Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3138352e302f32342d3234203d3e20343032323938.roa
File: 3134352e37392e3138352e302f32342d3234203d3e20343032323938.roa (raw, json)
Hash identifier: Y4OQq30t16mfy3SrbLXNuXVnvI6RsYncoGfETkdM6EQ=
Subject key identifier: 3A:AD:FA:89:E5:70:0B:9C:B3:1A:0A:07:7A:DF:AE:01:FB:92:70:82
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2300FEDC81A1C86040038F85BBA6EA8994009DC3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3138352e302f32342d3234203d3e20343032323938.roa
Signing time: Thu 30 Apr 2026 13:18:45 +0000
ROA not before: Thu 30 Apr 2026 13:13:45 +0000
ROA not after: Thu 29 Apr 2027 13:18:45 +0000
asID: 402298
IP address blocks: 145.79.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 14:07:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:00:fe:dc:81:a1:c8:60:40:03:8f:85:bb:a6:ea:89:94:00:9d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 13:13:45 2026 GMT
Not After : Apr 29 13:18:45 2027 GMT
Subject: CN=3AADFA89E5700B9CB31A0A077ADFAE01FB927082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:13:5f:b4:e9:86:a0:93:5a:ed:ce:97:b1:57:
ad:77:32:cc:4e:da:44:8f:81:06:13:7d:b9:aa:13:
74:40:27:a1:79:05:e8:0c:a4:53:6c:2d:24:d8:86:
8a:46:95:6d:a9:c7:45:03:82:3a:58:12:14:4b:de:
0e:a9:ec:63:2e:e5:75:13:c1:cd:b3:df:f9:dd:97:
43:95:55:55:7b:7d:2a:65:3f:12:f5:ed:95:fc:2a:
8d:43:bf:ea:ac:78:5b:d6:4d:f9:81:ba:7e:f4:e6:
ac:cb:16:32:74:48:ae:b4:29:4e:fc:56:72:b5:45:
cd:ef:e3:dc:ec:54:ca:e9:30:b2:32:ac:95:1b:ff:
3a:a9:32:78:de:8d:e6:e0:25:d1:d2:7d:8f:56:c5:
33:4d:12:e9:05:83:5c:ae:6f:5d:7e:be:f6:f8:55:
41:19:2c:9a:53:39:f7:b4:0e:3c:17:5d:cd:3e:d6:
f2:a2:86:c0:37:14:d8:f9:a0:53:3e:36:6f:ec:1e:
91:11:47:47:a8:8b:99:d8:06:26:ee:03:99:d3:dc:
d3:6e:69:48:f0:28:d7:44:5e:8b:c0:14:0d:7f:a4:
4d:f3:c2:fd:0e:58:2a:80:8e:04:0b:49:24:e6:fe:
bb:7d:0a:04:f4:52:20:fe:ff:15:90:24:ca:0d:8b:
5e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AD:FA:89:E5:70:0B:9C:B3:1A:0A:07:7A:DF:AE:01:FB:92:70:82
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3138352e302f32342d3234203d3e20343032323938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.185.0/24
Signature Algorithm: sha256WithRSAEncryption
08:7f:29:a8:2e:9e:ad:9a:a0:60:19:c3:be:ba:4c:27:7f:81:
30:8f:b7:af:ae:0c:da:99:f4:27:b0:ca:d7:15:10:58:bb:d5:
1d:ba:a2:60:9d:89:38:b4:31:b1:bd:cf:c2:17:47:ad:f3:3a:
c1:b4:5d:54:0e:92:a4:32:45:de:0e:3d:76:1b:f8:6e:2b:33:
ff:53:db:88:30:97:41:b9:0f:72:a9:a8:7b:d1:2c:f5:b2:a0:
49:79:89:57:09:ea:d7:26:af:71:b7:30:c2:27:c4:fd:76:24:
99:28:34:9d:d6:8a:98:c2:cf:53:95:8d:8b:12:20:eb:5e:e0:
14:3d:76:1c:1b:42:4a:5a:f9:50:0c:1b:78:6d:ca:fb:09:e5:
70:de:fb:e8:f6:61:62:58:82:44:a2:18:3a:d3:03:76:d3:95:
d8:82:aa:82:25:3f:39:ec:29:79:8c:41:19:3b:58:80:f8:a7:
19:96:4d:2e:74:04:56:29:de:a0:01:d0:07:9d:e9:0e:6d:af:
b4:07:df:a0:9c:51:4d:ed:9f:d2:76:3f:ba:5f:b3:42:ca:c4:
82:ac:1e:56:89:3a:cb:1f:f8:76:e0:c9:57:14:ea:b3:3d:3c:
c6:88:b4:89:9b:4d:f9:91:af:f8:b4:40:ae:14:42:0d:d9:07:
9f:fd:3e:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIwD+3IGhyGBAA4+Fu6bqiZQAncMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxMzEzNDVaFw0yNzA0MjkxMzE4NDVaMDMxMTAvBgNV
BAMTKDNBQURGQTg5RTU3MDBCOUNCMzFBMEEwNzdBREZBRTAxRkI5MjcwODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXE1+06Yagk1rtzpexV613MsxO
2kSPgQYTfbmqE3RAJ6F5BegMpFNsLSTYhopGlW2px0UDgjpYEhRL3g6p7GMu5XUT
wc2z3/ndl0OVVVV7fSplPxL17ZX8Ko1Dv+qseFvWTfmBun705qzLFjJ0SK60KU78
VnK1Rc3v49zsVMrpMLIyrJUb/zqpMnjejebgJdHSfY9WxTNNEukFg1yub11+vvb4
VUEZLJpTOfe0DjwXXc0+1vKihsA3FNj5oFM+Nm/sHpERR0eoi5nYBibuA5nT3NNu
aUjwKNdEXovAFA1/pE3zwv0OWCqAjgQLSSTm/rt9CgT0UiD+/xWQJMoNi17BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOq36ieVwC5yzGgoHet+uAfuScIIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM4
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzIzMjM5Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT7kwDQYJKoZIhvcNAQELBQADggEBAAh/Kagunq2aoGAZw766TCd/gTCPt6+u
DNqZ9CewytcVEFi71R26omCdiTi0MbG9z8IXR63zOsG0XVQOkqQyRd4OPXYb+G4r
M/9T24gwl0G5D3KpqHvRLPWyoEl5iVcJ6tcmr3G3MMInxP12JJkoNJ3WipjCz1OV
jYsSIOte4BQ9dhwbQkpa+VAMG3htyvsJ5XDe++j2YWJYgkSiGDrTA3bTldiCqoIl
PznsKXmMQRk7WID4pxmWTS50BFYp3qAB0Aed6Q5tr7QH36CcUU3tn9J2P7pfs0LK
xIKsHlaJOssf+HbgyVcU6rM9PMaItImbTfmRr/i0QK4UQg3ZB5/9Phw=
-----END CERTIFICATE-----
Generated at Thu Apr 30 17:26:10 2026 by rpki-client