Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135372e3137332e3230382e302f32312d3234203d3e203437353833.roa
File: 3135372e3137332e3230382e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: 6zigv0JDCk/juC3cLz2ZANQYjSPhWnGssmLSlimCpAo=
Subject key identifier: E0:14:19:79:48:8E:29:2F:62:F5:53:3C:5A:3B:FB:98:59:34:44:56
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 25B791ACBE8D95F6812A3332EEA3E3ACC437E4A1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135372e3137332e3230382e302f32312d3234203d3e203437353833.roa
Signing time: Thu 16 Apr 2026 11:23:40 +0000
ROA not before: Thu 16 Apr 2026 11:18:40 +0000
ROA not after: Thu 15 Apr 2027 11:23:40 +0000
asID: 47583
IP address blocks: 157.173.208.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:b7:91:ac:be:8d:95:f6:81:2a:33:32:ee:a3:e3:ac:c4:37:e4:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 16 11:18:40 2026 GMT
Not After : Apr 15 11:23:40 2027 GMT
Subject: CN=E0141979488E292F62F5533C5A3BFB9859344456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:93:54:a7:fe:d0:af:bf:bf:27:37:62:16:56:
c1:9f:a2:68:ae:75:63:16:6d:e7:bb:37:47:f9:b8:
f8:3b:26:52:18:10:3d:dd:70:e2:c2:88:a0:83:36:
ef:32:16:cf:58:3b:42:62:ff:8f:95:6a:8c:0d:8f:
ac:cc:dd:db:94:e2:a8:18:a3:3c:47:21:a3:75:46:
ea:20:01:b0:f7:f8:a4:38:80:c6:b1:e3:7e:31:2d:
0b:d1:dd:e9:c6:85:15:b7:3c:f1:c6:11:09:71:74:
2b:8b:26:2a:8a:76:e3:ea:7b:1b:25:33:8d:1a:dc:
6e:ac:57:f2:65:c7:f3:a5:16:b1:5f:52:ad:03:12:
16:8e:63:e1:57:eb:5f:b6:67:65:8e:e8:45:23:50:
60:df:34:d9:c7:f1:b1:26:ef:38:de:5e:24:59:63:
59:e2:77:20:ec:2e:18:97:cc:58:88:1b:b9:db:b7:
fd:f6:7b:60:01:ea:49:f7:21:32:32:31:de:f4:52:
31:ab:11:7d:43:f8:49:80:fb:15:0d:36:7e:03:d0:
08:35:5c:5e:a4:f9:c4:3e:48:9d:24:64:f4:30:19:
4e:13:19:b2:4d:8b:55:2e:10:16:47:8a:d9:89:ff:
7d:46:e4:5d:40:6a:c7:cb:32:e8:52:ef:03:29:8a:
31:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:14:19:79:48:8E:29:2F:62:F5:53:3C:5A:3B:FB:98:59:34:44:56
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135372e3137332e3230382e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.173.208.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:5d:67:0d:16:c2:8e:1c:dc:aa:62:c5:05:ab:dc:f4:3b:71:
0f:39:29:5c:4b:e0:56:c7:c6:5b:8a:30:1a:9e:a8:9c:d1:1a:
46:82:a4:35:27:85:ff:52:32:95:f0:9b:b2:20:6b:e0:f9:6a:
1d:96:88:51:4a:c5:a6:b7:b7:36:dd:48:b4:54:59:db:43:78:
4c:cf:90:28:91:ca:22:f8:9b:d2:f6:94:a5:92:d2:ac:17:3d:
6d:79:fe:8c:3e:93:a7:27:8b:85:f9:bb:04:45:5f:a1:2e:9f:
0e:3e:fc:59:46:b7:62:e9:8e:cf:53:45:79:8c:2c:8e:87:8e:
b6:86:5f:4d:ef:fe:a2:0e:b3:a9:2f:f5:29:d5:ca:16:70:2d:
d3:bc:dc:cb:54:9d:23:81:4e:1b:b1:78:5b:98:08:48:dc:7f:
b4:0c:16:1b:53:fa:8e:f6:eb:58:15:0e:8e:9f:17:c1:1c:01:
a5:17:2e:97:95:e2:a8:dd:a8:71:82:50:88:9b:1d:10:da:6c:
0c:7e:b3:54:46:39:d6:91:3a:64:74:52:8a:54:bf:6d:02:43:
b4:07:04:14:6a:45:ed:78:2b:55:21:4c:43:e8:5f:13:9f:2c:
06:25:17:e1:d5:21:e7:68:bd:59:68:08:47:02:b5:c4:c6:d4:
74:07:a9:e3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJbeRrL6NlfaBKjMy7qPjrMQ35KEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTYxMTE4NDBaFw0yNzA0MTUxMTIzNDBaMDMxMTAvBgNV
BAMTKEUwMTQxOTc5NDg4RTI5MkY2MkY1NTMzQzVBM0JGQjk4NTkzNDQ0NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvk1Sn/tCvv78nN2IWVsGfomiu
dWMWbee7N0f5uPg7JlIYED3dcOLCiKCDNu8yFs9YO0Ji/4+VaowNj6zM3duU4qgY
ozxHIaN1RuogAbD3+KQ4gMax434xLQvR3enGhRW3PPHGEQlxdCuLJiqKduPqexsl
M40a3G6sV/Jlx/OlFrFfUq0DEhaOY+FX61+2Z2WO6EUjUGDfNNnH8bEm7zjeXiRZ
Y1nidyDsLhiXzFiIG7nbt/32e2AB6kn3ITIyMd70UjGrEX1D+EmA+xUNNn4D0Ag1
XF6k+cQ+SJ0kZPQwGU4TGbJNi1UuEBZHitmJ/31G5F1AasfLMuhS7wMpijEHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4BQZeUiOKS9i9VM8Wjv7mFk0RFYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM3MmUzMTM3MzMyZTMy
MzAzODJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAOdrdAwDQYJKoZIhvcNAQELBQADggEBADxdZw0Wwo4c3KpixQWr3PQ7cQ85KVxL
4FbHxluKMBqeqJzRGkaCpDUnhf9SMpXwm7Iga+D5ah2WiFFKxaa3tzbdSLRUWdtD
eEzPkCiRyiL4m9L2lKWS0qwXPW15/ow+k6cni4X5uwRFX6Eunw4+/FlGt2Lpjs9T
RXmMLI6HjraGX03v/qIOs6kv9SnVyhZwLdO83MtUnSOBThuxeFuYCEjcf7QMFhtT
+o7261gVDo6fF8EcAaUXLpeV4qjdqHGCUIibHRDabAx+s1RGOdaROmR0UopUv20C
Q7QHBBRqRe14K1UhTEPoXxOfLAYlF+HVIedovVloCEcCtcTG1HQHqeM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:57:41 2026 by rpki-client