Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3131392e302f32342d3234203d3e203437353833.roa
File: 3139332e3136302e3131392e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: sfM1w3TAjeb5igyAA4L7idM6fJ61qAVMP+W/FHHQ/8k=
Subject key identifier: 17:12:73:51:2B:E2:AB:1B:51:4F:DA:1F:AE:1B:15:95:DB:63:E4:4F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 28BA9DF1375B38429896AD393356DC571D5FB89E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3131392e302f32342d3234203d3e203437353833.roa
Signing time: Wed 04 Mar 2026 13:23:23 +0000
ROA not before: Wed 04 Mar 2026 13:18:23 +0000
ROA not after: Wed 03 Mar 2027 13:23:23 +0000
asID: 47583
IP address blocks: 193.160.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 09:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:ba:9d:f1:37:5b:38:42:98:96:ad:39:33:56:dc:57:1d:5f:b8:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 4 13:18:23 2026 GMT
Not After : Mar 3 13:23:23 2027 GMT
Subject: CN=171273512BE2AB1B514FDA1FAE1B1595DB63E44F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:28:e1:0d:b9:69:50:a7:ee:a1:c8:1a:23:50:
10:06:15:09:e6:52:4a:55:78:1c:5a:44:3b:ce:43:
ee:12:52:62:23:a9:77:73:1d:64:70:49:27:96:74:
2b:23:5f:7c:b4:2b:63:7d:95:09:6b:b7:74:cd:93:
67:a1:46:c1:01:d5:e3:2d:e0:7c:9a:05:e6:80:1d:
a9:0c:6e:a0:ea:18:93:2b:5c:28:00:29:14:93:7d:
60:25:9d:b0:31:f7:77:b8:f7:19:d9:8c:df:a9:9c:
0d:2c:7c:2f:bc:ab:70:7f:33:cc:d8:91:17:b1:b2:
6b:08:a0:37:68:4d:d1:0d:fc:ff:08:64:8e:7a:53:
51:93:37:59:2f:cc:14:29:02:30:ff:87:15:1a:64:
94:e3:e2:77:e7:19:0b:13:54:f2:a4:e5:57:a9:91:
59:e1:0f:ad:ad:99:b9:ff:b3:fd:ca:ce:53:86:ad:
29:9b:d9:7c:b2:8b:53:d1:ca:7d:9e:b3:05:16:a0:
2c:f7:a4:7e:3d:49:f5:7a:d1:a9:ca:8a:82:ef:26:
0e:29:49:93:30:81:3e:b5:5a:42:aa:26:10:ec:5f:
5c:a8:61:0e:21:16:2f:25:ca:10:72:48:39:f8:11:
1f:10:02:5d:ef:56:a7:19:84:ed:df:52:34:30:4b:
20:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:12:73:51:2B:E2:AB:1B:51:4F:DA:1F:AE:1B:15:95:DB:63:E4:4F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3136302e3131392e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.119.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:b7:2f:d9:26:6c:34:aa:6c:45:9a:04:6f:7c:c5:7d:e8:bd:
60:49:d1:db:26:a4:46:52:a3:31:5d:84:b1:f1:f9:54:97:f2:
41:d2:c7:d8:aa:9b:40:f4:de:a3:52:d3:dc:24:d9:99:af:28:
a3:21:b3:d0:c1:58:9f:01:78:43:d2:77:cd:f5:28:13:a8:08:
c4:e7:2e:6f:52:d2:49:a3:46:eb:97:f0:94:f2:d2:17:29:8b:
eb:4b:aa:43:53:6e:b6:17:a4:30:c2:bf:c9:be:99:21:59:b4:
27:1d:a2:b3:7d:11:77:b4:ac:04:c0:08:73:54:3a:94:b8:00:
ea:33:32:7e:15:d6:6c:f8:91:16:22:f0:11:b4:4a:a3:1f:be:
53:b3:37:49:e3:0a:3d:2e:c3:49:36:67:93:b0:ad:b1:70:06:
00:1c:4a:0c:7a:9d:37:01:0b:48:4c:7e:4a:b8:46:16:af:4f:
01:c6:7d:da:8d:64:e5:fd:2f:08:ac:6d:75:05:5c:a5:ae:91:
57:17:61:9b:8d:11:0f:ae:d2:92:87:75:9f:27:02:ba:3b:45:
ab:c8:38:40:f9:19:60:b6:ff:83:df:e5:23:0b:61:03:3e:dd:
f4:a6:1c:8b:ff:a0:da:47:ad:f1:8f:9b:1c:ee:3e:13:60:2d:
9a:28:df:0e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKLqd8TdbOEKYlq05M1bcVx1fuJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMDQxMzE4MjNaFw0yNzAzMDMxMzIzMjNaMDMxMTAvBgNV
BAMTKDE3MTI3MzUxMkJFMkFCMUI1MTRGREExRkFFMUIxNTk1REI2M0U0NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBKOENuWlQp+6hyBojUBAGFQnm
UkpVeBxaRDvOQ+4SUmIjqXdzHWRwSSeWdCsjX3y0K2N9lQlrt3TNk2ehRsEB1eMt
4HyaBeaAHakMbqDqGJMrXCgAKRSTfWAlnbAx93e49xnZjN+pnA0sfC+8q3B/M8zY
kRexsmsIoDdoTdEN/P8IZI56U1GTN1kvzBQpAjD/hxUaZJTj4nfnGQsTVPKk5Vep
kVnhD62tmbn/s/3KzlOGrSmb2Xyyi1PRyn2eswUWoCz3pH49SfV60anKioLvJg4p
SZMwgT61WkKqJhDsX1yoYQ4hFi8lyhBySDn4ER8QAl3vVqcZhO3fUjQwSyBRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFxJzUSviqxtRT9ofrhsVldtj5E8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM2MzAyZTMx
MzEzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBoHcwDQYJKoZIhvcNAQELBQADggEBAG63L9kmbDSqbEWaBG98xX3ovWBJ0dsm
pEZSozFdhLHx+VSX8kHSx9iqm0D03qNS09wk2ZmvKKMhs9DBWJ8BeEPSd831KBOo
CMTnLm9S0kmjRuuX8JTy0hcpi+tLqkNTbrYXpDDCv8m+mSFZtCcdorN9EXe0rATA
CHNUOpS4AOozMn4V1mz4kRYi8BG0SqMfvlOzN0njCj0uw0k2Z5OwrbFwBgAcSgx6
nTcBC0hMfkq4RhavTwHGfdqNZOX9LwisbXUFXKWukVcXYZuNEQ+u0pKHdZ8nAro7
RavIOED5GWC2/4Pf5SMLYQM+3fSmHIv/oNpHrfGPmxzuPhNgLZoo3w4=
-----END CERTIFICATE-----
Generated at Thu Mar 5 17:39:00 2026 by rpki-client