Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138332e35332e302f32342d3234203d3e20313336373837.roa
File: 3138352e3138332e35332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: pkvayj6F07ddHbjdU9hm5UGkqlej04rtXeTwDGwsEug=
Subject key identifier: 1D:EA:55:AE:A7:B7:E4:A4:A5:73:0A:A8:B3:D9:FF:68:AE:CB:EE:67
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 454F0918AA6BB0BF9A2C97974EB40B496F571DE6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138332e35332e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 18 Apr 2026 08:23:48 +0000
ROA not before: Sat 18 Apr 2026 08:18:48 +0000
ROA not after: Sat 17 Apr 2027 08:23:48 +0000
asID: 136787
IP address blocks: 185.183.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 12:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:4f:09:18:aa:6b:b0:bf:9a:2c:97:97:4e:b4:0b:49:6f:57:1d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 18 08:18:48 2026 GMT
Not After : Apr 17 08:23:48 2027 GMT
Subject: CN=1DEA55AEA7B7E4A4A5730AA8B3D9FF68AECBEE67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:86:66:63:69:be:5e:67:7b:80:40:aa:70:6c:
0c:77:0c:c9:2a:26:cc:51:13:39:18:e6:c7:e4:13:
cc:6e:5f:aa:3d:33:d2:c7:8e:89:81:f5:62:3d:86:
30:cc:a9:41:fd:3b:4f:66:75:91:68:26:df:8e:b4:
f7:39:97:b0:9f:83:54:7e:6f:70:6b:44:c2:d0:b2:
4a:ea:e1:06:b9:d5:68:af:e0:4b:28:e1:05:d3:91:
44:f5:52:b8:88:cb:4a:ca:77:ee:9d:9b:18:ca:b4:
18:77:41:65:d7:23:aa:e1:fb:e5:95:6e:3f:8a:51:
84:88:f3:af:9a:1f:b0:c9:2d:1b:47:e9:00:b9:17:
a7:72:c3:0d:5f:e3:f2:8e:31:fd:a3:08:e2:9f:10:
e8:a1:64:3a:0d:ff:f7:f2:cf:b9:09:cd:7c:d5:51:
da:9f:a1:e6:dd:67:f7:06:90:c6:ef:c9:3a:d4:54:
c6:e3:3f:aa:a5:f8:8b:28:4c:8a:f7:e5:fb:9e:c0:
5d:a0:fb:52:4a:d5:5a:2f:9b:70:30:64:1e:5f:ee:
ce:63:4b:d6:4c:62:b6:35:5a:38:69:52:47:e7:51:
f5:84:6c:83:4f:60:bd:b5:a5:53:cb:d1:11:91:0d:
93:2a:14:45:b4:6d:e6:cb:0f:ca:70:bf:1b:c2:a2:
e1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EA:55:AE:A7:B7:E4:A4:A5:73:0A:A8:B3:D9:FF:68:AE:CB:EE:67
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138332e35332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.183.53.0/24
Signature Algorithm: sha256WithRSAEncryption
09:00:c0:b1:bb:80:8b:04:b1:96:91:b7:7c:8f:e8:44:4b:de:
83:e2:14:cb:0c:d0:d4:b1:d5:65:dd:86:0b:a3:22:4f:50:53:
b9:ab:f0:23:83:e0:2f:eb:21:7f:80:97:49:6c:d2:d8:a1:fb:
41:a5:c2:b7:6a:82:3f:02:90:d0:48:d1:7f:a7:a1:35:cf:ec:
23:22:76:7c:8f:2b:ee:ed:45:d3:c1:72:85:4d:2e:d0:d2:41:
8b:f6:8c:3c:2a:a9:38:7f:c5:48:4a:09:9b:82:d2:61:a6:6f:
30:7c:d1:77:33:ce:7a:e9:4f:98:68:f8:99:0f:15:6d:58:f8:
64:3c:fe:e4:68:47:8d:a5:da:e9:a1:a0:0b:d9:3e:93:c9:8a:
5a:de:c8:f7:30:d5:fe:6b:3e:8b:b7:18:cb:a6:00:24:96:c8:
b0:c4:23:7c:9b:47:1f:46:1f:f0:03:83:37:c8:a7:94:3b:f3:
4c:0f:cc:6d:7d:2c:99:10:d2:0d:d9:88:7d:a7:e3:23:11:b0:
25:7a:7f:fc:53:0b:05:07:41:2a:44:33:0b:3e:c2:33:7a:71:
ce:17:94:60:90:ec:46:e2:6f:92:0a:0e:ba:d6:c5:65:52:b8:
ea:f6:11:3e:24:6b:43:e4:a9:55:96:bd:6e:4d:b6:d8:bd:a7:
7d:13:8f:9c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURU8JGKprsL+aLJeXTrQLSW9XHeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTgwODE4NDhaFw0yNzA0MTcwODIzNDhaMDMxMTAvBgNV
BAMTKDFERUE1NUFFQTdCN0U0QTRBNTczMEFBOEIzRDlGRjY4QUVDQkVFNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrhmZjab5eZ3uAQKpwbAx3DMkq
JsxREzkY5sfkE8xuX6o9M9LHjomB9WI9hjDMqUH9O09mdZFoJt+OtPc5l7Cfg1R+
b3BrRMLQskrq4Qa51Wiv4Eso4QXTkUT1UriIy0rKd+6dmxjKtBh3QWXXI6rh++WV
bj+KUYSI86+aH7DJLRtH6QC5F6dyww1f4/KOMf2jCOKfEOihZDoN//fyz7kJzXzV
UdqfoebdZ/cGkMbvyTrUVMbjP6ql+IsoTIr35fuewF2g+1JK1Vovm3AwZB5f7s5j
S9ZMYrY1WjhpUkfnUfWEbINPYL21pVPL0RGRDZMqFEW0bebLD8pwvxvCouF/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHepVrqe35KSlcwqos9n/aK7L7mcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzMyZTM1
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5tzUwDQYJKoZIhvcNAQELBQADggEBAAkAwLG7gIsEsZaRt3yP6ERL3oPiFMsM
0NSx1WXdhgujIk9QU7mr8COD4C/rIX+Al0ls0tih+0Glwrdqgj8CkNBI0X+noTXP
7CMidnyPK+7tRdPBcoVNLtDSQYv2jDwqqTh/xUhKCZuC0mGmbzB80XczznrpT5ho
+JkPFW1Y+GQ8/uRoR42l2umhoAvZPpPJilreyPcw1f5rPou3GMumACSWyLDEI3yb
Rx9GH/ADgzfIp5Q780wPzG19LJkQ0g3ZiH2n4yMRsCV6f/xTCwUHQSpEMws+wjN6
cc4XlGCQ7Ebib5IKDrrWxWVSuOr2ET4ka0PkqVWWvW5Ntti9p30Tj5w=
-----END CERTIFICATE-----
Generated at Mon Apr 27 21:57:53 2026 by rpki-client