhNOKj4gYqsxxx9VjKViALvIebSHLBkldoJ0R8aOypPFD
bFB6oNB+el2RkC93CVxN6Sa4QHYXOIuz6/Bg476ga3yNVg6KWgxHXYfqCd3X1TxH
OPjPssjO/HupA8ZpSu1MBKCgaotXIR6t9vVTiApCj0YcKS5SRfH8FtJRpteLfYJ+
3/E0QNB8JRmrRUu87a6Vi3gstiOuTSvjaQbBGy6t91VMreM7KxT2X/3MP+yYEBZA
TBnkpcSakv8tYCdm9WdqZxLA4oKhnGw++5a/HcD6F+ylw9N32UjIi0IwDn1HAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU7fOO0dOed8aIgi5B0W0Z5BqmkHMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMzJlMzEzNDMwMmUzMjM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMzMzMzODMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
DYwcMA0GCSqGSIb3DQEBCwUAA4IBAQAmMrdV5r+AjHj7PjffMogtq/UST+gOkY0r
cbyxufGKBxMfb+P3Y5ZuJt/0KP9jvX+iCNQuEB1KhnXuVYw1BRqabzpNrbkrYp+h
BXOLUuaJTNtLAh5CNgCGiW89DqshQyc8n2DsvAv+ZMGCObMhTIM6yz36KI3Foyvz
T4HXfMRVdv90DNgGN+iUAKiSLVpPBcU5DTIvWZ9YBE2DyhR+jfNqn1FaHnzHnrS/
TiirG6k9xyicQSSvlfRr64O9syrEN4lKQm6bVtjGz1G1Psf6X2QO360hxetx1KqI
CEui7xbib1WIjgqUdmpyQBGoucEIfEviBFCJlyXXvxiFSu7EeKRI
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:17:01 2026 by rpki-client