Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: T1ZLanmeo6gCtR6AZ1rrjylHvJ3XY7rzDxbVMgGTv0o=
Subject key identifier: 32:35:EE:C1:43:03:3F:8D:0F:58:29:E0:03:E5:20:A7:91:18:24:B3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4D448598710020F34605B3193E132C03A5E04E44
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 26 May 2026 22:24:35 +0000
ROA not before: Tue 26 May 2026 22:19:35 +0000
ROA not after: Tue 25 May 2027 22:24:35 +0000
asID: 136787
IP address blocks: 185.228.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:44:85:98:71:00:20:f3:46:05:b3:19:3e:13:2c:03:a5:e0:4e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 26 22:19:35 2026 GMT
Not After : May 25 22:24:35 2027 GMT
Subject: CN=3235EEC143033F8D0F5829E003E520A7911824B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cf:c3:05:ea:e1:b1:b4:bf:6e:39:c6:47:4c:
4c:29:04:9d:e9:f9:16:26:3f:b5:26:8d:2c:2e:5a:
41:cb:16:f7:00:ac:81:f6:96:43:67:f8:52:30:df:
3e:6d:21:88:00:8b:c8:03:90:ec:37:d1:54:e0:ee:
16:ec:db:02:35:b7:c8:11:e0:a6:d4:fd:24:cc:9b:
f0:61:b3:91:0c:59:1d:47:74:8b:2c:ed:24:7e:cd:
04:69:49:90:3f:e2:c8:6f:79:c2:c5:57:f2:24:de:
4a:5d:8a:d1:10:85:e9:a9:72:19:60:5a:56:7f:20:
71:de:e9:23:38:32:ff:65:77:97:51:b4:62:53:41:
d6:90:18:45:a7:a2:78:a7:2f:68:b8:5d:8a:e1:4f:
c9:04:64:82:de:c7:c8:2f:18:bd:3a:5d:ef:c7:17:
df:2d:94:27:e9:04:e9:ac:85:89:c8:19:35:27:bf:
bb:9e:8e:be:a1:2c:3c:e8:c0:b6:14:90:67:9c:a9:
1d:83:f0:0c:45:6c:73:b1:1f:d7:69:b4:96:e4:fc:
6f:46:cf:6f:76:bd:91:82:10:ce:3f:ab:6f:e2:eb:
1d:b2:c6:73:62:4c:f3:20:39:38:d0:ad:d2:bd:6a:
5b:32:18:7c:39:72:9c:9e:c9:70:6f:20:f4:a7:40:
c4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:35:EE:C1:43:03:3F:8D:0F:58:29:E0:03:E5:20:A7:91:18:24:B3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.19.0/24
Signature Algorithm: sha256WithRSAEncryption
54:aa:cb:74:e7:d1:c4:7b:14:87:6a:7f:84:34:b5:ab:20:6e:
a9:4b:b6:3f:13:0f:66:ba:33:bb:3c:da:49:6f:9d:55:de:99:
4c:32:3e:72:74:6a:07:fc:e9:54:61:2c:58:52:0b:17:16:dc:
fa:a4:78:dc:42:2c:43:2f:cb:e0:08:2b:36:4a:30:23:b6:c9:
e5:f9:da:7b:69:fa:ed:ab:ed:5f:e4:85:b6:52:c0:1e:62:60:
2a:d5:28:d4:0d:5d:0c:0c:49:f1:64:d4:af:fd:b4:b0:a7:e4:
34:60:95:44:ad:8a:d0:0f:a8:43:f5:fc:bf:b8:17:1a:68:83:
cc:eb:b2:bb:99:07:61:2a:8e:ad:1a:b2:a9:fc:8c:97:f1:79:
71:3a:65:14:02:6f:16:8e:d0:5d:02:f7:37:2f:b1:ef:b5:97:
7d:fb:99:55:d3:72:c9:4f:fb:2f:83:e5:25:90:b3:21:a9:16:
d1:f1:92:10:1e:cd:78:a2:3c:2e:a4:86:cd:df:88:ad:29:16:
87:f3:a3:7e:d1:34:2f:a3:3f:b5:7b:a0:0b:2f:5a:ff:42:19:
f1:99:fe:37:2e:c7:7c:dd:80:aa:51:b4:b3:16:d5:47:84:76:
4a:58:82:e7:04:6d:98:87:01:a1:57:fc:db:85:5d:3e:e1:69:
1e:59:5c:03
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTUSFmHEAIPNGBbMZPhMsA6XgTkQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjYyMjE5MzVaFw0yNzA1MjUyMjI0MzVaMDMxMTAvBgNV
BAMTKDMyMzVFRUMxNDMwMzNGOEQwRjU4MjlFMDAzRTUyMEE3OTExODI0QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJz8MF6uGxtL9uOcZHTEwpBJ3p
+RYmP7UmjSwuWkHLFvcArIH2lkNn+FIw3z5tIYgAi8gDkOw30VTg7hbs2wI1t8gR
4KbU/STMm/Bhs5EMWR1HdIss7SR+zQRpSZA/4shvecLFV/Ik3kpditEQhempchlg
WlZ/IHHe6SM4Mv9ld5dRtGJTQdaQGEWnoninL2i4XYrhT8kEZILex8gvGL06Xe/H
F98tlCfpBOmshYnIGTUnv7uejr6hLDzowLYUkGecqR2D8AxFbHOxH9dptJbk/G9G
z292vZGCEM4/q2/i6x2yxnNiTPMgOTjQrdK9alsyGHw5cpyeyXBvIPSnQMQ5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMjXuwUMDP40PWCngA+Ugp5EYJLMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzgyZTMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55BMwDQYJKoZIhvcNAQELBQADggEBAFSqy3Tn0cR7FIdqf4Q0tasgbqlLtj8T
D2a6M7s82klvnVXemUwyPnJ0agf86VRhLFhSCxcW3PqkeNxCLEMvy+AIKzZKMCO2
yeX52ntp+u2r7V/khbZSwB5iYCrVKNQNXQwMSfFk1K/9tLCn5DRglUStitAPqEP1
/L+4Fxpog8zrsruZB2Eqjq0asqn8jJfxeXE6ZRQCbxaO0F0C9zcvse+1l337mVXT
cslP+y+D5SWQsyGpFtHxkhAezXiiPC6khs3fiK0pFofzo37RNC+jP7V7oAsvWv9C
GfGZ/jcux3zdgKpRtLMW1UeEdkpYgucEbZiHAaFX/NuFXT7haR5ZXAM=
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:19:41 2026 by rpki-client