Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37332e302f32342d3234203d3e20323034313730.roa
File: 38322e3134392e37332e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: /tXPtRnEGJpltKnoYUG1SmaMLe4TIooL8SNJBMIHpKI=
Subject key identifier: BC:02:27:82:8F:DB:08:95:AA:A0:11:35:EE:A3:18:31:8F:0B:C1:5E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 454ABCAC8AF3033429659562F81CD21270902016
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37332e302f32342d3234203d3e20323034313730.roa
Signing time: Wed 20 May 2026 15:24:19 +0000
ROA not before: Wed 20 May 2026 15:19:19 +0000
ROA not after: Wed 19 May 2027 15:24:19 +0000
asID: 204170
IP address blocks: 82.149.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:4a:bc:ac:8a:f3:03:34:29:65:95:62:f8:1c:d2:12:70:90:20:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 20 15:19:19 2026 GMT
Not After : May 19 15:24:19 2027 GMT
Subject: CN=BC0227828FDB0895AAA01135EEA318318F0BC15E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e9:05:16:e0:5d:bc:54:b6:00:d3:3d:f9:d2:
12:a3:29:cf:ed:43:57:b4:01:77:1d:61:b1:79:81:
6b:35:dd:7c:80:74:e1:0a:64:9d:33:4f:0e:e5:f3:
0a:e7:1b:4b:f5:ad:ae:af:26:d4:f4:6f:70:e9:4a:
3f:b6:52:e2:af:0b:39:d1:a1:af:48:8a:8a:25:a8:
33:1e:1a:da:1c:13:93:15:1a:8e:a8:15:a0:41:90:
79:5b:09:0a:ba:05:a4:3e:62:93:70:92:af:01:bc:
54:dd:9b:7d:2e:20:95:43:ce:94:01:ed:60:85:49:
94:2a:ec:40:e6:51:af:a4:35:87:bb:38:65:dd:01:
7a:52:5c:12:19:20:7e:2d:73:b5:54:40:da:c4:1e:
fe:35:ba:9f:7e:8a:87:85:1d:1e:d9:66:a8:38:cd:
8c:4d:82:05:d6:9d:16:62:7e:69:dc:f0:78:1d:6b:
e8:d0:09:9b:5f:df:e7:73:03:52:f1:9b:25:67:2f:
ac:6c:00:1d:3d:2e:02:39:d1:48:92:a9:f0:c8:44:
27:29:ba:b2:78:0c:93:37:0a:30:fa:53:22:b5:61:
53:e1:a5:78:78:21:94:8a:ba:2f:14:8a:f2:3d:4e:
c5:f6:51:7b:f5:df:c5:94:ac:5c:ce:c8:51:fb:b9:
25:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:02:27:82:8F:DB:08:95:AA:A0:11:35:EE:A3:18:31:8F:0B:C1:5E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37332e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.73.0/24
Signature Algorithm: sha256WithRSAEncryption
07:2e:3b:5e:70:60:22:74:b7:f2:c6:61:c5:33:95:b2:85:e0:
e6:e7:87:bb:9f:27:21:4c:1c:c3:c4:fc:74:8b:78:95:82:3a:
11:9e:49:c1:01:7a:71:8b:19:44:9d:43:77:6f:e8:9a:d2:5b:
b7:5d:4f:9d:a3:51:70:5a:e8:dc:19:38:51:fc:76:da:2d:b0:
0f:7b:65:c6:c8:54:c8:9d:55:2c:59:53:36:d4:e6:6c:0a:04:
7a:70:a3:9c:d2:f1:17:9b:58:49:21:c2:4d:4c:8a:06:d6:4c:
ac:de:27:65:6f:25:d8:ce:6b:7d:81:27:cc:82:ec:e8:86:6e:
5d:f0:d2:47:7a:7f:f9:4a:89:22:ad:ea:08:7c:d2:e2:c8:96:
5c:91:8e:89:c4:a4:7e:76:68:18:f3:86:30:ee:56:5b:25:03:
fc:84:a3:11:2c:05:fd:8c:cc:7e:31:4c:54:ac:b4:75:f5:ab:
a3:93:e3:71:66:2a:e4:fa:0f:81:dc:ab:ac:e9:37:f8:b5:5e:
4d:ae:cb:17:cd:60:a2:87:12:5d:ed:8d:5b:87:59:f9:7e:db:
a4:66:4d:d5:a5:92:6b:72:95:c9:0d:9b:2f:2e:35:ae:30:8f:
f5:ee:48:f5:08:5e:ac:4d:8e:0f:86:36:49:89:23:de:c1:95:
02:e6:3e:a1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURUq8rIrzAzQpZZVi+BzSEnCQIBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjAxNTE5MTlaFw0yNzA1MTkxNTI0MTlaMDMxMTAvBgNV
BAMTKEJDMDIyNzgyOEZEQjA4OTVBQUEwMTEzNUVFQTMxODMxOEYwQkMxNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU6QUW4F28VLYA0z350hKjKc/t
Q1e0AXcdYbF5gWs13XyAdOEKZJ0zTw7l8wrnG0v1ra6vJtT0b3DpSj+2UuKvCznR
oa9IioolqDMeGtocE5MVGo6oFaBBkHlbCQq6BaQ+YpNwkq8BvFTdm30uIJVDzpQB
7WCFSZQq7EDmUa+kNYe7OGXdAXpSXBIZIH4tc7VUQNrEHv41up9+ioeFHR7ZZqg4
zYxNggXWnRZifmnc8Hgda+jQCZtf3+dzA1LxmyVnL6xsAB09LgI50UiSqfDIRCcp
urJ4DJM3CjD6UyK1YVPhpXh4IZSKui8UivI9TsX2UXv138WUrFzOyFH7uSW1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvAIngo/bCJWqoBE17qMYMY8LwV4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVJMA0GCSqGSIb3DQEBCwUAA4IBAQAHLjtecGAidLfyxmHFM5WyheDm54e7nych
TBzDxPx0i3iVgjoRnknBAXpxixlEnUN3b+ia0lu3XU+do1FwWujcGThR/HbaLbAP
e2XGyFTInVUsWVM21OZsCgR6cKOc0vEXm1hJIcJNTIoG1kys3idlbyXYzmt9gSfM
guzohm5d8NJHen/5SokireoIfNLiyJZckY6JxKR+dmgY84Yw7lZbJQP8hKMRLAX9
jMx+MUxUrLR19aujk+NxZirk+g+B3Kus6Tf4tV5NrssXzWCihxJd7Y1bh1n5ftuk
Zk3VpZJrcpXJDZsvLjWuMI/17kj1CF6sTY4PhjZJiSPewZUC5j6h
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:20:10 2026 by rpki-client