Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
File: 3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: HAacSXYAzocxWdp2J/Iwn/jK9nmP5cSPd4FCRwrxz10=
Subject key identifier: 23:F4:E2:52:8E:04:C2:94:DB:71:84:E9:CD:A1:41:84:6F:D0:05:7E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2E0852BF3816F504A3AE51C2AE317927162EF6F1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 17 Apr 2026 08:23:44 +0000
ROA not before: Fri 17 Apr 2026 08:18:44 +0000
ROA not after: Fri 16 Apr 2027 08:23:44 +0000
asID: 207137
IP address blocks: 185.214.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 10:56:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:08:52:bf:38:16:f5:04:a3:ae:51:c2:ae:31:79:27:16:2e:f6:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 17 08:18:44 2026 GMT
Not After : Apr 16 08:23:44 2027 GMT
Subject: CN=23F4E2528E04C294DB7184E9CDA141846FD0057E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:45:91:c4:ea:d7:f7:f6:46:d5:31:f3:e7:1f:
fe:d0:c9:b0:ae:af:7b:d5:e8:40:e0:40:5d:10:3d:
63:34:f9:51:38:8f:59:6e:6a:10:fb:94:15:a1:b1:
09:d6:63:18:f0:12:7b:a2:c8:5a:43:51:d7:18:58:
41:83:36:a2:e4:78:51:27:34:53:1f:4f:ab:fd:3e:
45:ed:9f:f5:b7:82:18:86:be:13:20:24:d7:b5:4b:
98:21:87:ae:23:4d:88:67:46:fe:3f:44:74:f2:74:
fc:fc:07:3d:29:e4:e0:42:8b:18:20:4d:40:3b:e7:
52:e3:4c:e5:13:3b:ee:4e:c3:64:6c:e7:d4:8e:06:
8b:b4:cd:86:3d:1e:3e:b8:62:8f:7e:9d:6d:f4:84:
05:3f:ed:41:47:5c:7c:b7:04:30:97:c8:f3:d7:e1:
bf:52:7c:e2:81:f7:d0:ba:49:37:fb:63:39:ad:6e:
63:6d:fa:1c:c8:4b:9b:eb:63:90:cd:cc:ea:5d:60:
01:24:51:42:e8:4e:5d:52:43:dd:3a:82:03:dc:02:
0c:a7:c2:4f:4a:ce:d7:0b:c9:97:f1:95:7c:39:2a:
c0:24:e7:72:86:18:d0:47:96:48:7b:f5:1a:1d:0b:
9f:cb:6c:fc:16:d2:d1:bd:a1:a5:5d:90:6b:d0:67:
ed:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F4:E2:52:8E:04:C2:94:DB:71:84:E9:CD:A1:41:84:6F:D0:05:7E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39362e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.96.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:e1:e5:57:fd:98:07:3f:8a:2e:e3:34:54:b6:0f:f7:34:a4:
fa:b9:a5:2d:e1:b4:1e:54:55:eb:fc:dc:b2:1e:39:f4:c8:75:
97:35:b1:02:61:76:b8:cd:76:9f:92:3a:d3:2e:0b:27:de:94:
e6:51:3e:14:3f:ae:b4:00:65:e4:d1:ca:1f:54:42:a7:52:19:
c9:e7:7f:09:cd:9f:f2:1a:30:c6:37:7c:30:78:76:3e:50:04:
34:2b:b9:5a:a7:47:13:42:ca:c4:d8:6e:f6:5c:da:29:e5:4c:
97:48:76:7c:f2:01:e3:4f:26:dc:19:0d:f6:eb:e7:d5:db:eb:
0d:9a:b9:10:73:ad:0d:80:37:b1:90:c8:62:51:7e:b2:be:3a:
55:10:9e:d4:e7:66:04:28:67:eb:15:8b:61:5c:4e:ae:d4:e2:
b8:d0:79:32:e6:47:05:47:cd:84:cb:7d:c7:61:ff:07:ff:27:
79:3d:c5:4d:b4:03:74:36:cb:dd:d2:6f:47:77:1e:d1:f4:4c:
af:52:36:1a:1a:fd:fa:d5:c4:1d:bb:19:d1:0d:13:2b:ad:13:
d1:10:06:cd:2a:8d:4f:19:4e:85:75:ec:b9:2c:ef:16:65:a1:
77:b6:e9:38:ba:a5:cf:b4:1e:69:c9:0b:89:48:78:37:8a:98:
36:3b:77:f4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULghSvzgW9QSjrlHCrjF5JxYu9vEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTcwODE4NDRaFw0yNzA0MTYwODIzNDRaMDMxMTAvBgNV
BAMTKDIzRjRFMjUyOEUwNEMyOTREQjcxODRFOUNEQTE0MTg0NkZEMDA1N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMRZHE6tf39kbVMfPnH/7QybCu
r3vV6EDgQF0QPWM0+VE4j1luahD7lBWhsQnWYxjwEnuiyFpDUdcYWEGDNqLkeFEn
NFMfT6v9PkXtn/W3ghiGvhMgJNe1S5ghh64jTYhnRv4/RHTydPz8Bz0p5OBCixgg
TUA751LjTOUTO+5Ow2Rs59SOBou0zYY9Hj64Yo9+nW30hAU/7UFHXHy3BDCXyPPX
4b9SfOKB99C6STf7YzmtbmNt+hzIS5vrY5DNzOpdYAEkUULoTl1SQ906ggPcAgyn
wk9KztcLyZfxlXw5KsAk53KGGNBHlkh79RodC5/LbPwW0tG9oaVdkGvQZ+3nAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUI/TiUo4EwpTbcYTpzaFBhG/QBX4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mAwDQYJKoZIhvcNAQELBQADggEBAIrh5Vf9mAc/ii7jNFS2D/c0pPq5pS3h
tB5UVev83LIeOfTIdZc1sQJhdrjNdp+SOtMuCyfelOZRPhQ/rrQAZeTRyh9UQqdS
GcnnfwnNn/IaMMY3fDB4dj5QBDQruVqnRxNCysTYbvZc2inlTJdIdnzyAeNPJtwZ
Dfbr59Xb6w2auRBzrQ2AN7GQyGJRfrK+OlUQntTnZgQoZ+sVi2FcTq7U4rjQeTLm
RwVHzYTLfcdh/wf/J3k9xU20A3Q2y93Sb0d3HtH0TK9SNhoa/frVxB27GdENEyut
E9EQBs0qjU8ZToV17Lks7xZloXe26Ti6pc+0HmnJC4lIeDeKmDY7d/Q=
-----END CERTIFICATE-----
Generated at Sun Apr 19 23:03:28 2026 by rpki-client