Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234382e302f32312d3332203d3e203430303231.roa
File: 3139352e32362e3234382e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: IWBSEad+PlwB7NQ54YLFXpDIX0YIL+uDWlf1vbtiZTY=
Subject key identifier: 20:F1:50:3B:19:AA:8A:A1:8C:2F:36:65:75:A2:8C:4F:5E:E6:65:D1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4C2AD811A61D8A60382ABECBE79BC74E79FA905C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234382e302f32312d3332203d3e203430303231.roa
Signing time: Wed 04 Mar 2026 09:23:22 +0000
ROA not before: Wed 04 Mar 2026 09:18:22 +0000
ROA not after: Wed 03 Mar 2027 09:23:22 +0000
asID: 40021
IP address blocks: 195.26.248.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 09:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:2a:d8:11:a6:1d:8a:60:38:2a:be:cb:e7:9b:c7:4e:79:fa:90:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 4 09:18:22 2026 GMT
Not After : Mar 3 09:23:22 2027 GMT
Subject: CN=20F1503B19AA8AA18C2F366575A28C4F5EE665D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bc:41:29:b1:6f:bf:c2:ee:98:e2:03:11:bf:
7b:f4:25:38:c9:e4:83:80:bb:fe:6a:e4:a8:36:f3:
0f:ad:39:03:a7:db:9f:c4:7d:e0:ec:8b:ac:4b:cb:
48:12:72:9e:18:3e:9f:fb:8a:d1:95:82:d9:a2:f2:
f7:a4:7b:15:bc:b3:e4:74:08:8f:09:c6:16:fd:59:
41:47:7a:0e:fd:f5:c1:38:ba:a6:54:19:f3:23:49:
69:0e:ad:12:92:5e:77:0d:e8:5b:6a:94:bc:a1:4a:
79:1b:0d:53:a7:5d:19:2d:bb:a1:ef:c1:fd:45:db:
12:3a:9c:62:a2:82:7e:4b:00:a5:9d:f9:75:8b:96:
2f:db:34:1b:f7:05:d1:30:8d:ba:77:26:0e:65:43:
9f:23:97:14:f4:ca:db:2d:e7:1b:d4:73:f9:06:47:
1d:68:cc:c8:b3:e5:d8:fc:7b:c1:b2:34:45:e0:ff:
d7:16:93:27:d7:f8:15:f7:bb:f2:13:e2:94:aa:65:
43:7a:2d:c7:26:66:94:b4:51:cc:12:0f:c0:b9:3a:
34:87:f8:bd:26:5d:d8:0c:b9:79:a2:de:80:2f:f0:
e7:46:fb:84:25:fc:7c:7b:83:a2:28:ab:95:42:23:
c5:4e:0e:67:3f:d0:56:0d:03:2e:5f:37:92:d6:16:
8b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F1:50:3B:19:AA:8A:A1:8C:2F:36:65:75:A2:8C:4F:5E:E6:65:D1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e32362e3234382e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.248.0/21
Signature Algorithm: sha256WithRSAEncryption
75:17:ca:50:b6:fb:49:59:ea:45:18:fa:e3:40:25:9c:d7:b9:
b9:3e:14:5f:06:cc:fb:69:66:8c:05:db:4c:57:4e:04:b8:c4:
0f:9b:9e:70:8a:65:08:5f:ad:7c:39:c8:f7:cb:cb:9a:b4:39:
0d:eb:59:1f:a6:2c:20:f8:46:42:65:db:87:2a:a8:6e:39:10:
7e:20:1c:66:44:05:73:0a:c1:e3:07:ff:ab:f1:db:0d:40:69:
de:86:4a:81:26:6d:58:e8:d6:05:9b:9f:a5:0b:eb:bf:df:e3:
d0:a6:e8:c7:85:e0:af:08:06:33:2b:c9:a7:bd:0a:fd:00:29:
be:20:cc:d3:34:ca:07:ee:4f:a0:d3:b8:a7:cc:fe:a3:22:54:
5f:ad:d2:6e:b9:33:2e:39:39:b4:ef:1f:9b:42:03:29:89:96:
f8:d7:e8:f0:be:73:19:a3:19:76:83:8a:b2:b7:6d:b7:43:60:
b2:d5:2d:51:22:75:5b:c5:8c:6a:8d:d6:eb:c9:a7:58:50:1a:
c5:b9:6f:be:23:1d:41:87:26:89:57:ed:c3:c7:ec:e5:2a:57:
b0:25:ce:d9:fb:25:bf:bc:7c:5a:c2:19:24:34:2c:f6:6f:e0:
a1:6e:96:26:a9:b3:1f:94:6e:c1:3b:4a:65:e0:fa:c7:58:12:
bc:2b:23:59
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTCrYEaYdimA4Kr7L55vHTnn6kFwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMDQwOTE4MjJaFw0yNzAzMDMwOTIzMjJaMDMxMTAvBgNV
BAMTKDIwRjE1MDNCMTlBQThBQTE4QzJGMzY2NTc1QTI4QzRGNUVFNjY1RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8vEEpsW+/wu6Y4gMRv3v0JTjJ
5IOAu/5q5Kg28w+tOQOn25/EfeDsi6xLy0gScp4YPp/7itGVgtmi8vekexW8s+R0
CI8Jxhb9WUFHeg799cE4uqZUGfMjSWkOrRKSXncN6FtqlLyhSnkbDVOnXRktu6Hv
wf1F2xI6nGKign5LAKWd+XWLli/bNBv3BdEwjbp3Jg5lQ58jlxT0ytst5xvUc/kG
Rx1ozMiz5dj8e8GyNEXg/9cWkyfX+BX3u/IT4pSqZUN6LccmZpS0UcwSD8C5OjSH
+L0mXdgMuXmi3oAv8OdG+4Ql/Hx7g6Ioq5VCI8VODmc/0FYNAy5fN5LWFov/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIPFQOxmqiqGMLzZldaKMT17mZdEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjM2MmUzMjM0
MzgyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
wxr4MA0GCSqGSIb3DQEBCwUAA4IBAQB1F8pQtvtJWepFGPrjQCWc17m5PhRfBsz7
aWaMBdtMV04EuMQPm55wimUIX618Ocj3y8uatDkN61kfpiwg+EZCZduHKqhuORB+
IBxmRAVzCsHjB/+r8dsNQGnehkqBJm1Y6NYFm5+lC+u/3+PQpujHheCvCAYzK8mn
vQr9ACm+IMzTNMoH7k+g07inzP6jIlRfrdJuuTMuOTm07x+bQgMpiZb41+jwvnMZ
oxl2g4qyt223Q2Cy1S1RInVbxYxqjdbryadYUBrFuW++Ix1BhyaJV+3Dx+zlKlew
Jc7Z+yW/vHxawhkkNCz2b+ChbpYmqbMflG7BO0pl4PrHWBK8KyNZ
-----END CERTIFICATE-----
Generated at Thu Mar 5 17:39:59 2026 by rpki-client