Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37352e302f32342d3234203d3e20323034313730.roa
File: 38322e3134392e37352e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: x5/LI62FsD8CDQRdPDlP0LO865IARLNoHrfGEOazctg=
Subject key identifier: 42:67:5C:9C:8B:37:A3:07:29:1F:C9:96:46:2D:1A:DE:21:63:CF:F6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7663DBD1D83E54513E14CAEF2597133C71DC3B04
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37352e302f32342d3234203d3e20323034313730.roa
Signing time: Wed 20 May 2026 15:24:19 +0000
ROA not before: Wed 20 May 2026 15:19:19 +0000
ROA not after: Wed 19 May 2027 15:24:19 +0000
asID: 204170
IP address blocks: 82.149.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:63:db:d1:d8:3e:54:51:3e:14:ca:ef:25:97:13:3c:71:dc:3b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 20 15:19:19 2026 GMT
Not After : May 19 15:24:19 2027 GMT
Subject: CN=42675C9C8B37A307291FC996462D1ADE2163CFF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:dc:f0:0c:c9:ab:a8:50:7b:2e:cb:31:b0:c9:
32:32:82:a4:e4:5d:84:01:06:c9:ed:56:f2:40:7a:
d4:33:e5:f1:2d:15:ab:fa:d4:04:92:95:64:3c:51:
47:e2:f8:d4:06:a8:11:16:6c:14:de:82:62:c8:d4:
9e:a6:cf:71:43:47:1e:25:6f:76:9c:54:4d:ea:bf:
0b:39:f6:d7:3e:a8:9a:e0:c7:c8:4d:3d:c0:22:f8:
19:15:c4:8d:28:f8:43:3c:14:27:ba:73:4e:f4:11:
ab:64:d4:42:fe:1a:f3:17:d8:9b:4e:8e:00:f4:4a:
95:4e:1f:46:b8:9f:e3:f6:a2:6f:3c:8f:b5:fa:0a:
72:87:7b:08:dd:53:f2:7d:55:01:14:7c:50:b0:6f:
95:91:fb:d3:cf:e0:0c:cc:46:f3:6a:d1:95:70:7c:
46:09:1e:1d:e4:aa:ef:b5:8b:69:9a:1a:5e:9d:46:
11:87:2a:ca:94:51:68:8c:c9:56:6e:f3:5d:a0:8b:
bb:09:8b:2e:5a:0c:13:6f:d3:57:63:e2:41:af:87:
d2:4c:0f:55:67:ca:7c:22:66:9e:15:b5:0f:d9:8c:
43:c7:65:97:d6:22:c9:78:2c:68:bf:be:17:42:99:
ee:7a:5b:8c:54:91:90:49:34:ab:32:94:d0:c8:36:
d2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:67:5C:9C:8B:37:A3:07:29:1F:C9:96:46:2D:1A:DE:21:63:CF:F6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e37352e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.75.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:f2:94:67:a0:36:7b:cf:e6:6b:24:1d:19:69:b5:e7:19:ce:
05:9b:57:cd:9d:b5:c4:a2:ae:42:35:99:fa:f6:a9:87:02:11:
f5:b1:4e:de:c2:77:e2:0e:b4:8b:93:8a:ab:26:2f:ed:b9:1e:
2c:e5:76:68:19:75:e4:2d:e0:db:45:2a:75:a8:08:ec:f7:42:
26:f6:e8:93:d8:f3:5e:c5:6c:e7:42:cd:12:79:bc:ad:72:56:
2c:f1:dc:a7:bf:6b:e8:71:b5:81:fa:3d:92:e5:61:63:b0:cd:
a5:db:3b:d1:75:16:c9:ab:ed:bc:56:b1:3a:0a:6a:5b:38:e7:
9e:ef:57:22:59:5f:90:b7:db:96:7f:43:af:f5:02:83:ad:40:
06:6d:fb:6f:5a:5d:ce:e5:19:8f:f7:cd:e9:db:c6:32:8b:21:
1d:ef:bb:aa:a2:00:5c:bd:98:88:29:61:67:b9:9f:0d:55:5a:
af:eb:fe:e1:64:60:b0:36:d3:fd:d0:30:b1:71:13:82:5c:a6:
e2:49:27:05:41:c1:66:46:58:50:ef:9b:c9:a2:b5:27:86:87:
24:18:0f:cc:1a:26:15:dd:0d:76:20:7a:9b:32:ad:a2:39:e9:
fa:9c:16:83:0b:c0:fe:2f:67:7a:ff:42:b6:40:aa:c5:3a:1b:
99:1c:d0:19
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdmPb0dg+VFE+FMrvJZcTPHHcOwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjAxNTE5MTlaFw0yNzA1MTkxNTI0MTlaMDMxMTAvBgNV
BAMTKDQyNjc1QzlDOEIzN0EzMDcyOTFGQzk5NjQ2MkQxQURFMjE2M0NGRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd3PAMyauoUHsuyzGwyTIygqTk
XYQBBsntVvJAetQz5fEtFav61ASSlWQ8UUfi+NQGqBEWbBTegmLI1J6mz3FDRx4l
b3acVE3qvws59tc+qJrgx8hNPcAi+BkVxI0o+EM8FCe6c070Eatk1EL+GvMX2JtO
jgD0SpVOH0a4n+P2om88j7X6CnKHewjdU/J9VQEUfFCwb5WR+9PP4AzMRvNq0ZVw
fEYJHh3kqu+1i2maGl6dRhGHKsqUUWiMyVZu812gi7sJiy5aDBNv01dj4kGvh9JM
D1VnynwiZp4VtQ/ZjEPHZZfWIsl4LGi/vhdCme56W4xUkZBJNKsylNDINtJXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQmdcnIs3owcpH8mWRi0a3iFjz/YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzNzM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVLMA0GCSqGSIb3DQEBCwUAA4IBAQAt8pRnoDZ7z+ZrJB0ZabXnGc4Fm1fNnbXE
oq5CNZn69qmHAhH1sU7ewnfiDrSLk4qrJi/tuR4s5XZoGXXkLeDbRSp1qAjs90Im
9uiT2PNexWznQs0SebytclYs8dynv2vocbWB+j2S5WFjsM2l2zvRdRbJq+28VrE6
CmpbOOee71ciWV+Qt9uWf0Ov9QKDrUAGbftvWl3O5RmP983p28YyiyEd77uqogBc
vZiIKWFnuZ8NVVqv6/7hZGCwNtP90DCxcROCXKbiSScFQcFmRlhQ75vJorUnhock
GA/MGiYV3Q12IHqbMq2iOen6nBaDC8D+L2d6/0K2QKrFOhuZHNAZ
-----END CERTIFICATE-----
Generated at Thu Jun 4 06:13:26 2026 by rpki-client