Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234302e302f32312d3332203d3e203430303231.roa
File: 3139352e32362e3234302e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: nYWi3d0sgNmxBueIFh6HIPifuDuekipqLiG8lmSu4BY=
Subject key identifier: 2D:B0:40:51:79:CD:7C:E5:09:A3:4D:5B:8E:A3:77:FA:2C:89:F6:69
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 50CDAFA2A2D3A76944287D530A8E813D34DE4DE5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234302e302f32312d3332203d3e203430303231.roa
Signing time: Wed 04 Mar 2026 09:23:22 +0000
ROA not before: Wed 04 Mar 2026 09:18:22 +0000
ROA not after: Wed 03 Mar 2027 09:23:22 +0000
asID: 40021
IP address blocks: 195.26.240.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 09:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:cd:af:a2:a2:d3:a7:69:44:28:7d:53:0a:8e:81:3d:34:de:4d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 4 09:18:22 2026 GMT
Not After : Mar 3 09:23:22 2027 GMT
Subject: CN=2DB0405179CD7CE509A34D5B8EA377FA2C89F669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:dd:f1:bc:55:16:ae:7e:bc:59:21:d8:d1:54:
04:64:04:29:83:9f:e6:9c:68:a3:c5:7c:5f:c7:75:
37:81:9d:24:54:25:43:db:20:3f:ab:d9:76:36:04:
f9:bc:9c:bc:6e:0e:54:5a:ef:15:62:7e:19:d1:dd:
c5:3e:4a:c7:2d:d0:b8:c2:3d:50:6c:33:41:67:38:
ff:07:1f:ed:53:8c:47:6f:bf:24:c4:70:b2:13:6c:
d2:e5:e9:04:0b:38:77:cd:87:df:24:1d:52:6e:b8:
b3:4f:87:b6:67:34:f8:af:3f:07:d0:8a:93:3b:5b:
30:f8:e8:e5:0c:c5:bf:aa:14:6c:ef:e5:7f:97:22:
9d:35:e9:72:ee:a9:e8:1b:24:ca:b2:96:79:7e:6a:
75:2b:69:27:1a:c3:93:c1:62:bd:0e:40:52:1f:c1:
10:0c:c9:cb:b9:c6:06:92:a0:99:b2:ee:c7:91:fe:
4d:10:c5:be:1e:e0:a6:92:83:26:7c:af:61:57:47:
6c:39:17:3f:46:f2:be:24:81:97:d7:d8:ba:f3:02:
61:03:4b:40:db:f4:f9:8f:22:4f:63:10:5e:b2:e5:
8f:1a:84:d6:28:c9:89:1c:ac:58:10:4a:ac:98:8f:
cc:c9:62:b9:87:59:7c:44:d4:ab:88:45:2a:07:9d:
49:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B0:40:51:79:CD:7C:E5:09:A3:4D:5B:8E:A3:77:FA:2C:89:F6:69
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234302e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.240.0/21
Signature Algorithm: sha256WithRSAEncryption
90:7f:06:23:c3:0e:01:e6:3b:f5:ce:61:b0:0f:57:4d:aa:ee:
8e:a9:04:a4:af:73:17:28:6b:d7:0e:f4:bc:e3:85:d8:c6:b4:
76:bc:16:65:3c:74:d8:58:24:d1:ab:32:78:e1:bb:85:66:13:
fa:5b:bb:95:97:e7:76:f9:e3:dc:81:95:0b:3f:d1:63:2c:ed:
4f:2c:f7:46:2e:dc:91:40:93:b0:fb:7c:14:04:dd:c6:fd:b5:
71:0f:fc:68:33:87:48:da:d8:da:2c:4c:f4:52:82:7c:e2:45:
e6:89:03:60:21:c7:d6:da:86:c2:f3:eb:b6:45:64:8d:17:ff:
bb:96:b5:30:cd:c2:1e:00:b1:25:cb:d9:1e:10:85:37:fc:82:
a8:6c:b6:3f:dd:ed:63:f1:27:09:fc:b0:b1:b4:90:a8:2f:48:
08:dd:4c:2e:92:47:bc:63:ab:95:9b:d7:07:64:22:f1:62:05:
b4:90:43:8e:3a:76:e2:2a:2a:55:dd:e0:31:72:b9:83:e6:46:
70:e8:60:f5:b8:87:cd:7b:8a:a7:c4:f7:ec:3d:0f:32:b6:26:
89:e1:34:b1:82:6d:97:9a:b8:c6:85:85:92:2c:ea:85:fd:d4:
ca:0d:86:00:66:b3:05:65:13:8c:30:0c:1a:25:86:6b:af:4d:
cc:f8:11:36
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUM2voqLTp2lEKH1TCo6BPTTeTeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMDQwOTE4MjJaFw0yNzAzMDMwOTIzMjJaMDMxMTAvBgNV
BAMTKDJEQjA0MDUxNzlDRDdDRTUwOUEzNEQ1QjhFQTM3N0ZBMkM4OUY2NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/3fG8VRaufrxZIdjRVARkBCmD
n+acaKPFfF/HdTeBnSRUJUPbID+r2XY2BPm8nLxuDlRa7xVifhnR3cU+Ssct0LjC
PVBsM0FnOP8HH+1TjEdvvyTEcLITbNLl6QQLOHfNh98kHVJuuLNPh7ZnNPivPwfQ
ipM7WzD46OUMxb+qFGzv5X+XIp016XLuqegbJMqylnl+anUraScaw5PBYr0OQFIf
wRAMycu5xgaSoJmy7seR/k0Qxb4e4KaSgyZ8r2FXR2w5Fz9G8r4kgZfX2LrzAmED
S0Db9PmPIk9jEF6y5Y8ahNYoyYkcrFgQSqyYj8zJYrmHWXxE1KuIRSoHnUm3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULbBAUXnNfOUJo01bjqN3+iyJ9mkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjM2MmUzMjM0
MzAyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wxrwMA0GCSqGSIb3DQEBCwUAA4IBAQCQfwYjww4B5jv1zmGwD1dNqu6OqQSkr3MX
KGvXDvS844XYxrR2vBZlPHTYWCTRqzJ44buFZhP6W7uVl+d2+ePcgZULP9FjLO1P
LPdGLtyRQJOw+3wUBN3G/bVxD/xoM4dI2tjaLEz0UoJ84kXmiQNgIcfW2obC8+u2
RWSNF/+7lrUwzcIeALEly9keEIU3/IKobLY/3e1j8ScJ/LCxtJCoL0gI3Uwukke8
Y6uVm9cHZCLxYgW0kEOOOnbiKipV3eAxcrmD5kZw6GD1uIfNe4qnxPfsPQ8ytiaJ
4TSxgm2XmrjGhYWSLOqF/dTKDYYAZrMFZROMMAwaJYZrr03M+BE2
-----END CERTIFICATE-----
Generated at Thu Mar 5 17:41:44 2026 by rpki-client