Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: DdqbUmFHNXtiVEhRIVRzcfFeXxH1yrJT++Jyoy04VK0=
Subject key identifier: 41:83:68:6F:13:61:F4:E4:3C:99:6C:EF:F7:D7:49:3F:82:76:C7:2B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2805CE33F66120C2136B97D7043FF7071EABEBA6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 26 May 2026 22:24:35 +0000
ROA not before: Tue 26 May 2026 22:19:35 +0000
ROA not after: Tue 25 May 2027 22:24:35 +0000
asID: 136787
IP address blocks: 185.217.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:05:ce:33:f6:61:20:c2:13:6b:97:d7:04:3f:f7:07:1e:ab:eb:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 26 22:19:35 2026 GMT
Not After : May 25 22:24:35 2027 GMT
Subject: CN=4183686F1361F4E43C996CEFF7D7493F8276C72B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7f:e1:8d:a7:31:c4:16:5d:34:42:9b:91:ba:
f6:85:fb:cd:07:94:9b:b8:c4:88:6c:60:f0:3b:cc:
8f:72:6d:ad:6b:e2:e5:27:a4:3f:46:02:05:f4:d5:
a8:5a:3d:88:30:32:39:22:28:c8:80:7b:69:69:c4:
49:55:69:17:25:08:7b:1a:cb:49:24:d9:15:fa:52:
0c:03:ea:db:4c:d2:2d:c9:a8:b2:07:4c:e5:19:9a:
b0:7f:ad:bb:64:6d:a0:c0:d2:63:66:f8:ab:c4:e6:
a0:3f:c7:1a:10:53:4b:17:15:27:53:f1:ee:c2:b9:
dc:6f:66:40:42:8b:99:ac:a2:ba:fc:13:ac:b5:ab:
e9:4c:69:af:44:a8:3f:89:74:81:2d:49:ce:7f:eb:
81:d7:5c:22:12:68:21:9d:42:e8:61:a0:24:fa:26:
34:44:6d:51:6d:ea:bf:e7:3f:73:85:a0:a3:a8:6a:
41:84:c1:1f:6c:87:85:28:31:2c:e0:87:ba:e9:62:
bc:0e:da:98:82:0f:62:7d:78:56:7e:e9:76:f3:0e:
a8:72:b4:21:1f:27:5f:b3:64:c4:45:f8:19:98:fa:
ad:62:57:f7:f9:a4:df:1c:32:2b:41:f8:81:48:cd:
0e:09:1e:b6:f2:96:ed:8e:5a:2a:1b:bd:21:ae:39:
a0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:83:68:6F:13:61:F4:E4:3C:99:6C:EF:F7:D7:49:3F:82:76:C7:2B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.168.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:22:f8:ac:14:2b:05:a1:91:ed:6e:bb:1b:05:be:17:91:f4:
2e:2e:ad:23:91:d4:f9:e7:8d:9b:5d:49:a0:5d:2d:85:d5:9d:
19:9b:f4:17:b1:14:33:36:1c:55:d7:2f:52:cb:9c:f2:ce:f1:
f2:62:42:98:7b:9a:7b:92:39:10:8f:84:e6:5b:77:74:e0:b3:
1f:90:de:e2:9a:ed:f9:c7:dc:36:89:fa:31:a3:3a:23:48:53:
2f:07:91:18:75:58:92:d4:6b:92:85:f6:db:4e:07:2b:cf:1c:
a4:a2:63:41:e0:9b:37:0d:f6:83:d8:cc:cf:86:d2:32:9d:e6:
93:e9:6b:f7:fc:45:4a:ae:af:93:28:aa:b0:ee:1e:91:0e:27:
c0:34:98:af:83:3f:be:7c:59:01:3b:aa:c0:be:e0:b3:ac:ce:
36:3f:81:c7:62:32:30:7d:0b:3b:d4:3f:a8:e0:70:c0:0f:37:
2b:b3:f3:b0:bf:b3:96:8a:64:3e:1b:2c:78:48:a2:d4:27:0a:
b1:3a:b4:f4:0f:e0:61:20:28:cf:fa:bb:f6:56:d3:ea:54:bd:
ba:c8:66:e5:42:47:48:c5:5c:a2:2f:1f:fc:f9:a2:a3:a4:f7:
3f:27:71:f2:20:ed:0a:86:01:7a:f8:42:fe:e8:ff:55:98:fa:
a1:da:23:4e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKAXOM/ZhIMITa5fXBD/3Bx6r66YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjYyMjE5MzVaFw0yNzA1MjUyMjI0MzVaMDMxMTAvBgNV
BAMTKDQxODM2ODZGMTM2MUY0RTQzQzk5NkNFRkY3RDc0OTNGODI3NkM3MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3f+GNpzHEFl00QpuRuvaF+80H
lJu4xIhsYPA7zI9yba1r4uUnpD9GAgX01ahaPYgwMjkiKMiAe2lpxElVaRclCHsa
y0kk2RX6UgwD6ttM0i3JqLIHTOUZmrB/rbtkbaDA0mNm+KvE5qA/xxoQU0sXFSdT
8e7CudxvZkBCi5msorr8E6y1q+lMaa9EqD+JdIEtSc5/64HXXCISaCGdQuhhoCT6
JjREbVFt6r/nP3OFoKOoakGEwR9sh4UoMSzgh7rpYrwO2piCD2J9eFZ+6XbzDqhy
tCEfJ1+zZMRF+BmY+q1iV/f5pN8cMitB+IFIzQ4JHrbylu2OWiobvSGuOaCDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUQYNobxNh9OQ8mWzv99dJP4J2xyswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnZqDANBgkqhkiG9w0BAQsFAAOCAQEALCL4rBQrBaGR7W67GwW+F5H0Li6t
I5HU+eeNm11JoF0thdWdGZv0F7EUMzYcVdcvUsuc8s7x8mJCmHuae5I5EI+E5lt3
dOCzH5De4prt+cfcNon6MaM6I0hTLweRGHVYktRrkoX2204HK88cpKJjQeCbNw32
g9jMz4bSMp3mk+lr9/xFSq6vkyiqsO4ekQ4nwDSYr4M/vnxZATuqwL7gs6zONj+B
x2IyMH0LO9Q/qOBwwA83K7PzsL+zlopkPhsseEii1CcKsTq09A/gYSAoz/q79lbT
6lS9ushm5UJHSMVcoi8f/Pmio6T3Pydx8iDtCoYBevhC/uj/VZj6odojTg==
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:22:12 2026 by rpki-client