Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233322e302f32322d3234203d3e20323037353934.roa
File: 3139352e3137392e3233322e302f32322d3234203d3e20323037353934.roa (raw, json)
Hash identifier: Sl5PJjp/mtixffSsOuVpEYsQ1o9OmdOfHcw/ebtmUrs=
Subject key identifier: 87:75:87:85:40:36:FE:BF:C6:91:45:A9:D3:62:D0:A8:D6:D2:57:A8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1BD430B34A8F2E03B8EB5411F4EFC163211C3197
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233322e302f32322d3234203d3e20323037353934.roa
Signing time: Wed 04 Mar 2026 10:23:22 +0000
ROA not before: Wed 04 Mar 2026 10:18:22 +0000
ROA not after: Wed 03 Mar 2027 10:23:22 +0000
asID: 207594
IP address blocks: 195.179.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 16:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:d4:30:b3:4a:8f:2e:03:b8:eb:54:11:f4:ef:c1:63:21:1c:31:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 4 10:18:22 2026 GMT
Not After : Mar 3 10:23:22 2027 GMT
Subject: CN=877587854036FEBFC69145A9D362D0A8D6D257A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b7:ec:de:83:af:87:75:7d:f3:d1:ac:bc:3c:
83:42:b5:b9:59:41:4b:ac:dd:7f:6e:e1:fc:b1:db:
c0:79:d2:da:26:ae:67:0a:7e:da:16:78:cb:65:08:
25:f7:38:e2:2d:a8:b5:da:14:b5:db:88:fb:80:e3:
23:aa:1d:48:71:22:b3:6e:90:ea:fa:dd:9f:54:f8:
75:ef:fe:68:f9:57:7e:9c:89:36:4b:e0:e9:62:2a:
10:2d:85:ff:f5:f3:cf:4c:b9:a3:5a:d7:47:5a:52:
ad:8d:ab:34:c3:6c:ba:93:bd:db:20:30:15:c8:5b:
d4:64:84:13:91:b5:00:3b:60:1a:f8:3c:96:5f:68:
39:96:04:fb:1b:f5:16:f3:78:80:6b:6c:46:c1:7c:
c9:e1:00:64:c0:e7:c9:c1:8a:04:23:49:8c:19:ac:
4c:3b:07:aa:fd:25:12:b5:91:33:a7:8d:ca:54:e1:
a6:9a:5a:33:31:8c:9a:03:53:26:bf:a6:2e:0d:e0:
4a:60:34:26:39:4f:b8:8c:62:a7:fc:74:20:ae:3e:
b9:37:78:66:7f:c6:61:26:78:a4:9e:7f:86:d4:2b:
bf:3d:cf:cd:dd:b5:96:f3:b8:e8:99:59:27:e6:cd:
ce:3c:66:74:b3:fb:53:a3:b5:9d:9f:1f:b1:5b:33:
fb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:75:87:85:40:36:FE:BF:C6:91:45:A9:D3:62:D0:A8:D6:D2:57:A8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3233322e302f32322d3234203d3e20323037353934.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.232.0/22
Signature Algorithm: sha256WithRSAEncryption
11:6e:a8:6d:28:91:e7:f2:b6:6c:80:52:3b:d8:7b:08:84:ce:
f8:69:a2:ad:04:ec:3e:40:62:6f:43:3b:48:4d:a8:7f:af:15:
56:75:28:ad:96:8e:2b:7e:7c:11:95:5d:c5:10:04:8a:33:92:
5e:71:de:fa:b3:d5:a3:3f:52:05:a4:a3:70:e4:c5:06:71:ad:
0e:f2:d1:90:ac:e5:23:9b:3a:3a:16:ac:cc:40:1e:54:f9:f9:
19:f1:03:e1:45:28:4a:52:7d:69:06:61:38:ec:36:5c:08:12:
ab:68:18:00:de:60:4b:fa:34:7f:49:fb:7c:b6:ad:a0:72:f3:
e2:ae:01:b6:c1:99:df:bb:ff:e6:60:36:35:32:33:94:60:dd:
c7:29:2d:e3:6c:b1:64:78:bf:ac:d7:06:11:fc:ef:21:59:b6:
0d:3d:4e:60:e6:cb:53:05:6b:07:b7:ea:68:16:86:2b:67:8d:
a4:59:0d:18:1d:5c:ac:e7:ed:cc:57:69:54:d6:59:c3:54:2d:
10:21:a4:40:86:cd:92:89:cf:99:7f:14:c1:8b:99:6a:e5:39:
1a:2b:2b:eb:7a:50:01:0a:c6:af:22:b2:2b:ef:2f:55:14:66:
8f:a4:fe:d3:47:26:0a:0a:b4:af:8d:7f:ca:9b:63:bd:e0:50:
46:9b:14:d7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUG9Qws0qPLgO461QR9O/BYyEcMZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMDQxMDE4MjJaFw0yNzAzMDMxMDIzMjJaMDMxMTAvBgNV
BAMTKDg3NzU4Nzg1NDAzNkZFQkZDNjkxNDVBOUQzNjJEMEE4RDZEMjU3QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPt+zeg6+HdX3z0ay8PINCtblZ
QUus3X9u4fyx28B50tomrmcKftoWeMtlCCX3OOItqLXaFLXbiPuA4yOqHUhxIrNu
kOr63Z9U+HXv/mj5V36ciTZL4OliKhAthf/1889MuaNa10daUq2NqzTDbLqTvdsg
MBXIW9RkhBORtQA7YBr4PJZfaDmWBPsb9RbzeIBrbEbBfMnhAGTA58nBigQjSYwZ
rEw7B6r9JRK1kTOnjcpU4aaaWjMxjJoDUya/pi4N4EpgNCY5T7iMYqf8dCCuPrk3
eGZ/xmEmeKSef4bUK789z83dtZbzuOiZWSfmzc48ZnSz+1OjtZ2fH7FbM/tPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUh3WHhUA2/r/GkUWp02LQqNbSV6gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMy
MzMzMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzAzNzM1MzkzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAsOz6DANBgkqhkiG9w0BAQsFAAOCAQEAEW6obSiR5/K2bIBSO9h7CITO+Gmi
rQTsPkBib0M7SE2of68VVnUorZaOK358EZVdxRAEijOSXnHe+rPVoz9SBaSjcOTF
BnGtDvLRkKzlI5s6OhaszEAeVPn5GfED4UUoSlJ9aQZhOOw2XAgSq2gYAN5gS/o0
f0n7fLatoHLz4q4BtsGZ37v/5mA2NTIzlGDdxykt42yxZHi/rNcGEfzvIVm2DT1O
YObLUwVrB7fqaBaGK2eNpFkNGB1crOftzFdpVNZZw1QtECGkQIbNkonPmX8UwYuZ
auU5Gisr63pQAQrGryKyK+8vVRRmj6T+00cmCgq0r41/yptjveBQRpsU1w==
-----END CERTIFICATE-----
Generated at Sat Mar 21 00:15:44 2026 by rpki-client