Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/31332e3134302e33302e302f32342d3234203d3e20323136323533.roa
File: 31332e3134302e33302e302f32342d3234203d3e20323136323533.roa (raw, json)
Hash identifier: zmDDk4V6AdOwHy84ewwZ6Hew7h52eVGuEQkcgCJ7ZJc=
Subject key identifier: 85:DC:97:C1:7B:0A:9C:95:59:05:82:B9:FC:E2:BD:2E:BA:4D:31:68
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 712B2DC874DB0AFF4C288A0CA9898CDAB48D735C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/31332e3134302e33302e302f32342d3234203d3e20323136323533.roa
Signing time: Wed 13 May 2026 14:09:19 +0000
ROA not before: Wed 13 May 2026 14:04:19 +0000
ROA not after: Wed 12 May 2027 14:09:19 +0000
asID: 216253
IP address blocks: 13.140.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:2b:2d:c8:74:db:0a:ff:4c:28:8a:0c:a9:89:8c:da:b4:8d:73:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 13 14:04:19 2026 GMT
Not After : May 12 14:09:19 2027 GMT
Subject: CN=85DC97C17B0A9C95590582B9FCE2BD2EBA4D3168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c8:74:35:f6:ce:db:10:4d:ce:41:2d:9a:2b:
60:eb:73:1c:95:d5:a6:c9:37:60:f7:33:7c:13:2a:
29:64:b7:df:d0:3d:2e:37:fc:9c:74:71:bf:f1:dd:
44:17:6d:d2:05:22:d0:1e:32:06:d2:f4:5d:43:78:
13:e3:3f:e6:21:a0:67:9b:44:bf:53:9f:ee:e7:b8:
64:2b:35:96:2c:ae:53:e3:88:22:17:63:c0:61:26:
61:7d:dd:18:8c:d8:49:c8:6e:6a:31:dd:49:5b:e7:
ea:23:65:91:70:5d:b6:91:03:15:04:d3:ac:7a:78:
f3:e2:5e:1f:36:b6:a6:7c:fd:04:5c:4d:c4:76:21:
09:06:fb:43:63:a1:1d:01:6c:78:ad:44:d6:8b:65:
07:44:e8:4a:81:9f:c1:c0:7d:ba:b2:ee:fa:7b:7d:
bd:e8:45:c2:75:84:45:61:79:64:34:1c:0b:60:80:
a6:27:f0:e9:49:c9:71:de:49:62:8c:37:a7:60:2b:
aa:89:a1:88:39:a7:8b:35:9e:65:4a:7a:fe:19:b6:
3c:78:9e:8a:b8:72:25:d1:d9:43:ee:18:fe:c0:bf:
be:29:8e:89:e8:42:e1:1f:5a:a8:1f:fb:4b:cc:9d:
b1:7a:8e:1d:4e:99:32:e0:b4:0d:f3:87:89:75:01:
6f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DC:97:C1:7B:0A:9C:95:59:05:82:B9:FC:E2:BD:2E:BA:4D:31:68
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/31332e3134302e33302e302f32342d3234203d3e20323136323533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.140.30.0/24
Signature Algorithm: sha256WithRSAEncryption
06:ce:f0:d3:3b:d0:53:0c:6c:5b:fe:b2:69:a7:88:64:1b:d2:
2e:f6:ea:d2:b6:1d:4b:7a:18:60:00:bd:c4:3c:ee:29:28:97:
b0:15:5f:e9:90:71:36:ce:91:54:16:c5:21:98:0b:15:d9:53:
37:3b:e5:9f:7e:ee:62:f8:15:df:f9:78:fb:da:59:ad:27:df:
d9:6b:57:f6:4f:5b:e7:e6:b9:a1:95:9f:26:1a:0c:5a:48:2d:
f3:0c:1d:11:08:5e:6d:2e:16:6f:4f:13:35:29:54:b7:fa:4e:
85:1b:e1:97:c8:42:4c:4e:16:1a:6c:a3:2b:97:49:bb:78:f1:
a9:ee:86:fc:3e:dd:7b:f1:1b:93:79:4c:9b:d6:61:5a:d7:de:
97:6c:4c:a3:a4:05:d2:17:d9:f9:7f:d4:e2:b3:2b:ea:a8:ee:
22:ae:d7:ca:39:7e:ad:4e:12:55:65:3c:c6:e2:ed:ec:b0:77:
38:b2:ab:d6:ee:9e:d9:d2:5f:02:d4:b7:01:3d:e0:b3:f5:81:
8c:bd:52:d5:20:6f:9b:08:63:d8:92:e3:96:9f:bf:a2:8e:f5:
2b:cb:de:36:ae:e5:17:1b:23:cf:79:d1:44:5f:d3:67:3a:88:
f1:3c:a4:b6:af:17:8d:a5:6b:24:8e:2a:5d:26:56:9a:ff:81:
08:f4:18:aa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcSstyHTbCv9MKIoMqYmM2rSNc1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MTMxNDA0MTlaFw0yNzA1MTIxNDA5MTlaMDMxMTAvBgNV
BAMTKDg1REM5N0MxN0IwQTlDOTU1OTA1ODJCOUZDRTJCRDJFQkE0RDMxNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCyHQ19s7bEE3OQS2aK2DrcxyV
1abJN2D3M3wTKilkt9/QPS43/Jx0cb/x3UQXbdIFItAeMgbS9F1DeBPjP+YhoGeb
RL9Tn+7nuGQrNZYsrlPjiCIXY8BhJmF93RiM2EnIbmox3Ulb5+ojZZFwXbaRAxUE
06x6ePPiXh82tqZ8/QRcTcR2IQkG+0NjoR0BbHitRNaLZQdE6EqBn8HAfbqy7vp7
fb3oRcJ1hEVheWQ0HAtggKYn8OlJyXHeSWKMN6dgK6qJoYg5p4s1nmVKev4Ztjx4
noq4ciXR2UPuGP7Av74pjonoQuEfWqgf+0vMnbF6jh1OmTLgtA3zh4l1AW/DAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhdyXwXsKnJVZBYK5/OK9LrpNMWgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMzJlMzEzNDMwMmUzMzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM2MzIzNTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
DYweMA0GCSqGSIb3DQEBCwUAA4IBAQAGzvDTO9BTDGxb/rJpp4hkG9Iu9urSth1L
ehhgAL3EPO4pKJewFV/pkHE2zpFUFsUhmAsV2VM3O+Wffu5i+BXf+Xj72lmtJ9/Z
a1f2T1vn5rmhlZ8mGgxaSC3zDB0RCF5tLhZvTxM1KVS3+k6FG+GXyEJMThYabKMr
l0m7ePGp7ob8Pt178RuTeUyb1mFa196XbEyjpAXSF9n5f9TisyvqqO4irtfKOX6t
ThJVZTzG4u3ssHc4sqvW7p7Z0l8C1LcBPeCz9YGMvVLVIG+bCGPYkuOWn7+ijvUr
y942ruUXGyPPedFEX9NnOojxPKS2rxeNpWskjipdJlaa/4EI9Biq
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:16:59 2026 by rpki-client