Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e37302e302f32342d3234203d3e203633343733.roa
File: 3137362e3132362e37302e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: iIiNK8JgB+GHzRZBH8PvNN/LIjJDPURqNuCjj8IbndI=
Subject key identifier: B4:56:56:E3:73:1C:CE:48:7F:43:DB:2F:02:E5:57:83:8B:4A:D8:60
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5C97DC385DBAF634F3B146C0EEBF6F8C5DC474B8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e37302e302f32342d3234203d3e203633343733.roa
Signing time: Sun 24 May 2026 09:24:28 +0000
ROA not before: Sun 24 May 2026 09:19:28 +0000
ROA not after: Sun 23 May 2027 09:24:28 +0000
asID: 63473
IP address blocks: 176.126.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:97:dc:38:5d:ba:f6:34:f3:b1:46:c0:ee:bf:6f:8c:5d:c4:74:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 24 09:19:28 2026 GMT
Not After : May 23 09:24:28 2027 GMT
Subject: CN=B45656E3731CCE487F43DB2F02E557838B4AD860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ae:f8:83:da:88:80:90:4a:a1:8c:47:55:de:
a3:12:1b:18:8e:5a:f5:8d:9b:6a:69:15:18:a0:25:
cb:32:51:80:de:53:70:90:fb:26:0e:bb:dd:07:3b:
cf:2a:ef:d4:e3:93:18:1f:d4:51:30:5b:6a:46:98:
c8:77:1b:ce:da:3c:f9:b1:95:05:a2:22:42:20:57:
fe:fd:fe:0e:e8:29:f0:19:fd:3c:54:bb:ea:da:42:
b1:be:11:fb:ec:e0:cd:60:59:d7:1e:aa:75:1d:ce:
cf:d1:72:58:f4:6e:fd:85:51:1d:34:86:86:e0:e6:
a3:91:8f:cd:56:bc:8e:2d:4b:2f:03:d2:90:14:b2:
86:4f:58:6c:35:24:93:3f:d5:53:bc:4e:fa:a7:39:
1d:4b:d2:dc:3a:49:f6:9b:b6:5a:c3:2e:46:7e:02:
55:a4:46:ef:df:a4:80:97:db:0f:16:9d:48:da:07:
76:1f:42:db:5c:d4:40:37:81:71:ea:a0:b1:a8:f7:
01:d6:f9:25:c0:ed:c3:85:5d:30:38:ef:07:e1:47:
c9:5f:10:b3:b7:58:20:36:5d:8d:4d:45:5b:2e:36:
01:41:2c:66:ad:62:ca:9b:6a:4e:3a:bf:e0:e5:a6:
81:58:70:3a:a4:1b:dd:8f:4a:9d:70:e3:40:0d:0c:
53:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:56:56:E3:73:1C:CE:48:7F:43:DB:2F:02:E5:57:83:8B:4A:D8:60
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e37302e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.70.0/24
Signature Algorithm: sha256WithRSAEncryption
48:20:13:19:f1:ad:c8:19:8e:0d:70:cc:fc:cc:13:d9:fa:25:
47:53:cf:1f:0d:9c:26:ea:27:d0:40:3f:27:e0:bc:bd:f5:36:
f8:db:98:18:fe:4d:17:6c:4c:85:25:c0:1e:24:e4:94:35:56:
29:70:d9:bf:ab:bf:da:51:d4:fb:55:9b:48:be:c0:1e:e8:ec:
59:74:86:1e:c7:e1:ee:b6:41:9e:5d:8f:62:dc:1b:45:a4:54:
e7:3a:51:ef:ad:e2:b2:ba:c3:cd:06:33:54:cf:3b:27:81:01:
9c:4c:a3:b5:37:37:49:42:44:44:3d:c0:45:89:b5:2a:8f:53:
84:9a:3e:7e:b9:1b:31:29:5e:06:4e:f2:b8:20:30:be:c9:28:
31:f9:1b:04:34:39:01:fe:be:2d:43:45:e7:78:53:1e:31:99:
6b:26:2e:f4:25:56:59:09:0a:aa:8e:e9:22:40:7e:8f:0f:ce:
ef:14:75:49:dc:5c:86:91:23:4a:62:ab:ff:87:79:dd:f5:09:
15:92:30:e7:be:75:63:09:40:e4:3a:28:1e:31:b3:0e:4f:7c:
0e:38:13:75:a2:96:92:cc:05:49:33:15:bb:f0:85:7f:b0:52:
7c:c9:04:29:30:01:f5:89:61:d0:3d:62:df:6f:1f:5e:6c:bb:
e5:1d:62:f6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXJfcOF269jTzsUbA7r9vjF3EdLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjQwOTE5MjhaFw0yNzA1MjMwOTI0MjhaMDMxMTAvBgNV
BAMTKEI0NTY1NkUzNzMxQ0NFNDg3RjQzREIyRjAyRTU1NzgzOEI0QUQ4NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkrviD2oiAkEqhjEdV3qMSGxiO
WvWNm2ppFRigJcsyUYDeU3CQ+yYOu90HO88q79Tjkxgf1FEwW2pGmMh3G87aPPmx
lQWiIkIgV/79/g7oKfAZ/TxUu+raQrG+Efvs4M1gWdceqnUdzs/Rclj0bv2FUR00
hobg5qORj81WvI4tSy8D0pAUsoZPWGw1JJM/1VO8TvqnOR1L0tw6SfabtlrDLkZ+
AlWkRu/fpICX2w8WnUjaB3YfQttc1EA3gXHqoLGo9wHW+SXA7cOFXTA47wfhR8lf
ELO3WCA2XY1NRVsuNgFBLGatYsqbak46v+DlpoFYcDqkG92PSp1w40ANDFMNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUtFZW43Mczkh/Q9svAuVXg4tK2GAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM3
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
sH5GMA0GCSqGSIb3DQEBCwUAA4IBAQBIIBMZ8a3IGY4NcMz8zBPZ+iVHU88fDZwm
6ifQQD8n4Ly99Tb425gY/k0XbEyFJcAeJOSUNVYpcNm/q7/aUdT7VZtIvsAe6OxZ
dIYex+HutkGeXY9i3BtFpFTnOlHvreKyusPNBjNUzzsngQGcTKO1NzdJQkREPcBF
ibUqj1OEmj5+uRsxKV4GTvK4IDC+ySgx+RsENDkB/r4tQ0XneFMeMZlrJi70JVZZ
CQqqjukiQH6PD87vFHVJ3FyGkSNKYqv/h3nd9QkVkjDnvnVjCUDkOigeMbMOT3wO
OBN1opaSzAVJMxW78IV/sFJ8yQQpMAH1iWHQPWLfbx9ebLvlHWL2
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:18:13 2026 by rpki-client