Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3138362e302f32342d3234203d3e20313938303837.roa
File: 3134352e37392e3138362e302f32342d3234203d3e20313938303837.roa (raw, json)
Hash identifier: I2NFTesr0hB0oB6VLP4WGORxzk9Hmk0w43cxyZ+oTUI=
Subject key identifier: 4B:8A:3F:0F:F9:9E:16:CB:DF:76:41:0A:5C:72:2D:E0:6E:1F:71:D0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1E120BC7E06FEFB8C8FECE9F8C49E6090D224BD6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3138362e302f32342d3234203d3e20313938303837.roa
Signing time: Wed 06 May 2026 11:13:28 +0000
ROA not before: Wed 06 May 2026 11:08:28 +0000
ROA not after: Wed 05 May 2027 11:13:28 +0000
asID: 198087
IP address blocks: 145.79.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 May 2026 13:39:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:12:0b:c7:e0:6f:ef:b8:c8:fe:ce:9f:8c:49:e6:09:0d:22:4b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 6 11:08:28 2026 GMT
Not After : May 5 11:13:28 2027 GMT
Subject: CN=4B8A3F0FF99E16CBDF76410A5C722DE06E1F71D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:60:52:6f:4c:61:08:70:f5:76:3b:e9:59:a4:
ce:a7:93:74:bd:46:75:72:64:21:ff:5c:cd:33:dd:
2b:82:ce:04:cb:58:aa:ce:57:2a:c8:76:16:0b:3a:
87:fb:e8:11:c2:7f:bc:fb:7e:20:f3:f3:0b:dd:24:
0a:87:cb:75:13:5d:a2:f0:02:24:48:53:5a:3f:a0:
b9:3a:20:97:dc:b2:22:27:5e:5a:c3:bd:19:6d:23:
78:fd:02:05:26:45:1f:58:17:40:4a:a7:e6:0e:9f:
9b:89:d4:00:f5:fb:c5:12:3b:13:c8:77:4a:2b:34:
9a:7c:80:25:ca:46:09:9e:ce:e6:2a:24:34:c1:04:
a9:e9:e9:77:68:b0:6e:49:0f:12:f2:e6:7e:d6:fe:
4a:06:0f:5d:f1:f5:06:f0:76:90:92:1a:7b:b5:28:
23:76:90:9c:78:78:57:57:3e:c6:b5:07:29:7e:2c:
24:65:74:50:0a:85:ba:fd:19:98:4c:9f:e1:b0:ca:
9d:61:48:d7:81:d8:a4:3f:34:2a:49:ef:cb:07:9b:
76:75:f0:ad:7c:c4:f8:40:66:e6:6e:5a:26:34:58:
71:b7:6d:e7:09:fa:3c:75:e2:04:4d:04:7c:19:9c:
3f:57:74:e6:30:49:aa:d8:3e:46:5b:8a:24:28:9b:
4f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:8A:3F:0F:F9:9E:16:CB:DF:76:41:0A:5C:72:2D:E0:6E:1F:71:D0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3138362e302f32342d3234203d3e20313938303837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.186.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:1b:e1:2d:c6:9b:4f:47:24:9f:69:7d:a1:cb:fe:a4:5e:fa:
9b:19:3f:45:2d:b5:bc:91:1c:01:a0:6c:2b:36:32:82:eb:26:
7c:4a:3b:84:ba:84:a0:ef:d0:17:b5:27:70:17:73:c4:00:62:
86:88:bf:0b:d0:73:a8:29:21:b4:19:5f:d6:79:b8:bb:93:05:
87:34:51:03:56:1d:91:85:d0:54:9d:02:a2:bb:7f:9e:8f:c7:
7c:f8:a9:d6:12:04:27:7a:72:be:c2:c2:04:9e:b1:ce:e3:e1:
43:a0:1e:7f:32:0b:94:90:83:97:4c:13:84:77:c6:61:f7:be:
14:3f:3a:31:db:b6:77:54:9d:50:99:ac:03:c4:22:9e:c3:e6:
de:13:63:18:80:b3:c2:1c:27:f3:38:ab:58:6c:8a:b8:80:c1:
ea:f9:f1:38:76:13:01:59:af:ed:c3:05:3b:b9:f5:28:c9:70:
51:17:1d:76:d9:0d:e1:1d:f6:63:58:27:79:d4:5f:42:a6:47:
08:33:53:b7:57:c8:65:98:0a:13:6d:cb:5c:5e:52:ab:68:39:
1b:69:56:97:5d:a8:73:5a:4c:f8:d5:5a:9b:6a:40:3a:ee:71:
2e:24:e0:bf:68:a4:b9:77:eb:de:db:ee:e4:52:bc:86:6c:42:
77:63:f1:01
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHhILx+Bv77jI/s6fjEnmCQ0iS9YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MDYxMTA4MjhaFw0yNzA1MDUxMTEzMjhaMDMxMTAvBgNV
BAMTKDRCOEEzRjBGRjk5RTE2Q0JERjc2NDEwQTVDNzIyREUwNkUxRjcxRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcYFJvTGEIcPV2O+lZpM6nk3S9
RnVyZCH/XM0z3SuCzgTLWKrOVyrIdhYLOof76BHCf7z7fiDz8wvdJAqHy3UTXaLw
AiRIU1o/oLk6IJfcsiInXlrDvRltI3j9AgUmRR9YF0BKp+YOn5uJ1AD1+8USOxPI
d0orNJp8gCXKRgmezuYqJDTBBKnp6XdosG5JDxLy5n7W/koGD13x9QbwdpCSGnu1
KCN2kJx4eFdXPsa1Byl+LCRldFAKhbr9GZhMn+Gwyp1hSNeB2KQ/NCpJ78sHm3Z1
8K18xPhAZuZuWiY0WHG3becJ+jx14gRNBHwZnD9XdOYwSarYPkZbiiQom08HAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUS4o/D/meFsvfdkEKXHIt4G4fcdAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM4
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMDM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT7owDQYJKoZIhvcNAQELBQADggEBAJ4b4S3Gm09HJJ9pfaHL/qRe+psZP0Ut
tbyRHAGgbCs2MoLrJnxKO4S6hKDv0Be1J3AXc8QAYoaIvwvQc6gpIbQZX9Z5uLuT
BYc0UQNWHZGF0FSdAqK7f56Px3z4qdYSBCd6cr7CwgSesc7j4UOgHn8yC5SQg5dM
E4R3xmH3vhQ/OjHbtndUnVCZrAPEIp7D5t4TYxiAs8IcJ/M4q1hsiriAwer58Th2
EwFZr+3DBTu59SjJcFEXHXbZDeEd9mNYJ3nUX0KmRwgzU7dXyGWYChNty1xeUqto
ORtpVpddqHNaTPjVWptqQDrucS4k4L9opLl3697b7uRSvIZsQndj8QE=
-----END CERTIFICATE-----
Generated at Thu May 7 05:38:06 2026 by rpki-client