Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136342e35322e302f32342d3234203d3e20323134393134.roa
File: 3138352e3136342e35322e302f32342d3234203d3e20323134393134.roa (raw, json)
Hash identifier: 6Mfq3Vzt6mW98hLdAeeDQZ8eVAcjnTqSS10pDjN3SAE=
Subject key identifier: D0:48:63:0D:4A:D3:55:16:77:ED:33:E5:6C:8F:60:B5:3E:F8:6C:81
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4BB55219E1CE5F952B4F0FDFDC7B26E6382FB4DE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136342e35322e302f32342d3234203d3e20323134393134.roa
Signing time: Tue 21 Apr 2026 07:23:49 +0000
ROA not before: Tue 21 Apr 2026 07:18:49 +0000
ROA not after: Tue 20 Apr 2027 07:23:49 +0000
asID: 214914
IP address blocks: 185.164.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:b5:52:19:e1:ce:5f:95:2b:4f:0f:df:dc:7b:26:e6:38:2f:b4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 21 07:18:49 2026 GMT
Not After : Apr 20 07:23:49 2027 GMT
Subject: CN=D048630D4AD3551677ED33E56C8F60B53EF86C81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:c8:8e:b1:a5:db:8b:2e:86:7d:10:01:24:a3:
50:bd:83:94:86:d1:4b:47:cf:9e:25:9b:b6:81:c8:
fd:18:7e:81:a1:b3:88:64:8b:eb:d6:30:e0:c5:ea:
81:9b:25:ac:47:eb:90:62:6f:fc:ad:03:ef:9f:0a:
5a:f5:43:e1:e2:0c:57:c1:59:f2:32:9b:c0:83:c7:
ad:f5:2b:99:a1:34:f6:dc:11:ce:9e:c5:34:81:02:
61:ca:ca:a8:f2:f1:4c:18:3f:33:0a:7f:de:0e:ca:
fc:75:8a:d1:4a:ca:2d:0d:9a:31:c0:76:5e:2f:6b:
e6:d5:75:ce:14:44:ba:df:e4:20:11:e2:ca:e7:db:
c3:89:ef:63:86:02:74:bf:20:f8:a9:64:16:f0:96:
7d:01:dc:e5:81:dc:12:72:56:80:eb:59:dd:cc:df:
0a:38:22:b5:0e:66:d1:55:94:7e:b2:ab:9c:6f:8c:
99:72:36:63:f6:71:8a:37:a1:f6:89:75:e9:13:e9:
dc:7a:02:cd:11:49:74:84:bd:17:fa:df:ee:cc:ef:
b1:a4:7d:b2:f4:eb:5c:ea:f6:7f:d2:08:a6:e8:9c:
b9:4a:79:3b:21:b6:12:5c:5c:ec:41:b2:23:90:68:
9c:8d:71:14:5c:ae:52:a2:85:fd:fc:14:f7:12:42:
77:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:48:63:0D:4A:D3:55:16:77:ED:33:E5:6C:8F:60:B5:3E:F8:6C:81
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136342e35322e302f32342d3234203d3e20323134393134.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.52.0/24
Signature Algorithm: sha256WithRSAEncryption
17:11:af:c7:60:a7:4a:55:91:3f:70:12:7f:17:80:8c:d4:3a:
21:af:00:f6:7a:48:6a:73:5e:61:24:26:47:41:8a:94:62:b8:
fc:c9:c0:9c:62:e6:c1:5c:59:30:42:0f:e8:e6:78:1e:de:6d:
83:eb:38:4f:ed:7b:42:75:99:f0:df:92:40:f5:ea:97:75:be:
d2:99:79:c5:6e:3c:28:56:4e:fa:56:5e:3e:76:42:38:a0:57:
d3:c5:bf:a1:2c:43:cc:59:a6:ed:c5:60:6e:d7:dd:68:f4:a0:
01:c4:ed:c4:b7:67:0d:bf:10:b2:2a:1f:81:1e:96:05:31:42:
6a:a8:aa:38:cc:fb:e0:4a:e4:28:82:06:d0:37:84:37:c3:42:
6e:8f:cb:34:df:9a:4d:90:50:8f:93:08:29:83:2e:dc:65:72:
eb:d5:8b:11:ce:7b:81:4b:9b:e1:2c:15:8c:ff:83:99:79:8b:
7c:2a:4b:dc:e9:65:e7:19:ab:1c:fc:ea:63:44:6a:34:79:73:
28:11:77:fc:39:35:d8:f7:d9:e1:bd:ad:c0:28:ee:ca:fb:70:
f5:8f:a5:56:db:13:ea:f5:70:40:f4:f6:f1:f3:b6:79:1c:cb:
82:28:ac:aa:47:69:b8:4e:be:6c:a7:32:f0:70:55:73:3e:0a:
37:94:76:17
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUS7VSGeHOX5UrTw/f3Hsm5jgvtN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjEwNzE4NDlaFw0yNzA0MjAwNzIzNDlaMDMxMTAvBgNV
BAMTKEQwNDg2MzBENEFEMzU1MTY3N0VEMzNFNTZDOEY2MEI1M0VGODZDODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjyI6xpduLLoZ9EAEko1C9g5SG
0UtHz54lm7aByP0YfoGhs4hki+vWMODF6oGbJaxH65Bib/ytA++fClr1Q+HiDFfB
WfIym8CDx631K5mhNPbcEc6exTSBAmHKyqjy8UwYPzMKf94Oyvx1itFKyi0NmjHA
dl4va+bVdc4URLrf5CAR4srn28OJ72OGAnS/IPipZBbwln0B3OWB3BJyVoDrWd3M
3wo4IrUOZtFVlH6yq5xvjJlyNmP2cYo3ofaJdekT6dx6As0RSXSEvRf63+7M77Gk
fbL061zq9n/SCKbonLlKeTshthJcXOxBsiOQaJyNcRRcrlKihf38FPcSQnexAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0EhjDUrTVRZ37TPlbI9gtT74bIEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM2MzQyZTM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzOTMxMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5pDQwDQYJKoZIhvcNAQELBQADggEBABcRr8dgp0pVkT9wEn8XgIzUOiGvAPZ6
SGpzXmEkJkdBipRiuPzJwJxi5sFcWTBCD+jmeB7ebYPrOE/te0J1mfDfkkD16pd1
vtKZecVuPChWTvpWXj52QjigV9PFv6EsQ8xZpu3FYG7X3Wj0oAHE7cS3Zw2/ELIq
H4EelgUxQmqoqjjM++BK5CiCBtA3hDfDQm6PyzTfmk2QUI+TCCmDLtxlcuvVixHO
e4FLm+EsFYz/g5l5i3wqS9zpZecZqxz86mNEajR5cygRd/w5Ndj32eG9rcAo7sr7
cPWPpVbbE+r1cED09vHztnkcy4IorKpHabhOvmynMvBwVXM+CjeUdhc=
-----END CERTIFICATE-----
Generated at Wed May 13 10:42:39 2026 by rpki-client