Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37342e302f32342d3234203d3e20323034313730.roa
File: 38322e3134392e37342e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: zk9xDQId6JsdxtR/Akx6WpjGbkAZ+OOasmOQRL/WurY=
Subject key identifier: 6A:38:E1:CC:49:5D:D6:17:BA:2C:12:E9:6E:AD:05:42:AE:A9:79:F4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 299BDBFD58DB89E4A6F2896B184262D870D57A54
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37342e302f32342d3234203d3e20323034313730.roa
Signing time: Wed 20 May 2026 15:24:21 +0000
ROA not before: Wed 20 May 2026 15:19:21 +0000
ROA not after: Wed 19 May 2027 15:24:21 +0000
asID: 204170
IP address blocks: 82.149.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:9b:db:fd:58:db:89:e4:a6:f2:89:6b:18:42:62:d8:70:d5:7a:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 20 15:19:21 2026 GMT
Not After : May 19 15:24:21 2027 GMT
Subject: CN=6A38E1CC495DD617BA2C12E96EAD0542AEA979F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8c:10:df:77:28:6e:4b:93:75:46:c1:3a:79:
58:61:d6:33:a8:a7:e3:f9:5f:58:cc:e0:77:2b:00:
06:b7:70:49:11:4c:3f:0b:c7:83:43:95:8c:ae:e5:
82:e6:d8:fa:34:19:6b:60:69:26:a8:fe:0b:bb:37:
53:a5:61:b8:f0:60:3f:6d:e2:c1:86:1a:68:19:fd:
0c:6e:a2:76:eb:5e:6b:a9:47:e1:8d:6e:45:fa:3f:
84:34:9e:a6:64:11:c5:61:94:1c:fc:bd:97:77:81:
77:b2:00:c1:99:bd:84:31:22:2d:ed:a0:a4:7e:03:
6f:cb:24:dd:70:01:1d:eb:77:bb:0e:a7:f3:d9:c7:
19:4c:ae:61:1c:d3:32:0c:be:c2:fb:57:3a:10:51:
4a:36:5b:e1:42:c2:78:43:3e:e1:15:1f:cb:4c:69:
8b:74:c0:30:e2:a0:2f:55:de:00:e9:9e:5c:d8:d8:
e0:5a:b8:c8:36:c4:ac:3e:d2:5c:fc:b2:a2:34:cd:
25:c2:42:8d:51:ba:4b:1a:78:61:3e:fc:b5:72:0c:
d5:c9:75:53:ea:fe:d8:99:64:71:ca:cb:50:ec:fd:
e0:2f:54:f8:a7:24:ed:20:b2:34:5b:fe:d4:3c:fd:
4a:7a:80:6c:63:b5:0a:ae:54:c5:10:0a:02:59:38:
d2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:38:E1:CC:49:5D:D6:17:BA:2C:12:E9:6E:AD:05:42:AE:A9:79:F4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37342e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.74.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:99:4a:1f:64:e2:d7:e1:8e:a0:eb:86:ec:ed:03:f9:fc:1b:
4b:3a:89:5f:b5:54:f8:37:ed:d4:d9:8d:59:31:27:28:37:11:
a2:af:01:3e:e2:6f:ce:06:6e:bd:7a:4d:cf:d3:1e:a6:48:46:
1a:db:24:5b:e1:61:a2:cc:0d:33:d7:2e:74:2a:a6:e3:59:76:
e6:31:24:48:44:ba:17:48:d7:59:8f:34:d8:b1:b6:60:78:a9:
0c:62:1d:72:d3:16:3d:8b:53:6a:27:a5:25:80:cf:50:2d:ad:
94:e4:51:a2:16:ae:53:09:45:07:c2:f7:38:f4:ce:f7:b6:31:
58:42:e7:08:a4:e5:8b:30:a3:c2:b6:57:99:d1:d0:c0:1e:1a:
af:f8:ff:c3:48:b4:e1:38:1f:d3:b4:0c:39:23:d6:32:ae:ce:
d9:1f:c9:50:61:10:20:08:16:4a:4c:1e:30:61:f0:fc:55:da:
e0:d9:e0:10:19:09:91:4f:17:9a:27:11:23:eb:0b:0c:ea:44:
1f:4b:7a:70:fb:5d:b9:ac:98:f8:cf:55:28:c4:2b:2b:d8:78:
53:62:3f:a4:0f:2a:d5:81:9d:f9:c1:ea:b3:b2:91:23:3e:fd:
df:d5:a4:8c:33:65:e4:13:33:7f:04:77:95:82:12:2c:f3:0d:
13:b8:41:80
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKZvb/VjbieSm8olrGEJi2HDVelQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjAxNTE5MjFaFw0yNzA1MTkxNTI0MjFaMDMxMTAvBgNV
BAMTKDZBMzhFMUNDNDk1REQ2MTdCQTJDMTJFOTZFQUQwNTQyQUVBOTc5RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjjBDfdyhuS5N1RsE6eVhh1jOo
p+P5X1jM4HcrAAa3cEkRTD8Lx4NDlYyu5YLm2Po0GWtgaSao/gu7N1OlYbjwYD9t
4sGGGmgZ/QxuonbrXmupR+GNbkX6P4Q0nqZkEcVhlBz8vZd3gXeyAMGZvYQxIi3t
oKR+A2/LJN1wAR3rd7sOp/PZxxlMrmEc0zIMvsL7VzoQUUo2W+FCwnhDPuEVH8tM
aYt0wDDioC9V3gDpnlzY2OBauMg2xKw+0lz8sqI0zSXCQo1RuksaeGE+/LVyDNXJ
dVPq/tiZZHHKy1Ds/eAvVPinJO0gsjRb/tQ8/Up6gGxjtQquVMUQCgJZONIZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUajjhzEld1he6LBLpbq0FQq6pefQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVKMA0GCSqGSIb3DQEBCwUAA4IBAQAdmUofZOLX4Y6g64bs7QP5/BtLOolftVT4
N+3U2Y1ZMScoNxGirwE+4m/OBm69ek3P0x6mSEYa2yRb4WGizA0z1y50KqbjWXbm
MSRIRLoXSNdZjzTYsbZgeKkMYh1y0xY9i1NqJ6UlgM9QLa2U5FGiFq5TCUUHwvc4
9M73tjFYQucIpOWLMKPCtleZ0dDAHhqv+P/DSLThOB/TtAw5I9Yyrs7ZH8lQYRAg
CBZKTB4wYfD8Vdrg2eAQGQmRTxeaJxEj6wsM6kQfS3pw+125rJj4z1UoxCsr2HhT
Yj+kDyrVgZ35weqzspEjPv3f1aSMM2XkEzN/BHeVghIs8w0TuEGA
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:20:15 2026 by rpki-client