Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139342e302f32332d3233203d3e20323031333431.roa
File: 3139352e3137392e3139342e302f32332d3233203d3e20323031333431.roa (raw, json)
Hash identifier: nUjMcfiUjvLxETeIi0T6W/S6PvTAgkJrxRpz1CoKMRQ=
Subject key identifier: 99:9A:F4:00:0B:B8:1A:24:F1:14:C0:7F:1F:2D:06:6F:B6:76:73:5B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6F664BA131A1FFA047C9852C195D99E660DC87F2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139342e302f32332d3233203d3e20323031333431.roa
Signing time: Mon 29 Dec 2025 09:51:03 +0000
ROA not before: Mon 29 Dec 2025 09:46:03 +0000
ROA not after: Mon 28 Dec 2026 09:51:03 +0000
asID: 201341
IP address blocks: 195.179.194.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 21:36:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:66:4b:a1:31:a1:ff:a0:47:c9:85:2c:19:5d:99:e6:60:dc:87:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 29 09:46:03 2025 GMT
Not After : Dec 28 09:51:03 2026 GMT
Subject: CN=999AF4000BB81A24F114C07F1F2D066FB676735B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:7a:a3:9d:40:e8:9c:d2:0c:c2:17:6b:9a:85:
73:d6:a4:99:28:16:75:e4:47:76:de:4a:b2:dd:0f:
82:2b:f7:56:4d:1c:1b:9c:b2:55:93:1c:3c:0f:eb:
d5:01:b3:36:ad:4c:af:27:8a:15:41:ea:f5:75:c5:
4d:2a:ff:29:ed:7b:78:f4:3e:32:e2:6d:a0:fb:86:
e1:a8:f7:b9:09:23:0b:f4:16:cf:c9:c7:56:38:56:
a2:85:e7:0e:4d:65:77:bb:dc:6f:b2:e8:a9:2b:58:
07:77:c9:8b:e7:16:4d:c0:2f:35:86:86:32:13:f7:
e2:3b:14:0a:d3:3a:69:62:78:2b:f6:48:bc:b3:d7:
13:be:c5:d7:52:3f:63:e7:35:af:5e:47:a9:bc:c9:
25:c4:34:40:f8:14:15:56:f9:12:12:78:68:b0:f2:
a4:f2:ed:f6:40:1e:66:c7:d1:35:da:8d:65:1b:6a:
a6:b1:ef:20:20:e3:51:7a:ed:ec:0a:7c:a5:03:b4:
20:20:1a:38:96:1d:65:68:49:e7:b8:7c:ee:7f:6e:
23:4f:11:71:b9:f2:a5:c8:19:8e:7b:32:8d:77:dd:
d4:23:67:84:3e:7f:71:a8:fb:7f:fa:80:34:77:0d:
72:c2:b5:6a:12:b7:cf:0d:17:5f:16:e4:77:6a:1d:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:9A:F4:00:0B:B8:1A:24:F1:14:C0:7F:1F:2D:06:6F:B6:76:73:5B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3139342e302f32332d3233203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.194.0/23
Signature Algorithm: sha256WithRSAEncryption
67:de:4a:12:96:87:fc:31:eb:78:2c:a9:78:f9:c6:cf:87:20:
7e:19:f2:02:b9:79:87:76:1b:b8:62:40:e1:9c:7d:a4:9f:53:
0f:4c:2a:26:42:64:5f:1d:ae:a5:44:ef:b6:bd:ee:ae:47:de:
fe:58:21:68:42:b8:0c:c5:82:02:eb:12:f7:3a:97:cf:c1:fe:
3b:ac:4f:80:7e:49:f7:12:ec:6b:bb:6a:84:dd:c0:00:5f:e8:
07:7d:fe:08:db:ee:a8:3e:3b:47:38:ea:3f:74:f5:8a:8e:65:
c4:73:7c:63:fd:f3:0e:a0:8e:2d:5e:2b:9b:d3:94:d1:39:ff:
27:36:4d:6a:2f:9e:ee:1c:67:a6:92:9a:70:c9:bb:f4:ac:27:
e3:ee:3a:2b:05:43:61:d8:c8:ec:89:8b:97:3f:3a:1c:10:d1:
72:eb:47:39:45:14:79:e3:50:87:95:36:39:30:83:dc:84:f7:
42:3c:f3:ee:ec:de:c0:ec:de:26:f1:b0:f6:c3:b1:21:7a:67:
d2:07:57:8c:f3:40:d2:dd:74:93:5c:1f:7e:1a:f1:1e:47:c1:
42:ef:5d:49:d6:e6:17:c9:2c:41:ad:8e:a3:c8:f6:38:4d:ca:
ff:31:b8:2b:51:d4:ca:70:89:b2:e8:46:d8:57:2b:e0:1a:19:
2f:fc:70:23
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUb2ZLoTGh/6BHyYUsGV2Z5mDch/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ2MDNaFw0yNjEyMjgwOTUxMDNaMDMxMTAvBgNV
BAMTKDk5OUFGNDAwMEJCODFBMjRGMTE0QzA3RjFGMkQwNjZGQjY3NjczNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDceqOdQOic0gzCF2uahXPWpJko
FnXkR3beSrLdD4Ir91ZNHBucslWTHDwP69UBszatTK8nihVB6vV1xU0q/ynte3j0
PjLibaD7huGo97kJIwv0Fs/Jx1Y4VqKF5w5NZXe73G+y6KkrWAd3yYvnFk3ALzWG
hjIT9+I7FArTOmlieCv2SLyz1xO+xddSP2PnNa9eR6m8ySXENED4FBVW+RISeGiw
8qTy7fZAHmbH0TXajWUbaqax7yAg41F67ewKfKUDtCAgGjiWHWVoSee4fO5/biNP
EXG58qXIGY57Mo133dQjZ4Q+f3Go+3/6gDR3DXLCtWoSt88NF18W5HdqHaRlAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUmZr0AAu4GiTxFMB/Hy0Gb7Z2c1swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMx
MzkzNDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAcOzwjANBgkqhkiG9w0BAQsFAAOCAQEAZ95KEpaH/DHreCypePnGz4cgfhny
Arl5h3YbuGJA4Zx9pJ9TD0wqJkJkXx2upUTvtr3urkfe/lghaEK4DMWCAusS9zqX
z8H+O6xPgH5J9xLsa7tqhN3AAF/oB33+CNvuqD47RzjqP3T1io5lxHN8Y/3zDqCO
LV4rm9OU0Tn/JzZNai+e7hxnppKacMm79Kwn4+46KwVDYdjI7ImLlz86HBDRcutH
OUUUeeNQh5U2OTCD3IT3Qjzz7uzewOzeJvGw9sOxIXpn0gdXjPNA0t10k1wffhrx
HkfBQu9dSdbmF8ksQa2Oo8j2OE3K/zG4K1HUynCJsuhG2Fcr4BoZL/xwIw==
-----END CERTIFICATE-----
Generated at Mon Feb 23 03:00:44 2026 by rpki-client