Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138332e35322e302f32342d3234203d3e20313336373837.roa
File: 3138352e3138332e35322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: KXlUe/+YEQBUgAGAnyL+j6O0E8WIKjhLJThWl14mIlM=
Subject key identifier: 92:9F:AB:26:DA:BE:0E:9B:1E:DB:F0:10:61:53:9E:C0:A2:3A:D3:9E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 513E9FB103036FF184276CB8A3A5A25F9C298EEB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138332e35322e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 18 Apr 2026 08:23:48 +0000
ROA not before: Sat 18 Apr 2026 08:18:48 +0000
ROA not after: Sat 17 Apr 2027 08:23:48 +0000
asID: 136787
IP address blocks: 185.183.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 10:56:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:3e:9f:b1:03:03:6f:f1:84:27:6c:b8:a3:a5:a2:5f:9c:29:8e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 18 08:18:48 2026 GMT
Not After : Apr 17 08:23:48 2027 GMT
Subject: CN=929FAB26DABE0E9B1EDBF01061539EC0A23AD39E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:24:b8:ea:b2:e8:0a:81:f4:d4:31:75:df:d9:
df:cf:4e:98:7a:a1:f3:e7:83:22:b6:a5:c5:02:bc:
ce:36:c2:90:dd:8e:73:e7:09:c4:20:6c:13:e9:f4:
b3:41:71:49:cd:5d:9a:90:ef:2d:3a:0d:7b:79:fb:
78:11:d2:78:23:03:1f:52:f3:94:79:a2:74:48:59:
0d:b5:7d:61:e6:ad:e2:e7:d8:c3:da:6f:ad:4c:77:
0f:a4:9e:c9:ae:18:19:4a:72:5e:9c:21:dd:7d:62:
4d:30:78:e5:fe:14:c5:23:8c:bf:3a:f8:6e:f3:c0:
b3:6e:8e:07:a0:ae:c8:8e:65:80:49:35:75:fe:2a:
f2:8a:97:ad:08:6f:95:6b:d9:3c:1e:b1:cc:90:82:
c9:f9:4a:ed:6d:22:19:be:2c:7c:9b:3e:7d:3e:3b:
72:dd:a5:39:22:54:38:17:72:fa:d8:e7:72:8c:d6:
4a:b8:2f:ae:03:6e:4f:99:5d:35:13:df:6d:7c:e7:
30:25:48:cd:c0:2b:02:9f:f5:ae:61:25:8d:94:71:
8f:e5:19:b2:2b:29:77:c6:70:3b:c3:8a:de:ed:41:
c9:a9:60:f3:7f:2a:04:4b:c2:28:3d:6a:23:b6:db:
f5:91:7c:d1:b3:5c:6a:11:64:fb:53:4d:82:b7:f5:
6e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9F:AB:26:DA:BE:0E:9B:1E:DB:F0:10:61:53:9E:C0:A2:3A:D3:9E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138332e35322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.52.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:41:a9:6c:2b:3e:81:53:86:aa:0d:44:12:12:35:ea:f7:d9:
27:6d:e9:5f:dd:3a:ee:45:32:00:c2:f5:d3:42:bb:bd:d6:73:
b4:59:e9:3c:e8:66:d5:76:4f:4d:17:4a:a1:68:01:49:70:ad:
e6:60:04:76:57:d0:22:5b:55:72:b8:4b:f7:85:3a:82:40:2f:
04:63:0e:e4:1e:5a:18:1b:1d:54:4d:39:40:f6:85:74:35:b7:
04:91:d2:04:23:32:67:19:cb:d8:7e:e8:2e:98:fd:3a:58:f5:
7d:28:a6:ef:8a:38:c4:49:d0:73:65:5a:bf:6c:85:f7:de:53:
14:e3:ab:9f:78:b3:f6:a0:bb:d0:f0:07:21:da:7f:62:59:8e:
4a:6b:75:f3:69:23:a1:a9:f9:6b:ed:e1:fe:f9:db:a5:30:76:
e6:1a:e7:65:d1:e7:88:1c:7f:1c:e6:41:a0:7f:75:63:1c:ca:
6b:d2:e7:dc:da:6d:a5:e9:43:f7:2b:bd:18:f6:5b:de:ae:4c:
80:b8:72:ac:71:66:b4:ac:49:e9:68:2b:38:33:76:4b:52:d8:
d1:d9:37:79:9c:e8:d6:50:1e:18:ba:56:4b:50:47:08:9d:90:
75:3c:97:52:8a:3d:97:49:76:28:f9:af:14:4d:c3:7b:88:f9:
50:1d:79:83
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUT6fsQMDb/GEJ2y4o6WiX5wpjuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTgwODE4NDhaFw0yNzA0MTcwODIzNDhaMDMxMTAvBgNV
BAMTKDkyOUZBQjI2REFCRTBFOUIxRURCRjAxMDYxNTM5RUMwQTIzQUQzOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnJLjqsugKgfTUMXXf2d/PTph6
ofPngyK2pcUCvM42wpDdjnPnCcQgbBPp9LNBcUnNXZqQ7y06DXt5+3gR0ngjAx9S
85R5onRIWQ21fWHmreLn2MPab61Mdw+knsmuGBlKcl6cId19Yk0weOX+FMUjjL86
+G7zwLNujgegrsiOZYBJNXX+KvKKl60Ib5Vr2TwescyQgsn5Su1tIhm+LHybPn0+
O3LdpTkiVDgXcvrY53KM1kq4L64Dbk+ZXTUT32185zAlSM3AKwKf9a5hJY2UcY/l
GbIrKXfGcDvDit7tQcmpYPN/KgRLwig9aiO22/WRfNGzXGoRZPtTTYK39W71AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkp+rJtq+Dpse2/AQYVOewKI6054wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzMyZTM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5tzQwDQYJKoZIhvcNAQELBQADggEBAA1BqWwrPoFThqoNRBISNer32Sdt6V/d
Ou5FMgDC9dNCu73Wc7RZ6TzoZtV2T00XSqFoAUlwreZgBHZX0CJbVXK4S/eFOoJA
LwRjDuQeWhgbHVRNOUD2hXQ1twSR0gQjMmcZy9h+6C6Y/TpY9X0opu+KOMRJ0HNl
Wr9shffeUxTjq594s/agu9DwByHaf2JZjkprdfNpI6Gp+Wvt4f7526UwduYa52XR
54gcfxzmQaB/dWMcymvS59zabaXpQ/crvRj2W96uTIC4cqxxZrSsSeloKzgzdktS
2NHZN3mc6NZQHhi6VktQRwidkHU8l1KKPZdJdij5rxRNw3uI+VAdeYM=
-----END CERTIFICATE-----
Generated at Sun Apr 19 23:06:39 2026 by rpki-client