Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3230332e302f32342d3234203d3e20323033333830.roa
File: 3139352e3137392e3230332e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: nl6+99c5rYi1WiFzjFvJc1mFEc4tXzg7IykHrJzpld4=
Subject key identifier: F5:A5:F9:21:1F:7A:3C:F6:FD:41:2B:1C:72:1F:FA:1B:BA:03:8B:19
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 02B06AB7A1AB5BC87A82460F064B9F2C4630BBD2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3230332e302f32342d3234203d3e20323033333830.roa
Signing time: Tue 26 May 2026 08:36:03 +0000
ROA not before: Tue 26 May 2026 08:31:03 +0000
ROA not after: Tue 25 May 2027 08:36:03 +0000
asID: 203380
IP address blocks: 195.179.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 May 2026 17:41:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:b0:6a:b7:a1:ab:5b:c8:7a:82:46:0f:06:4b:9f:2c:46:30:bb:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 26 08:31:03 2026 GMT
Not After : May 25 08:36:03 2027 GMT
Subject: CN=F5A5F9211F7A3CF6FD412B1C721FFA1BBA038B19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b4:27:50:cd:cf:c2:71:5d:44:de:f4:e7:8d:
68:4a:77:dd:0f:25:d6:45:c8:6b:e0:5f:e4:3a:9e:
dd:e1:4c:d4:70:21:74:94:48:f0:e7:d4:41:83:0e:
f9:ef:cc:3d:53:6b:dd:15:e3:73:8d:94:3e:96:14:
d1:c4:12:a5:6d:a5:f7:ec:e7:e1:22:62:ee:31:28:
93:92:1d:be:b0:e7:3a:cb:b6:b5:fa:31:72:fc:22:
2a:f2:64:e8:59:1a:d9:66:c9:57:26:45:0c:4c:ab:
96:47:30:ce:24:20:77:f0:f0:56:da:c6:ba:2a:57:
0e:2c:c0:ae:ce:0d:0c:11:6e:5c:e2:df:14:e5:23:
7d:25:c5:d9:32:df:c2:3e:ee:18:14:aa:92:a1:83:
54:72:c2:c9:1e:4c:14:88:4a:82:d1:12:68:e0:e5:
ba:7d:3a:f2:0e:64:24:65:b0:68:65:eb:db:4c:bd:
83:8e:e2:9c:d2:95:0c:6f:79:d5:0d:61:cd:37:fa:
73:58:d7:8d:22:1f:45:f2:be:c0:04:10:c1:73:55:
35:9b:fb:ce:4f:fc:69:72:21:70:52:98:97:5f:83:
e8:60:15:06:b3:65:ac:36:ea:60:e6:be:3a:13:a4:
c2:e2:60:ac:67:fa:87:cd:ad:a3:17:ae:ee:be:43:
a8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A5:F9:21:1F:7A:3C:F6:FD:41:2B:1C:72:1F:FA:1B:BA:03:8B:19
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3230332e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.203.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:23:ee:95:b1:d6:15:60:c7:fe:17:28:24:42:2c:69:1a:0b:
60:88:44:d6:4f:01:c4:41:e8:bc:f2:ea:b1:61:52:6e:1e:4b:
e9:01:9e:38:be:24:fb:ee:cd:0a:dd:67:13:f1:83:56:e5:89:
f2:28:83:db:95:3b:0c:41:5b:41:d3:96:42:09:c9:7c:27:2b:
75:91:17:5a:0d:b5:25:d9:e1:15:e7:c3:f2:02:12:54:09:7a:
9b:73:12:5c:19:1e:84:64:8f:a4:19:5c:07:af:b7:74:c2:93:
50:31:84:13:d4:6e:11:1c:b9:8e:83:a0:ec:65:ae:d7:06:06:
a0:23:37:ee:a9:a2:dd:d6:e5:d2:a0:36:0e:de:0c:2b:eb:5c:
66:16:0a:b5:17:b5:42:f0:b4:d4:7d:3c:95:b6:28:56:52:a6:
b7:09:66:44:8e:15:65:2c:87:5b:34:d6:07:5d:48:b5:d7:4e:
4c:9e:40:79:72:d4:15:f2:cf:4c:9e:76:73:9c:fa:5d:55:5a:
01:d9:b9:f5:3b:eb:85:38:73:17:e3:cc:bc:e7:d7:d8:12:b6:
f0:c0:88:99:86:65:0f:22:9f:b2:b0:d2:78:cc:89:9d:d4:74:
7e:49:18:07:c3:1e:3b:a1:40:3f:d7:2f:25:f2:f9:fe:5e:81:
17:c6:c3:62
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUArBqt6GrW8h6gkYPBkufLEYwu9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjYwODMxMDNaFw0yNzA1MjUwODM2MDNaMDMxMTAvBgNV
BAMTKEY1QTVGOTIxMUY3QTNDRjZGRDQxMkIxQzcyMUZGQTFCQkEwMzhCMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCetCdQzc/CcV1E3vTnjWhKd90P
JdZFyGvgX+Q6nt3hTNRwIXSUSPDn1EGDDvnvzD1Ta90V43ONlD6WFNHEEqVtpffs
5+EiYu4xKJOSHb6w5zrLtrX6MXL8IiryZOhZGtlmyVcmRQxMq5ZHMM4kIHfw8Fba
xroqVw4swK7ODQwRblzi3xTlI30lxdky38I+7hgUqpKhg1RywskeTBSISoLREmjg
5bp9OvIOZCRlsGhl69tMvYOO4pzSlQxvedUNYc03+nNY140iH0XyvsAEEMFzVTWb
+85P/GlyIXBSmJdfg+hgFQazZaw26mDmvjoTpMLiYKxn+ofNraMXru6+Q6j3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU9aX5IR96PPb9QSscch/6G7oDixkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMzMzgzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMOzyzANBgkqhkiG9w0BAQsFAAOCAQEAjSPulbHWFWDH/hcoJEIsaRoLYIhE
1k8BxEHovPLqsWFSbh5L6QGeOL4k++7NCt1nE/GDVuWJ8iiD25U7DEFbQdOWQgnJ
fCcrdZEXWg21JdnhFefD8gISVAl6m3MSXBkehGSPpBlcB6+3dMKTUDGEE9RuERy5
joOg7GWu1wYGoCM37qmi3dbl0qA2Dt4MK+tcZhYKtRe1QvC01H08lbYoVlKmtwlm
RI4VZSyHWzTWB11ItddOTJ5AeXLUFfLPTJ52c5z6XVVaAdm59TvrhThzF+PMvOfX
2BK28MCImYZlDyKfsrDSeMyJndR0fkkYB8MeO6FAP9cvJfL5/l6BF8bDYg==
-----END CERTIFICATE-----
Generated at Wed May 27 02:32:22 2026 by rpki-client