Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130312e302f32342d3234203d3e20323037313337.roa
File: 3139332e3136302e3130312e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: BDXFDrnEVjAk9tGrvUZrSZ/kmPEmbgV83gMRQw5O7dg=
Subject key identifier: 9C:73:07:51:80:CC:72:E8:50:9F:0B:C9:B2:56:4D:96:50:FF:D6:EC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 094A00DA5586F9EDC9623CC18C160DE39DAAFA24
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130312e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 04 Mar 2026 13:23:22 +0000
ROA not before: Wed 04 Mar 2026 13:18:22 +0000
ROA not after: Wed 03 Mar 2027 13:23:22 +0000
asID: 207137
IP address blocks: 193.160.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 09:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:4a:00:da:55:86:f9:ed:c9:62:3c:c1:8c:16:0d:e3:9d:aa:fa:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 4 13:18:22 2026 GMT
Not After : Mar 3 13:23:22 2027 GMT
Subject: CN=9C73075180CC72E8509F0BC9B2564D9650FFD6EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fd:8d:8b:80:48:61:d6:a7:c2:68:1a:0f:4d:
f1:88:39:a7:4c:89:6e:b4:ca:03:74:d0:6a:da:0a:
87:4e:90:f2:8c:3c:2a:d8:56:ca:29:e3:54:6e:5d:
20:a3:66:59:9d:f8:9d:90:38:79:6b:93:71:a2:de:
43:b6:c8:5b:3e:a4:a4:ea:90:3d:03:12:83:53:c7:
64:87:0a:5d:29:6a:ad:e5:93:37:64:ea:f5:83:86:
11:57:8a:21:a1:44:ca:54:a7:cf:11:ab:b2:a7:fe:
3e:a6:bc:98:87:3e:d1:d3:ef:4f:ba:b8:1e:48:49:
0a:96:70:84:c0:39:16:3c:79:0d:e4:40:b3:f2:7f:
aa:f5:11:8f:eb:20:0f:7e:80:af:e6:77:a5:27:d6:
4f:d5:9b:fb:4e:c5:86:f3:c0:97:66:e1:94:18:d8:
58:91:36:7d:8a:19:bb:db:61:66:5a:30:87:54:e8:
4c:dd:bb:88:27:a3:a9:13:de:88:58:a4:da:23:e7:
99:e3:9d:fe:25:e6:79:5b:3a:39:a4:85:44:77:a6:
60:d3:1f:96:80:32:95:e8:96:8f:f3:7d:9f:c3:c2:
80:11:15:be:3f:d7:e6:c8:e7:37:46:3d:ff:8f:8b:
6f:94:bd:b6:49:e6:6f:02:b5:c6:18:ad:2f:8d:5c:
7a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:73:07:51:80:CC:72:E8:50:9F:0B:C9:B2:56:4D:96:50:FF:D6:EC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3130312e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.101.0/24
Signature Algorithm: sha256WithRSAEncryption
82:0b:a1:5b:7b:e1:5e:4f:39:64:71:43:52:fc:c3:4d:56:af:
fd:92:da:ce:40:3e:1d:4b:b2:6b:82:61:ec:d3:24:06:b0:b8:
6c:7c:11:4f:cc:12:9e:99:15:07:f3:c4:3a:fd:8e:a0:24:0f:
ca:bd:73:e6:f1:46:3a:94:f7:b5:07:0d:9d:d5:b8:f6:2a:8c:
98:70:3b:46:06:86:74:81:e1:a8:b2:8d:3f:ce:9a:46:5f:04:
d1:fc:8b:23:f2:5f:b2:07:a4:01:96:3d:6e:b1:aa:7b:8f:c6:
78:bc:ab:3f:b5:93:06:3d:7e:11:07:d2:48:55:f8:c9:bc:9e:
c3:da:c7:23:84:ad:ef:a6:64:e5:48:f2:af:76:0e:41:5e:d5:
ac:5f:93:15:46:b9:02:47:7b:52:b5:ce:31:8d:ee:ef:91:db:
80:97:6f:63:90:10:3f:59:0a:70:61:a8:41:90:af:2c:4e:25:
ca:80:e6:3a:f4:6f:db:0c:53:05:b7:9c:49:64:07:03:03:91:
4f:e6:02:53:d4:ff:01:e3:27:02:41:9a:36:8d:cf:a9:18:e4:
93:39:3e:6a:cd:d4:01:03:00:da:d9:5b:af:04:ee:fb:e6:ca:
0e:3b:2c:c4:08:d3:83:2a:a8:4c:87:58:4e:71:22:ed:0f:a9:
76:19:5d:1a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCUoA2lWG+e3JYjzBjBYN452q+iQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMDQxMzE4MjJaFw0yNzAzMDMxMzIzMjJaMDMxMTAvBgNV
BAMTKDlDNzMwNzUxODBDQzcyRTg1MDlGMEJDOUIyNTY0RDk2NTBGRkQ2RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn/Y2LgEhh1qfCaBoPTfGIOadM
iW60ygN00GraCodOkPKMPCrYVsop41RuXSCjZlmd+J2QOHlrk3Gi3kO2yFs+pKTq
kD0DEoNTx2SHCl0paq3lkzdk6vWDhhFXiiGhRMpUp88Rq7Kn/j6mvJiHPtHT70+6
uB5ISQqWcITAORY8eQ3kQLPyf6r1EY/rIA9+gK/md6Un1k/Vm/tOxYbzwJdm4ZQY
2FiRNn2KGbvbYWZaMIdU6Ezdu4gno6kT3ohYpNoj55njnf4l5nlbOjmkhUR3pmDT
H5aAMpXolo/zfZ/DwoARFb4/1+bI5zdGPf+Pi2+UvbZJ5m8CtcYYrS+NXHoFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUnHMHUYDMcuhQnwvJslZNllD/1uwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM2MzAyZTMx
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzMzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMGgZTANBgkqhkiG9w0BAQsFAAOCAQEAgguhW3vhXk85ZHFDUvzDTVav/ZLa
zkA+HUuya4Jh7NMkBrC4bHwRT8wSnpkVB/PEOv2OoCQPyr1z5vFGOpT3tQcNndW4
9iqMmHA7RgaGdIHhqLKNP86aRl8E0fyLI/JfsgekAZY9brGqe4/GeLyrP7WTBj1+
EQfSSFX4ybyew9rHI4St76Zk5Ujyr3YOQV7VrF+TFUa5Akd7UrXOMY3u75HbgJdv
Y5AQP1kKcGGoQZCvLE4lyoDmOvRv2wxTBbecSWQHAwORT+YCU9T/AeMnAkGaNo3P
qRjkkzk+as3UAQMA2tlbrwTu++bKDjssxAjTgyqoTIdYTnEi7Q+pdhldGg==
-----END CERTIFICATE-----
Generated at Thu Mar 5 17:40:16 2026 by rpki-client