Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3230332e302f32342d3234203d3e203239383032.roa
File: 3139352e3137392e3230332e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: vF38kWCNX3U15FJObYXn8fKGs2cGC0XWi5ZnI/S5lxw=
Subject key identifier: AD:8C:5E:B8:1D:6E:CD:F3:56:3E:D4:72:51:69:A9:FB:23:41:B6:70
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 44F92C1BB10A4D02C4BA5E04AA085CD46F135E0C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3230332e302f32342d3234203d3e203239383032.roa
Signing time: Tue 26 May 2026 11:08:31 +0000
ROA not before: Tue 26 May 2026 11:03:31 +0000
ROA not after: Tue 25 May 2027 11:08:31 +0000
asID: 29802
IP address blocks: 195.179.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:f9:2c:1b:b1:0a:4d:02:c4:ba:5e:04:aa:08:5c:d4:6f:13:5e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 26 11:03:31 2026 GMT
Not After : May 25 11:08:31 2027 GMT
Subject: CN=AD8C5EB81D6ECDF3563ED4725169A9FB2341B670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:04:11:5d:52:90:62:6c:f9:2d:45:92:73:4e:
0d:a1:79:c2:8d:dc:2e:05:10:25:c2:95:39:f3:b3:
2c:5e:9d:b1:09:cf:23:f7:a0:6a:e1:f8:99:d7:ef:
5a:4d:ec:8f:7d:ad:46:00:2e:34:e0:41:8d:58:bd:
d5:44:19:8f:f8:f9:23:dc:03:7c:59:1e:f0:85:0d:
51:9d:8a:11:6f:06:66:cd:8e:1b:ca:48:34:55:43:
d5:ad:80:51:76:36:90:05:d0:4d:6c:55:eb:ae:c1:
28:87:5d:ab:06:a5:7c:cf:f8:07:85:89:c9:bb:fe:
5b:46:8c:44:6a:6e:6b:16:12:6a:52:9b:78:8b:84:
10:08:e6:f2:3d:79:a6:fc:ca:63:f9:90:69:03:c3:
76:69:47:ff:76:18:b8:1a:12:5a:9f:a9:b0:c5:62:
82:2c:46:f5:60:46:f5:b8:88:8a:ef:a1:91:87:5f:
4e:da:c9:d2:0d:e6:1a:90:60:cd:c2:b5:1c:2f:3d:
9b:b7:d2:fd:4e:88:f6:2e:ce:bb:1a:8f:30:5d:72:
49:2f:4f:8c:ef:10:96:9d:e9:e2:df:93:28:58:42:
d5:fa:d9:f4:c2:fd:03:06:84:0b:cc:5a:ed:a5:62:
3f:dd:e7:90:75:50:35:31:1c:1a:77:23:35:03:28:
f7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:8C:5E:B8:1D:6E:CD:F3:56:3E:D4:72:51:69:A9:FB:23:41:B6:70
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3230332e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.203.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:41:14:11:a2:1a:ed:ea:17:d8:37:10:ee:4a:16:04:b2:57:
84:ee:e0:21:37:74:56:bf:e1:b7:46:59:2c:ad:98:12:73:d9:
3b:fe:06:b5:84:0d:c6:1f:56:af:e0:fb:f2:41:7b:64:ac:64:
7a:6d:b4:8a:83:23:98:b5:ac:7e:21:6f:74:32:c1:4c:a5:37:
38:bc:a2:15:8e:c9:21:90:19:d5:d5:3e:56:e0:11:a2:87:4d:
eb:85:8c:e6:57:dc:2f:3d:22:73:07:a9:4e:bf:89:a4:f0:5d:
f2:3d:0e:e0:fd:be:2e:7f:60:c6:89:57:b6:36:c6:30:63:5d:
2d:a4:72:dc:65:59:9c:ac:cd:58:40:96:d6:05:e7:a4:54:5b:
55:87:6a:f2:f5:df:f3:a8:3a:2f:23:40:d5:8a:40:69:80:6f:
cb:72:fe:dc:25:2c:46:e3:a5:a5:04:f5:ea:9a:f5:cb:6f:cd:
04:bb:b8:f5:d5:ca:18:40:21:16:6d:7e:94:0b:14:2f:11:0c:
e2:af:59:27:09:b8:4b:84:ce:99:a3:48:3b:fc:0b:0d:1f:4a:
e3:75:a0:6f:09:13:25:ef:d5:cc:d2:93:58:29:b1:bb:69:37:
ff:6a:f0:51:97:5d:ec:ec:a1:e5:01:5a:be:47:05:c9:e3:c8:
59:5d:f7:4c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURPksG7EKTQLEul4Eqghc1G8TXgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjYxMTAzMzFaFw0yNzA1MjUxMTA4MzFaMDMxMTAvBgNV
BAMTKEFEOEM1RUI4MUQ2RUNERjM1NjNFRDQ3MjUxNjlBOUZCMjM0MUI2NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIBBFdUpBibPktRZJzTg2hecKN
3C4FECXClTnzsyxenbEJzyP3oGrh+JnX71pN7I99rUYALjTgQY1YvdVEGY/4+SPc
A3xZHvCFDVGdihFvBmbNjhvKSDRVQ9WtgFF2NpAF0E1sVeuuwSiHXasGpXzP+AeF
icm7/ltGjERqbmsWEmpSm3iLhBAI5vI9eab8ymP5kGkDw3ZpR/92GLgaElqfqbDF
YoIsRvVgRvW4iIrvoZGHX07aydIN5hqQYM3CtRwvPZu30v1OiPYuzrsajzBdckkv
T4zvEJad6eLfkyhYQtX62fTC/QMGhAvMWu2lYj/d55B1UDUxHBp3IzUDKPcZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrYxeuB1uzfNWPtRyUWmp+yNBtnAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDs8swDQYJKoZIhvcNAQELBQADggEBACpBFBGiGu3qF9g3EO5KFgSyV4Tu4CE3
dFa/4bdGWSytmBJz2Tv+BrWEDcYfVq/g+/JBe2SsZHpttIqDI5i1rH4hb3QywUyl
Nzi8ohWOySGQGdXVPlbgEaKHTeuFjOZX3C89InMHqU6/iaTwXfI9DuD9vi5/YMaJ
V7Y2xjBjXS2kctxlWZyszVhAltYF56RUW1WHavL13/OoOi8jQNWKQGmAb8ty/twl
LEbjpaUE9eqa9ctvzQS7uPXVyhhAIRZtfpQLFC8RDOKvWScJuEuEzpmjSDv8Cw0f
SuN1oG8JEyXv1czSk1gpsbtpN/9q8FGXXezsoeUBWr5HBcnjyFld90w=
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:16:59 2026 by rpki-client