Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134372e39332e3135302e302f32342d3234203d3e203430303231.roa
File: 3134372e39332e3135302e302f32342d3234203d3e203430303231.roa (raw, json)
Hash identifier: o0MhnItXfAy8uE61W5WA0Xxeis4vZkxCmSbsdAOX5cg=
Subject key identifier: 76:84:99:72:F8:B6:14:77:CD:86:86:06:AB:AD:66:99:75:6D:84:51
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0877CAFE9DBCE246E07CC179CEBEC2C5316A5C4B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134372e39332e3135302e302f32342d3234203d3e203430303231.roa
Signing time: Mon 26 Jan 2026 11:23:12 +0000
ROA not before: Mon 26 Jan 2026 11:18:12 +0000
ROA not after: Mon 25 Jan 2027 11:23:12 +0000
asID: 40021
IP address blocks: 147.93.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:77:ca:fe:9d:bc:e2:46:e0:7c:c1:79:ce:be:c2:c5:31:6a:5c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 11:18:12 2026 GMT
Not After : Jan 25 11:23:12 2027 GMT
Subject: CN=76849972F8B61477CD868606ABAD6699756D8451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:18:a5:18:ff:25:ed:aa:ac:a7:b7:68:7f:e4:
83:d4:6e:d1:e2:be:0d:a5:30:15:43:4b:f1:e7:71:
6d:34:20:a9:46:3c:0d:74:46:cf:b0:33:cb:df:5f:
50:55:e8:8c:c1:46:1e:24:e1:cc:0e:18:97:07:03:
41:6c:fd:b9:01:fe:1d:51:c9:24:7e:96:e9:7c:4d:
af:db:be:40:20:a1:63:05:66:d0:9c:39:2f:54:31:
ce:4b:55:1c:85:12:d9:fe:35:7a:0d:56:e0:e4:e0:
88:04:11:c0:5d:25:31:65:ae:6b:9c:b5:52:dd:55:
cd:b5:e6:77:57:8b:3b:6d:50:12:90:13:bb:e1:88:
5b:32:cb:10:25:68:b5:5c:0f:ee:c1:4c:05:8f:20:
6c:a3:87:e7:b5:24:73:67:d2:5d:71:c3:b9:61:38:
e7:46:4e:bf:c8:b7:b5:75:d9:39:5a:62:70:74:99:
2d:1b:c8:e8:50:3b:e9:25:21:6f:9d:95:8c:65:80:
b6:a8:23:51:c9:32:71:68:a6:0c:d9:2f:da:51:18:
9a:67:83:c1:bc:2b:cf:24:66:8b:36:a5:39:ae:09:
aa:88:84:cc:19:62:49:20:8b:bf:1c:fa:91:43:65:
10:69:f3:d6:5c:75:f0:cf:2c:a0:2e:7b:75:2d:f1:
91:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:84:99:72:F8:B6:14:77:CD:86:86:06:AB:AD:66:99:75:6D:84:51
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134372e39332e3135302e302f32342d3234203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.93.150.0/24
Signature Algorithm: sha256WithRSAEncryption
84:92:44:a3:ad:56:78:79:46:b9:60:bf:98:78:cb:1c:a1:86:
39:b6:19:77:e6:fb:db:9a:24:79:74:82:2e:49:90:82:b5:d4:
f7:30:54:4f:84:b5:02:57:56:aa:80:97:01:bb:c3:62:0a:61:
eb:fc:52:1d:ba:23:fa:b1:71:7b:4a:3a:bc:65:ed:c7:ec:10:
64:c1:e5:e0:cf:62:a8:92:48:88:23:0b:64:51:fa:f6:e5:dd:
46:d1:be:a9:99:7b:b2:92:71:6f:a6:78:48:3f:c6:64:e4:4d:
bd:c8:41:1a:5d:4e:83:3e:39:94:55:fb:85:aa:45:36:3e:13:
b6:30:f1:51:12:b3:24:8b:09:27:68:ff:6c:6b:5c:19:77:19:
bb:15:a6:48:f9:38:44:bb:31:5c:9a:b3:d9:03:98:35:b0:c3:
9f:93:19:92:f1:be:ee:58:74:60:82:f1:0b:ef:d2:ca:6d:25:
2d:a5:54:74:b1:9b:61:1f:3a:cb:9d:c0:0d:20:b5:78:91:e9:
04:a0:1a:ff:f5:f1:5f:39:83:80:d2:53:c3:48:73:20:42:63:
31:bb:b5:46:fd:9a:0b:c8:8f:da:65:fd:bc:c0:85:25:15:45:
0d:a6:2f:0f:a2:43:ac:70:11:90:ae:70:44:90:f4:8d:6c:fe:
d7:84:c6:c1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCHfK/p284kbgfMF5zr7CxTFqXEswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAxMjYxMTE4MTJaFw0yNzAxMjUxMTIzMTJaMDMxMTAvBgNV
BAMTKDc2ODQ5OTcyRjhCNjE0NzdDRDg2ODYwNkFCQUQ2Njk5NzU2RDg0NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvGKUY/yXtqqynt2h/5IPUbtHi
vg2lMBVDS/HncW00IKlGPA10Rs+wM8vfX1BV6IzBRh4k4cwOGJcHA0Fs/bkB/h1R
ySR+lul8Ta/bvkAgoWMFZtCcOS9UMc5LVRyFEtn+NXoNVuDk4IgEEcBdJTFlrmuc
tVLdVc215ndXizttUBKQE7vhiFsyyxAlaLVcD+7BTAWPIGyjh+e1JHNn0l1xw7lh
OOdGTr/It7V12TlaYnB0mS0byOhQO+klIW+dlYxlgLaoI1HJMnFopgzZL9pRGJpn
g8G8K88kZos2pTmuCaqIhMwZYkkgi78c+pFDZRBp89ZcdfDPLKAue3Ut8ZHJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUdoSZcvi2FHfNhoYGq61mmXVthFEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM3MmUzOTMzMmUzMTM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
k12WMA0GCSqGSIb3DQEBCwUAA4IBAQCEkkSjrVZ4eUa5YL+YeMscoYY5thl35vvb
miR5dIIuSZCCtdT3MFRPhLUCV1aqgJcBu8NiCmHr/FIduiP6sXF7Sjq8Ze3H7BBk
weXgz2KokkiIIwtkUfr25d1G0b6pmXuyknFvpnhIP8Zk5E29yEEaXU6DPjmUVfuF
qkU2PhO2MPFRErMkiwknaP9sa1wZdxm7FaZI+ThEuzFcmrPZA5g1sMOfkxmS8b7u
WHRggvEL79LKbSUtpVR0sZthHzrLncANILV4kekEoBr/9fFfOYOA0lPDSHMgQmMx
u7VG/ZoLyI/aZf28wIUlFUUNpi8PokOscBGQrnBEkPSNbP7XhMbB
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:47:33 2026 by rpki-client