Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
File: 3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: NyMF870Gj84R8/R0LgoptOmyZ/EQ7voIasZERLJ9+do=
Subject key identifier: F9:B3:F8:91:81:52:44:2E:86:A7:E3:9B:E2:CD:94:7A:D4:34:FF:28
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 38E096BD15240F3AD4243D7C1F2605275906CA69
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 17 Apr 2026 08:23:44 +0000
ROA not before: Fri 17 Apr 2026 08:18:44 +0000
ROA not after: Fri 16 Apr 2027 08:23:44 +0000
asID: 207137
IP address blocks: 185.214.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 10:56:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e0:96:bd:15:24:0f:3a:d4:24:3d:7c:1f:26:05:27:59:06:ca:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 17 08:18:44 2026 GMT
Not After : Apr 16 08:23:44 2027 GMT
Subject: CN=F9B3F8918152442E86A7E39BE2CD947AD434FF28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:58:ad:9f:e4:3f:c3:90:d0:0e:0b:78:13:0a:
12:c0:4b:ac:7e:98:52:34:50:20:8f:09:ca:fd:ee:
4d:f1:5f:61:99:c8:7c:9e:c0:61:2a:6b:1d:37:d8:
63:14:4d:a4:58:f7:32:a1:a0:e2:56:ee:ec:e8:d7:
f9:0b:dd:34:0c:43:c2:27:95:1c:ed:dc:73:77:9d:
07:b6:7e:cb:c3:87:d1:52:49:17:94:fc:ef:75:f0:
8b:8e:ee:a5:9b:df:98:18:04:d9:5b:42:69:2b:fe:
2a:91:0f:45:ef:c9:e6:b7:05:06:7d:64:80:8b:95:
0c:e9:fa:86:7f:e9:e1:99:d4:87:b0:84:ef:d6:0f:
7c:58:ff:a1:bb:5a:5e:e1:87:66:bd:9b:1a:4c:a4:
f9:15:37:7d:e8:ef:3b:33:09:77:cf:a6:d1:f9:bb:
dd:db:2d:99:b2:49:80:82:36:6a:cc:3b:cd:f3:97:
31:57:6d:f6:52:65:7c:a4:4c:bb:41:9c:94:ff:83:
95:31:2f:ea:45:30:12:9c:25:01:3a:94:4c:d1:7f:
03:eb:5f:75:41:e5:6e:de:24:62:1e:47:ef:94:50:
8e:92:5a:5f:fe:41:46:38:49:98:7c:d9:ea:94:79:
38:c7:74:f3:a7:33:13:57:8e:96:51:1a:10:79:df:
e8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B3:F8:91:81:52:44:2E:86:A7:E3:9B:E2:CD:94:7A:D4:34:FF:28
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39372e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.97.0/24
Signature Algorithm: sha256WithRSAEncryption
59:45:2c:d3:20:84:5d:d7:f7:c2:48:ec:89:69:37:07:65:d1:
db:8f:9c:75:3d:b9:ee:3b:9d:14:d5:d6:b4:54:15:06:f6:ea:
ae:92:2d:9e:5d:04:08:ed:40:7e:63:a5:9c:37:98:6c:e1:d2:
65:0a:6c:fa:9e:08:8f:30:58:29:0f:8f:36:c6:0b:30:af:d4:
4c:43:02:de:21:b0:18:13:6a:ab:7c:2b:77:5c:7d:ce:0f:ad:
0d:b2:7c:c7:f8:1b:f1:c7:3e:8c:d2:82:37:18:85:80:da:19:
87:2d:c3:9c:34:d7:93:a3:51:82:a2:3d:04:9b:f7:59:57:80:
78:b1:8f:77:06:46:f9:de:4e:21:8d:d6:2f:9b:a5:87:54:b8:
aa:9b:f3:66:ca:d7:8c:b9:aa:89:39:c2:0c:99:84:46:38:b0:
4c:36:e2:c4:84:fb:d5:9b:48:42:b1:66:a0:19:7a:6a:4a:c0:
59:4b:fc:c5:76:73:eb:9d:f0:ce:03:f7:65:47:b5:6a:13:5b:
50:08:d6:2f:b0:ad:3c:4b:7a:76:9a:57:10:1f:a0:59:e8:50:
fa:35:eb:e2:d9:02:bf:0e:3a:19:8b:a9:26:3b:68:33:9b:dc:
42:77:6a:2a:07:07:f7:68:59:3b:a5:74:e6:ae:f5:b2:26:5c:
5f:61:77:e8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOOCWvRUkDzrUJD18HyYFJ1kGymkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTcwODE4NDRaFw0yNzA0MTYwODIzNDRaMDMxMTAvBgNV
BAMTKEY5QjNGODkxODE1MjQ0MkU4NkE3RTM5QkUyQ0Q5NDdBRDQzNEZGMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChWK2f5D/DkNAOC3gTChLAS6x+
mFI0UCCPCcr97k3xX2GZyHyewGEqax032GMUTaRY9zKhoOJW7uzo1/kL3TQMQ8In
lRzt3HN3nQe2fsvDh9FSSReU/O918IuO7qWb35gYBNlbQmkr/iqRD0Xvyea3BQZ9
ZICLlQzp+oZ/6eGZ1IewhO/WD3xY/6G7Wl7hh2a9mxpMpPkVN33o7zszCXfPptH5
u93bLZmySYCCNmrMO83zlzFXbfZSZXykTLtBnJT/g5UxL+pFMBKcJQE6lEzRfwPr
X3VB5W7eJGIeR++UUI6SWl/+QUY4SZh82eqUeTjHdPOnMxNXjpZRGhB53+irAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+bP4kYFSRC6Gp+Ob4s2UetQ0/ygwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mEwDQYJKoZIhvcNAQELBQADggEBAFlFLNMghF3X98JI7IlpNwdl0duPnHU9
ue47nRTV1rRUFQb26q6SLZ5dBAjtQH5jpZw3mGzh0mUKbPqeCI8wWCkPjzbGCzCv
1ExDAt4hsBgTaqt8K3dcfc4PrQ2yfMf4G/HHPozSgjcYhYDaGYctw5w015OjUYKi
PQSb91lXgHixj3cGRvneTiGN1i+bpYdUuKqb82bK14y5qok5wgyZhEY4sEw24sSE
+9WbSEKxZqAZempKwFlL/MV2c+ud8M4D92VHtWoTW1AI1i+wrTxLenaaVxAfoFno
UPo16+LZAr8OOhmLqSY7aDOb3EJ3aioHB/doWTuldOau9bImXF9hd+g=
-----END CERTIFICATE-----
Generated at Sun Apr 19 23:03:32 2026 by rpki-client