Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32342d3234203d3e20323034313730.roa
File: 38322e3134392e37322e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: cfJw9x9/nbLg4cpMe1PnTm1ZwbZD3uHVH9rSfKHiZgA=
Subject key identifier: 31:86:A8:EE:65:B4:16:D0:42:DA:66:17:66:38:96:20:F5:2B:4E:48
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7B4A077BEABF55B5C759915613E4258A221B03F6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32342d3234203d3e20323034313730.roa
Signing time: Wed 20 May 2026 15:24:20 +0000
ROA not before: Wed 20 May 2026 15:19:20 +0000
ROA not after: Wed 19 May 2027 15:24:20 +0000
asID: 204170
IP address blocks: 82.149.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:4a:07:7b:ea:bf:55:b5:c7:59:91:56:13:e4:25:8a:22:1b:03:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 20 15:19:20 2026 GMT
Not After : May 19 15:24:20 2027 GMT
Subject: CN=3186A8EE65B416D042DA661766389620F52B4E48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:84:c5:06:2d:9f:89:72:84:b9:4d:49:0b:a1:
58:f0:e8:cb:c4:f5:fe:cc:16:ee:83:40:50:a9:da:
5a:8e:2c:e6:93:ee:0c:f8:e0:f1:07:7f:18:4f:05:
4b:e3:75:f3:da:78:f8:6d:3f:42:c8:df:8d:14:be:
08:47:e5:41:35:b2:45:a9:1f:c5:bd:b6:58:23:75:
df:6b:58:ad:b1:4f:bc:6f:a0:35:d0:da:d4:f6:35:
63:36:97:b6:67:a1:c0:9f:1d:6c:02:fa:18:02:52:
9d:29:c8:ec:bd:5f:91:03:3e:42:b6:d5:b9:fb:15:
21:67:19:b3:17:bf:e5:0c:7b:6e:69:ad:24:20:f3:
01:6e:c0:b0:a8:e6:35:dd:28:9e:20:bf:c8:8d:ba:
42:62:f3:51:76:ef:5c:58:68:83:27:4b:e0:f1:7d:
d7:d6:82:a1:02:ce:53:8f:86:fe:2a:64:f1:43:16:
c1:56:47:2f:5e:c8:c9:0d:2a:90:b0:28:c0:bf:1f:
d6:c1:cc:a8:ac:a1:c8:85:ee:e2:5e:32:82:19:a9:
85:37:50:8f:bb:6b:2e:a1:0c:21:10:23:c1:c8:d7:
14:4b:e9:a8:07:4b:01:cb:ca:e1:3e:4b:f5:5f:63:
95:dc:00:c7:6d:46:da:10:8e:6e:c3:fe:7d:2d:8b:
02:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:86:A8:EE:65:B4:16:D0:42:DA:66:17:66:38:96:20:F5:2B:4E:48
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37322e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.72.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:62:f6:f8:21:b3:b9:63:91:66:3e:15:66:c3:bd:64:89:ee:
46:12:18:85:41:1c:5c:6a:e9:2f:2f:89:08:fe:c1:38:42:86:
43:06:af:a3:2d:3b:2a:b4:ad:89:23:d5:f2:23:b1:39:f5:40:
8c:4c:9c:59:13:e3:f4:b5:0b:66:1b:58:26:c8:1b:54:1b:eb:
5e:dd:a8:26:b9:80:f9:30:56:19:d2:2d:86:ea:ac:76:3d:3a:
14:67:7f:7e:67:48:13:c4:03:9a:33:25:62:9e:e1:42:1a:ca:
f9:29:d9:aa:19:a6:81:5f:79:05:16:5c:4c:73:2d:92:11:13:
54:a3:96:19:6b:13:be:09:7e:fb:5e:f2:2d:0a:06:9a:76:7a:
56:a5:d7:95:07:f0:c3:51:5f:86:4f:1b:bc:93:e2:34:eb:50:
6a:32:3f:2b:e9:17:57:db:34:e9:77:16:2d:b2:4d:0e:c8:12:
da:32:62:e2:1a:d8:24:13:3f:37:90:95:bf:fb:e7:d1:bb:1a:
94:00:6c:24:fe:02:91:7c:c1:9c:e2:c1:cf:a4:4a:62:a9:38:
0c:f4:7b:13:3c:57:cc:6d:e3:29:d4:f2:9a:1b:f8:55:58:5c:
83:c3:78:53:d8:e6:ec:8a:e9:33:79:4c:06:03:a3:0d:35:49:
ec:dd:9e:6e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUe0oHe+q/VbXHWZFWE+QliiIbA/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjAxNTE5MjBaFw0yNzA1MTkxNTI0MjBaMDMxMTAvBgNV
BAMTKDMxODZBOEVFNjVCNDE2RDA0MkRBNjYxNzY2Mzg5NjIwRjUyQjRFNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDChMUGLZ+JcoS5TUkLoVjw6MvE
9f7MFu6DQFCp2lqOLOaT7gz44PEHfxhPBUvjdfPaePhtP0LI340UvghH5UE1skWp
H8W9tlgjdd9rWK2xT7xvoDXQ2tT2NWM2l7ZnocCfHWwC+hgCUp0pyOy9X5EDPkK2
1bn7FSFnGbMXv+UMe25prSQg8wFuwLCo5jXdKJ4gv8iNukJi81F271xYaIMnS+Dx
fdfWgqECzlOPhv4qZPFDFsFWRy9eyMkNKpCwKMC/H9bBzKisociF7uJeMoIZqYU3
UI+7ay6hDCEQI8HI1xRL6agHSwHLyuE+S/VfY5XcAMdtRtoQjm7D/n0tiwIfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMYao7mW0FtBC2mYXZjiWIPUrTkgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVIMA0GCSqGSIb3DQEBCwUAA4IBAQBtYvb4IbO5Y5FmPhVmw71kie5GEhiFQRxc
aukvL4kI/sE4QoZDBq+jLTsqtK2JI9XyI7E59UCMTJxZE+P0tQtmG1gmyBtUG+te
3agmuYD5MFYZ0i2G6qx2PToUZ39+Z0gTxAOaMyVinuFCGsr5KdmqGaaBX3kFFlxM
cy2SERNUo5YZaxO+CX77XvItCgaadnpWpdeVB/DDUV+GTxu8k+I061BqMj8r6RdX
2zTpdxYtsk0OyBLaMmLiGtgkEz83kJW/++fRuxqUAGwk/gKRfMGc4sHPpEpiqTgM
9HsTPFfMbeMp1PKaG/hVWFyDw3hT2ObsiukzeUwGA6MNNUns3Z5u
-----END CERTIFICATE-----
Generated at Thu Jun 4 06:14:02 2026 by rpki-client