Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132382e302f32342d3234203d3e203430333532.roa
File: 3134352e37392e3132382e302f32342d3234203d3e203430333532.roa (raw, json)
Hash identifier: xxCh29CfLET9i6uEO+7M7XaYuwTEhtUvEmXEDyKPxqo=
Subject key identifier: B2:08:69:8A:08:59:2F:50:E3:7B:9D:39:10:2A:E8:E7:D0:2E:24:5D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 12C86362F71C63276F9727B62D027E04EBA273C1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132382e302f32342d3234203d3e203430333532.roa
Signing time: Tue 07 Apr 2026 08:37:32 +0000
ROA not before: Tue 07 Apr 2026 08:32:32 +0000
ROA not after: Tue 06 Apr 2027 08:37:32 +0000
asID: 40352
IP address blocks: 145.79.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 Apr 2026 13:55:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:c8:63:62:f7:1c:63:27:6f:97:27:b6:2d:02:7e:04:eb:a2:73:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 7 08:32:32 2026 GMT
Not After : Apr 6 08:37:32 2027 GMT
Subject: CN=B208698A08592F50E37B9D39102AE8E7D02E245D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d5:6c:7d:f6:01:e7:f5:a2:87:fe:0b:37:72:
94:65:ae:d7:20:f7:d8:82:54:8c:1a:40:36:82:17:
af:a4:99:67:28:eb:f5:67:b7:52:38:af:fa:a7:4f:
aa:36:b5:43:a5:59:62:9e:7a:d2:c2:1b:be:1f:bd:
12:db:be:f0:a1:fb:9c:29:e4:0f:e4:e3:2c:d4:c4:
ba:24:d9:44:9d:5a:62:d0:ba:fb:95:46:7c:00:05:
0b:48:c7:a0:b3:0d:d5:7f:ae:ab:b3:0f:c9:49:d5:
4f:b4:40:3f:46:6f:60:a8:8b:7a:d4:67:26:5b:53:
e1:4b:02:0b:33:60:65:be:ff:5e:23:66:17:37:a6:
58:0b:e7:0e:45:b3:38:d1:cf:42:72:b5:ea:83:9e:
d1:43:ad:97:96:33:e3:be:25:d0:99:69:a0:89:b8:
b7:bf:48:0c:ce:92:41:ac:24:f1:b1:de:eb:96:6c:
6b:72:b2:b0:fe:7d:11:bd:bb:99:f5:94:13:d1:d4:
39:bf:a9:9d:6d:73:e9:83:8f:78:36:a1:9d:e8:79:
d1:4a:9e:92:59:92:71:b7:a7:3b:63:4f:b3:dd:a1:
be:0b:0f:f0:55:c7:3e:49:ab:9a:8f:90:58:3f:df:
c5:43:d1:5b:11:b6:9c:ff:0e:80:b2:9a:a7:d7:66:
84:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:08:69:8A:08:59:2F:50:E3:7B:9D:39:10:2A:E8:E7:D0:2E:24:5D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132382e302f32342d3234203d3e203430333532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.128.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:46:3d:a4:e2:f3:e2:24:bf:d6:e4:fd:d3:5e:be:17:3f:3e:
10:d1:59:f7:6f:1b:06:5f:e2:01:0f:fc:6b:40:f2:8c:14:60:
c9:c9:f8:da:8f:ad:b5:0f:ad:eb:a6:b8:3b:5d:67:1c:3b:1f:
df:9f:dc:39:a0:3d:7d:f9:e8:67:c5:27:67:e0:29:ce:43:61:
21:6b:37:49:c1:ed:8c:7c:db:9f:f4:25:bc:fc:32:88:6a:b0:
f1:7f:59:e1:4b:36:a8:ce:23:1c:a5:e8:f2:eb:35:e6:ef:89:
8e:53:a7:f7:8a:ad:3e:5d:e8:f3:b1:4f:fc:fc:3c:d4:97:34:
d0:d3:9e:c1:64:a4:6e:a2:fe:52:7f:fd:06:5e:99:e5:cc:fe:
23:89:64:6c:49:64:6d:cb:6d:6d:57:8c:32:15:d3:58:0f:98:
1e:f4:20:c5:37:2d:ae:33:3f:a1:6f:a8:ef:04:8a:89:66:37:
9c:1f:86:e3:af:17:5f:1e:62:2a:78:92:5e:19:cf:15:7a:61:
e8:5b:50:7d:a4:4b:a1:f8:2d:b2:17:d7:6d:83:06:b7:12:ac:
4b:92:f1:11:c1:24:d3:53:95:20:b7:02:ca:8c:0c:84:78:a5:
a6:65:83:02:49:15:5a:63:70:0b:96:31:9f:52:e1:13:36:d7:
6a:8a:c7:40
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEshjYvccYydvlye2LQJ+BOuic8EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MDcwODMyMzJaFw0yNzA0MDYwODM3MzJaMDMxMTAvBgNV
BAMTKEIyMDg2OThBMDg1OTJGNTBFMzdCOUQzOTEwMkFFOEU3RDAyRTI0NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb1Wx99gHn9aKH/gs3cpRlrtcg
99iCVIwaQDaCF6+kmWco6/Vnt1I4r/qnT6o2tUOlWWKeetLCG74fvRLbvvCh+5wp
5A/k4yzUxLok2USdWmLQuvuVRnwABQtIx6CzDdV/rquzD8lJ1U+0QD9Gb2Coi3rU
ZyZbU+FLAgszYGW+/14jZhc3plgL5w5FszjRz0JyteqDntFDrZeWM+O+JdCZaaCJ
uLe/SAzOkkGsJPGx3uuWbGtysrD+fRG9u5n1lBPR1Dm/qZ1tc+mDj3g2oZ3oedFK
npJZknG3pztjT7Pdob4LD/BVxz5Jq5qPkFg/38VD0VsRtpz/DoCymqfXZoT/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsghpighZL1Dje505ECro59AuJF0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzMzNTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
kU+AMA0GCSqGSIb3DQEBCwUAA4IBAQALRj2k4vPiJL/W5P3TXr4XPz4Q0Vn3bxsG
X+IBD/xrQPKMFGDJyfjaj621D63rprg7XWccOx/fn9w5oD19+ehnxSdn4CnOQ2Eh
azdJwe2MfNuf9CW8/DKIarDxf1nhSzaoziMcpejy6zXm74mOU6f3iq0+XejzsU/8
/DzUlzTQ057BZKRuov5Sf/0GXpnlzP4jiWRsSWRty21tV4wyFdNYD5ge9CDFNy2u
Mz+hb6jvBIqJZjecH4bjrxdfHmIqeJJeGc8VemHoW1B9pEuh+C2yF9dtgwa3EqxL
kvERwSTTU5UgtwLKjAyEeKWmZYMCSRVaY3ALljGfUuETNtdqisdA
-----END CERTIFICATE-----
Generated at Sat Apr 11 01:28:45 2026 by rpki-client