Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa
File: 3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: 1jLrl8+AzrZUDucfcH67LXFzWVxkSNtWhYOEO1JQhhs=
Subject key identifier: F2:CB:3F:20:E0:C3:15:B0:D3:09:10:F9:64:E6:4F:8B:41:AD:15:EF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4736567B3DB1EA300DCC1157EBD981FB32100AC5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 04 Mar 2026 13:23:23 +0000
ROA not before: Wed 04 Mar 2026 13:18:23 +0000
ROA not after: Wed 03 Mar 2027 13:23:23 +0000
asID: 207137
IP address blocks: 193.160.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 09:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:36:56:7b:3d:b1:ea:30:0d:cc:11:57:eb:d9:81:fb:32:10:0a:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 4 13:18:23 2026 GMT
Not After : Mar 3 13:23:23 2027 GMT
Subject: CN=F2CB3F20E0C315B0D30910F964E64F8B41AD15EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:92:2a:55:2a:c1:f5:55:aa:74:4c:9f:39:e9:
ac:f2:50:45:9c:28:1b:9b:42:09:c5:bc:e8:26:a1:
75:db:a6:9f:a1:70:d5:c9:4b:9f:36:73:68:21:b2:
40:5d:97:67:be:97:3e:03:2d:1d:e9:de:fa:3d:3a:
37:29:a1:31:3d:2e:58:ed:92:25:02:28:21:c5:91:
75:0a:35:a8:f5:29:86:a2:e9:c4:f7:c7:e7:86:e4:
bc:64:35:9b:16:4e:9c:55:97:a1:f3:36:86:6c:50:
0b:37:c6:46:7e:5d:0b:c8:b7:5a:98:68:b5:64:ce:
1f:16:9d:e3:5c:58:83:06:66:4a:c9:38:7c:cc:a9:
aa:15:ae:76:bc:48:9f:3c:63:9d:9b:5e:4e:e1:2a:
e3:5e:60:11:4d:37:32:15:67:7a:fa:fd:28:00:59:
03:ec:f1:ba:a2:bb:23:e0:ef:2c:9a:b6:6f:e4:5c:
12:22:d4:7d:f0:c5:14:59:00:94:eb:e4:50:f0:76:
b2:bc:da:4c:63:d8:2a:2b:66:d9:38:5c:d0:e6:03:
dd:df:b9:71:19:73:c1:7c:16:34:10:8f:bb:9e:f3:
20:b7:5d:4e:26:7e:ea:5a:32:f1:a5:53:11:bf:45:
db:8b:31:6f:2c:5b:e9:42:81:d2:2f:46:bf:0e:55:
a9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CB:3F:20:E0:C3:15:B0:D3:09:10:F9:64:E6:4F:8B:41:AD:15:EF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130302e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.100.0/24
Signature Algorithm: sha256WithRSAEncryption
05:c2:a3:dc:bc:d4:ac:d1:ac:54:41:9c:94:fd:88:9b:6e:ce:
31:34:80:ee:d6:e1:c2:50:e6:1c:aa:3f:d3:bd:50:27:a9:60:
e9:25:87:b3:16:55:b2:1c:c6:3f:fb:46:db:69:f4:0d:27:4a:
bb:15:7b:3f:a3:cd:b0:01:c5:95:ac:18:11:42:b4:30:74:f7:
72:b5:31:96:1e:c2:82:5c:a7:21:5f:50:97:e6:c4:16:17:fc:
25:6e:85:1b:fc:f7:93:33:53:9f:b1:6a:e4:ca:a9:a1:f7:b3:
59:de:d7:9c:53:04:80:08:d2:f2:24:c4:38:78:21:34:12:68:
38:35:a2:08:4a:d8:35:12:24:e8:4f:77:3c:6e:ed:68:46:8b:
2c:19:db:24:84:aa:12:d5:6e:53:67:34:b9:56:e2:7b:7d:99:
5f:bd:d1:20:0f:77:07:2a:61:4b:3b:a2:61:3c:72:f6:39:ca:
b3:8f:e7:b9:f2:20:4b:0e:6b:b3:46:2f:bd:4b:78:80:cf:31:
83:22:57:55:02:d2:f6:d6:c8:7a:5f:db:42:fb:bb:f5:f7:82:
93:7e:dd:da:5a:00:dd:b4:1e:de:8e:78:32:f7:c6:c0:07:99:
6d:3c:c6:87:c7:a7:61:04:0d:23:79:64:77:03:0f:61:c9:1f:
51:50:57:fc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIURzZWez2x6jANzBFX69mB+zIQCsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMDQxMzE4MjNaFw0yNzAzMDMxMzIzMjNaMDMxMTAvBgNV
BAMTKEYyQ0IzRjIwRTBDMzE1QjBEMzA5MTBGOTY0RTY0RjhCNDFBRDE1RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClkipVKsH1Vap0TJ856azyUEWc
KBubQgnFvOgmoXXbpp+hcNXJS582c2ghskBdl2e+lz4DLR3p3vo9OjcpoTE9Lljt
kiUCKCHFkXUKNaj1KYai6cT3x+eG5LxkNZsWTpxVl6HzNoZsUAs3xkZ+XQvIt1qY
aLVkzh8WneNcWIMGZkrJOHzMqaoVrna8SJ88Y52bXk7hKuNeYBFNNzIVZ3r6/SgA
WQPs8bqiuyPg7yyatm/kXBIi1H3wxRRZAJTr5FDwdrK82kxj2CorZtk4XNDmA93f
uXEZc8F8FjQQj7ue8yC3XU4mfupaMvGlUxG/RduLMW8sW+lCgdIvRr8OVamdAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU8ss/IODDFbDTCRD5ZOZPi0GtFe8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM2MzAyZTMx
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzMzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGgZDANBgkqhkiG9w0BAQsFAAOCAQEABcKj3LzUrNGsVEGclP2Im27OMTSA
7tbhwlDmHKo/071QJ6lg6SWHsxZVshzGP/tG22n0DSdKuxV7P6PNsAHFlawYEUK0
MHT3crUxlh7CglynIV9Ql+bEFhf8JW6FG/z3kzNTn7Fq5MqpofezWd7XnFMEgAjS
8iTEOHghNBJoODWiCErYNRIk6E93PG7taEaLLBnbJISqEtVuU2c0uVbie32ZX73R
IA93ByphSzuiYTxy9jnKs4/nufIgSw5rs0YvvUt4gM8xgyJXVQLS9tbIel/bQvu7
9feCk37d2loA3bQe3o54MvfGwAeZbTzGh8enYQQNI3lkdwMPYckfUVBX/A==
-----END CERTIFICATE-----
Generated at Thu Mar 5 17:39:42 2026 by rpki-client