Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3130362e302f32342d3234203d3e203332303433.roa
File: 3134352e37392e3130362e302f32342d3234203d3e203332303433.roa (raw, json)
Hash identifier: cS05ocrc78G6UcbQrUBB4AwrgGAOZTRpDpvkSh+izmo=
Subject key identifier: 1E:9C:65:A4:24:E8:75:F9:49:B5:2A:70:D6:50:A2:AB:DF:5D:51:2D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 42B185BF877A49EA7B12C3281735145E1C1C1449
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3130362e302f32342d3234203d3e203332303433.roa
Signing time: Wed 10 Jun 2026 11:25:09 +0000
ROA not before: Wed 10 Jun 2026 11:20:09 +0000
ROA not after: Wed 09 Jun 2027 11:25:09 +0000
asID: 32043
IP address blocks: 145.79.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:b1:85:bf:87:7a:49:ea:7b:12:c3:28:17:35:14:5e:1c:1c:14:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 10 11:20:09 2026 GMT
Not After : Jun 9 11:25:09 2027 GMT
Subject: CN=1E9C65A424E875F949B52A70D650A2ABDF5D512D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cb:b5:72:9e:80:ea:3b:7a:86:ab:ff:10:af:
d5:1a:0d:6c:db:49:e5:6a:44:f7:29:7b:c8:d3:43:
ef:2f:6c:99:a1:b5:0a:8f:f2:13:15:c7:e2:20:ea:
26:f8:b4:ed:e1:c5:b7:1a:89:9f:7d:ad:fb:c1:3b:
54:a8:b6:32:c1:a4:11:e4:4b:f1:2b:60:a0:ea:7e:
fe:d2:5b:bf:e6:c0:8e:1d:eb:e0:b7:e4:1a:9b:03:
48:c5:ed:d5:d9:e8:15:d9:ff:56:5b:e7:63:e1:dc:
eb:2c:a0:ec:fd:cd:0f:f2:32:25:97:b6:a2:be:89:
6e:30:b2:fd:c2:d8:6d:ed:6c:d0:19:3e:60:37:9d:
8f:49:fd:ea:a8:ef:9d:12:f6:2b:b9:4f:b4:00:ab:
13:27:5e:df:58:42:4f:da:85:5f:56:6e:71:15:6d:
5a:d1:84:12:99:f7:43:f6:40:33:21:2d:52:eb:49:
4c:23:8d:a4:0a:13:1b:04:23:c7:10:88:06:3e:27:
ed:79:e1:23:04:2a:60:da:9e:2c:8d:00:f2:33:c3:
11:79:fd:a2:ae:87:d3:18:01:9a:83:81:e5:ea:d6:
7a:ee:18:35:cb:ea:14:97:33:07:95:2b:2d:b4:a9:
42:ac:de:7f:1b:1c:44:01:12:eb:2e:8e:8f:74:df:
3e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9C:65:A4:24:E8:75:F9:49:B5:2A:70:D6:50:A2:AB:DF:5D:51:2D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3130362e302f32342d3234203d3e203332303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.106.0/24
Signature Algorithm: sha256WithRSAEncryption
55:5b:69:42:b2:de:b2:34:0b:c8:14:05:6e:f1:2e:fd:33:7f:
04:9c:e4:1a:53:3c:1d:28:c7:62:b1:d8:1e:a2:de:78:0b:b9:
c7:24:ff:f9:6b:34:61:14:6a:27:ee:97:54:56:10:6b:b6:11:
5e:36:3f:52:44:11:77:98:e5:4e:b6:0a:07:6a:c5:f5:78:6e:
98:63:2c:b5:2d:f7:2c:d5:db:92:98:38:df:85:83:7c:4f:37:
e9:a6:e6:de:75:9a:e8:4e:87:e0:5e:4b:78:df:1e:da:4e:7d:
c3:9f:d4:76:b8:83:a9:2c:d6:55:80:f6:8f:34:67:c5:ed:16:
e2:4f:6f:81:48:e8:89:4e:f9:cc:8e:39:1b:85:aa:66:82:15:
1f:b4:92:7c:97:3a:b9:e5:e6:5c:71:2e:bf:f8:61:f9:50:ad:
f6:e2:80:18:6f:c9:0d:42:84:48:7c:90:dc:73:74:3e:c4:8c:
54:18:26:ab:a6:71:72:c3:96:17:eb:75:73:29:9a:01:db:8f:
cc:e6:fe:1a:62:de:34:00:50:12:32:de:77:63:65:45:d5:96:
17:db:45:31:48:c4:9b:b7:e7:95:e5:31:4f:f3:66:dd:5c:0a:
2d:e4:5b:02:3b:65:9c:52:08:ea:08:52:7c:6d:de:10:24:a1:
73:95:63:7a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQrGFv4d6Sep7EsMoFzUUXhwcFEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA2MTAxMTIwMDlaFw0yNzA2MDkxMTI1MDlaMDMxMTAvBgNV
BAMTKDFFOUM2NUE0MjRFODc1Rjk0OUI1MkE3MEQ2NTBBMkFCREY1RDUxMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCty7VynoDqO3qGq/8Qr9UaDWzb
SeVqRPcpe8jTQ+8vbJmhtQqP8hMVx+Ig6ib4tO3hxbcaiZ99rfvBO1SotjLBpBHk
S/ErYKDqfv7SW7/mwI4d6+C35BqbA0jF7dXZ6BXZ/1Zb52Ph3OssoOz9zQ/yMiWX
tqK+iW4wsv3C2G3tbNAZPmA3nY9J/eqo750S9iu5T7QAqxMnXt9YQk/ahV9WbnEV
bVrRhBKZ90P2QDMhLVLrSUwjjaQKExsEI8cQiAY+J+154SMEKmDaniyNAPIzwxF5
/aKuh9MYAZqDgeXq1nruGDXL6hSXMweVKy20qUKs3n8bHEQBEusujo903z5DAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHpxlpCTodflJtSpw1lCiq99dUS0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMyMzAzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
kU9qMA0GCSqGSIb3DQEBCwUAA4IBAQBVW2lCst6yNAvIFAVu8S79M38EnOQaUzwd
KMdisdgeot54C7nHJP/5azRhFGon7pdUVhBrthFeNj9SRBF3mOVOtgoHasX1eG6Y
Yyy1Lfcs1duSmDjfhYN8TzfppubedZroTofgXkt43x7aTn3Dn9R2uIOpLNZVgPaP
NGfF7RbiT2+BSOiJTvnMjjkbhapmghUftJJ8lzq55eZccS6/+GH5UK324oAYb8kN
QoRIfJDcc3Q+xIxUGCarpnFyw5YX63VzKZoB24/M5v4aYt40AFASMt53Y2VF1ZYX
20UxSMSbt+eV5TFP82bdXAot5FsCO2WcUgjqCFJ8bd4QJKFzlWN6
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:55:53 2026 by rpki-client