Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132382e302f32342d3234203d3e20343032323033.roa
File: 3134352e37392e3132382e302f32342d3234203d3e20343032323033.roa (raw, json)
Hash identifier: G08zOKYSwfeLi+rVvbzmooHAmLVzp3DylbMErXD133g=
Subject key identifier: 25:B3:62:5A:FC:21:BD:3C:A7:9A:51:A3:C1:07:64:71:19:B8:00:A7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 42963DFA490D239A104A75602DD6D17553D262AF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132382e302f32342d3234203d3e20343032323033.roa
Signing time: Tue 31 Mar 2026 09:07:11 +0000
ROA not before: Tue 31 Mar 2026 09:02:11 +0000
ROA not after: Tue 30 Mar 2027 09:07:11 +0000
asID: 402203
IP address blocks: 145.79.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:96:3d:fa:49:0d:23:9a:10:4a:75:60:2d:d6:d1:75:53:d2:62:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 31 09:02:11 2026 GMT
Not After : Mar 30 09:07:11 2027 GMT
Subject: CN=25B3625AFC21BD3CA79A51A3C107647119B800A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:98:73:00:0d:67:e5:e2:42:fe:d1:0c:a1:9f:
0c:ef:56:80:b6:74:a8:84:1b:2e:b0:3b:a9:2b:09:
34:d5:69:32:1e:ec:f7:67:bd:8b:fb:c4:08:95:bb:
96:77:c3:5d:f1:ed:e5:85:46:49:c4:91:8a:12:d8:
93:58:c2:3c:d6:65:81:84:b5:30:9e:48:02:52:fe:
ca:9c:1c:73:ac:54:6a:e9:ea:4a:7b:5e:fb:54:ef:
cd:c1:de:b8:f5:74:17:e2:c3:b9:be:eb:4f:9e:ea:
ba:f1:21:d4:65:f3:59:44:21:80:42:5f:09:6f:7e:
86:08:91:94:3a:47:08:f3:e6:6b:ee:ba:dc:5d:b9:
6c:17:03:c2:de:b3:97:d4:4d:32:60:51:72:4c:86:
e4:ef:e2:93:76:35:bf:8d:00:ee:d7:f4:48:05:81:
a5:4a:f1:94:f4:90:33:42:e0:9b:55:a2:e5:c6:0c:
c4:1a:1b:c1:c7:73:63:17:99:3f:e0:cd:7c:4d:bb:
98:0f:fa:33:28:cb:c9:a2:5b:4a:73:8d:66:d0:4f:
96:c1:e7:ef:99:8e:3c:c6:30:af:15:7e:77:7e:6d:
dc:7d:6c:09:ef:ea:65:a6:7d:c1:fe:6e:41:93:7f:
5d:91:5a:12:a7:fb:47:48:35:19:8a:39:7e:df:ea:
62:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:B3:62:5A:FC:21:BD:3C:A7:9A:51:A3:C1:07:64:71:19:B8:00:A7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3132382e302f32342d3234203d3e20343032323033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.128.0/24
Signature Algorithm: sha256WithRSAEncryption
20:cb:53:c0:f0:1c:aa:ea:5c:0c:e9:15:c6:39:75:f6:a7:96:
b1:5d:c7:c8:24:7f:d7:69:77:d7:60:19:b2:33:1c:49:4f:ce:
2c:0c:9b:ab:98:d2:d0:19:ef:78:b9:f6:09:17:33:b8:0e:aa:
c8:16:5e:1f:d6:4f:41:b9:05:0e:ff:f1:01:06:3d:86:1c:e2:
5d:30:d0:cd:59:e2:20:c9:71:2b:31:5a:b1:1d:3e:34:4c:80:
18:bb:67:73:a2:50:2c:0d:19:99:9c:62:be:0a:36:f2:71:21:
42:3b:f5:d4:34:b1:18:f5:6c:91:24:32:87:09:f3:1c:e0:db:
04:60:3b:39:05:7d:11:19:d0:d0:93:45:27:fa:57:ca:7f:9d:
69:67:27:0c:84:54:25:d6:0d:d9:37:a5:d0:aa:d9:c6:f6:db:
20:76:19:e3:2f:5b:f3:f7:5d:57:72:00:45:fd:49:d8:02:02:
e7:3d:60:15:c3:70:75:ac:41:2f:b3:16:18:d8:40:92:97:07:
79:35:2b:33:92:6b:22:18:30:3f:67:6c:47:ab:b0:3a:f3:13:
1f:d1:d9:53:b4:1e:1b:5f:d0:07:d2:6e:20:f4:d3:a4:f8:6b:
40:58:7c:c6:5b:23:93:ee:05:cc:a7:76:31:a8:64:30:8b:65:
c5:66:91:46
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQpY9+kkNI5oQSnVgLdbRdVPSYq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMzEwOTAyMTFaFw0yNzAzMzAwOTA3MTFaMDMxMTAvBgNV
BAMTKDI1QjM2MjVBRkMyMUJEM0NBNzlBNTFBM0MxMDc2NDcxMTlCODAwQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrmHMADWfl4kL+0QyhnwzvVoC2
dKiEGy6wO6krCTTVaTIe7PdnvYv7xAiVu5Z3w13x7eWFRknEkYoS2JNYwjzWZYGE
tTCeSAJS/sqcHHOsVGrp6kp7XvtU783B3rj1dBfiw7m+60+e6rrxIdRl81lEIYBC
XwlvfoYIkZQ6Rwjz5mvuutxduWwXA8Les5fUTTJgUXJMhuTv4pN2Nb+NAO7X9EgF
gaVK8ZT0kDNC4JtVouXGDMQaG8HHc2MXmT/gzXxNu5gP+jMoy8miW0pzjWbQT5bB
5++ZjjzGMK8Vfnd+bdx9bAnv6mWmfcH+bkGTf12RWhKn+0dINRmKOX7f6mIjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJbNiWvwhvTynmlGjwQdkcRm4AKcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzIzMjMwMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACRT4AwDQYJKoZIhvcNAQELBQADggEBACDLU8DwHKrqXAzpFcY5dfanlrFdx8gk
f9dpd9dgGbIzHElPziwMm6uY0tAZ73i59gkXM7gOqsgWXh/WT0G5BQ7/8QEGPYYc
4l0w0M1Z4iDJcSsxWrEdPjRMgBi7Z3OiUCwNGZmcYr4KNvJxIUI79dQ0sRj1bJEk
MocJ8xzg2wRgOzkFfREZ0NCTRSf6V8p/nWlnJwyEVCXWDdk3pdCq2cb22yB2GeMv
W/P3XVdyAEX9SdgCAuc9YBXDcHWsQS+zFhjYQJKXB3k1KzOSayIYMD9nbEersDrz
Ex/R2VO0Hhtf0AfSbiD006T4a0BYfMZbI5PuBcyndjGoZDCLZcVmkUY=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:01:59 2026 by rpki-client