Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131302e302f32332d3332203d3e20313431393935.roa
File: 3135362e36372e3131302e302f32332d3332203d3e20313431393935.roa (raw, json)
Hash identifier: fJ8S75JcCai+hjnnZq/5xuBdfmyJTdmCThWrqx46EYM=
Subject key identifier: E3:A1:7B:FE:FA:E2:8A:A4:4D:D1:C5:A5:FB:79:2F:CA:2E:3C:C5:AB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5EBA679859763070AC5B1D27C14C490CE24477B3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131302e302f32332d3332203d3e20313431393935.roa
Signing time: Mon 13 Apr 2026 12:23:35 +0000
ROA not before: Mon 13 Apr 2026 12:18:35 +0000
ROA not after: Mon 12 Apr 2027 12:23:35 +0000
asID: 141995
IP address blocks: 156.67.110.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ba:67:98:59:76:30:70:ac:5b:1d:27:c1:4c:49:0c:e2:44:77:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 13 12:18:35 2026 GMT
Not After : Apr 12 12:23:35 2027 GMT
Subject: CN=E3A17BFEFAE28AA44DD1C5A5FB792FCA2E3CC5AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:c6:4f:d7:17:36:95:02:dd:04:f1:83:ce:1e:
85:1e:d5:02:be:91:2f:ae:db:87:1a:7f:7c:2e:8b:
07:e1:93:b9:c4:4d:a8:87:37:73:95:48:eb:95:30:
44:2b:bb:a8:48:01:7a:57:2a:66:11:15:c6:89:d0:
ed:de:f0:7f:26:41:6e:e7:ae:69:66:d5:8c:99:67:
d9:d3:ff:44:fc:ac:b6:b1:2a:4a:fb:d0:f6:9e:21:
da:28:bf:16:81:d8:98:98:69:c8:e6:a2:c7:cc:9f:
1b:32:40:42:c9:02:2b:a7:37:43:28:0e:02:5d:ba:
97:1a:9d:5b:70:b1:18:91:95:eb:73:71:e7:cf:0f:
0b:3b:66:c4:75:01:6c:3b:53:49:80:ad:82:d7:ee:
cc:b7:60:68:8b:9c:26:bf:04:64:a8:46:e5:0a:79:
59:b2:38:07:0a:65:98:fe:c8:3c:fa:cc:b5:d3:b9:
11:84:b6:6e:04:3f:65:0f:b0:a2:6f:83:03:57:9f:
03:73:6c:6d:bb:b5:69:42:50:18:b8:ee:93:b2:cd:
16:db:a5:5b:be:ab:75:c7:da:a0:1c:d3:ed:9b:37:
2a:03:b9:3b:da:38:a6:dc:5e:3c:6f:26:71:c1:48:
15:16:81:2b:12:83:c5:dd:5e:66:a4:ac:75:06:58:
cf:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A1:7B:FE:FA:E2:8A:A4:4D:D1:C5:A5:FB:79:2F:CA:2E:3C:C5:AB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131302e302f32332d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.110.0/23
Signature Algorithm: sha256WithRSAEncryption
43:f5:59:f1:25:64:e2:18:46:32:1c:42:d1:e9:f8:58:cc:99:
b9:98:64:d2:a9:9a:1e:e5:81:1f:86:04:42:fe:75:7b:85:92:
d4:68:26:58:b1:23:7a:20:69:f0:eb:0f:99:c5:6c:da:fd:67:
06:d3:2e:84:eb:2a:89:c9:1d:58:c2:f6:34:d8:57:f9:d9:24:
cb:87:16:22:e0:76:aa:51:c0:b8:d4:cf:35:eb:4e:03:06:78:
f0:5d:e2:8e:b8:20:25:b7:66:8b:d4:d0:24:c1:14:c3:bd:38:
59:16:dc:f8:c7:8c:29:fc:8c:19:2e:3b:3b:57:10:4f:95:ee:
38:9e:14:ba:42:e5:27:5c:8f:6e:1b:bd:9b:5a:b0:b6:d1:99:
16:1a:b3:14:05:ba:04:c2:40:36:84:b5:47:76:e5:34:1c:da:
c7:31:2c:89:25:06:46:3b:70:52:06:bf:00:83:b5:f5:ab:2a:
93:58:9b:12:fd:60:c9:98:85:fd:7e:c8:55:80:45:bd:e6:a9:
00:04:36:e9:0d:17:20:ea:f3:02:12:de:15:bc:6e:95:f1:2f:
66:8e:40:1d:37:1a:75:aa:8b:51:60:9e:e4:30:be:de:28:49:
84:bd:3c:8a:c4:f4:05:2e:c9:b7:b2:b4:3b:ba:4b:d4:ae:13:
75:8b:73:90
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXrpnmFl2MHCsWx0nwUxJDOJEd7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTMxMjE4MzVaFw0yNzA0MTIxMjIzMzVaMDMxMTAvBgNV
BAMTKEUzQTE3QkZFRkFFMjhBQTQ0REQxQzVBNUZCNzkyRkNBMkUzQ0M1QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzxk/XFzaVAt0E8YPOHoUe1QK+
kS+u24caf3wuiwfhk7nETaiHN3OVSOuVMEQru6hIAXpXKmYRFcaJ0O3e8H8mQW7n
rmlm1YyZZ9nT/0T8rLaxKkr70PaeIdoovxaB2JiYacjmosfMnxsyQELJAiunN0Mo
DgJdupcanVtwsRiRletzcefPDws7ZsR1AWw7U0mArYLX7sy3YGiLnCa/BGSoRuUK
eVmyOAcKZZj+yDz6zLXTuRGEtm4EP2UPsKJvgwNXnwNzbG27tWlCUBi47pOyzRbb
pVu+q3XH2qAc0+2bNyoDuTvaOKbcXjxvJnHBSBUWgSsSg8XdXmakrHUGWM8/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU46F7/vriiqRN0cWl+3kvyi48xaswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMx
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGcQ24wDQYJKoZIhvcNAQELBQADggEBAEP1WfElZOIYRjIcQtHp+FjMmbmYZNKp
mh7lgR+GBEL+dXuFktRoJlixI3ogafDrD5nFbNr9ZwbTLoTrKonJHVjC9jTYV/nZ
JMuHFiLgdqpRwLjUzzXrTgMGePBd4o64ICW3ZovU0CTBFMO9OFkW3PjHjCn8jBku
OztXEE+V7jieFLpC5Sdcj24bvZtasLbRmRYasxQFugTCQDaEtUd25TQc2scxLIkl
BkY7cFIGvwCDtfWrKpNYmxL9YMmYhf1+yFWARb3mqQAENukNFyDq8wIS3hW8bpXx
L2aOQB03GnWqi1FgnuQwvt4oSYS9PIrE9AUuybeytDu6S9SuE3WLc5A=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:01:20 2026 by rpki-client