Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa
File: 3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: rWPa7ns2TQtRmLlb6eP3+PIzBmU1O5OxVmfiTkEjInI=
Subject key identifier: 2F:B9:32:E4:89:3E:6B:C4:3F:41:37:69:1C:03:0B:54:9E:B0:92:C4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4C1E7C95FC49E129E691AC3661F314571D2C0B85
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa
Signing time: Wed 15 Apr 2026 11:23:39 +0000
ROA not before: Wed 15 Apr 2026 11:18:39 +0000
ROA not after: Wed 14 Apr 2027 11:23:39 +0000
asID: 51167
IP address blocks: 185.133.248.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:1e:7c:95:fc:49:e1:29:e6:91:ac:36:61:f3:14:57:1d:2c:0b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 15 11:18:39 2026 GMT
Not After : Apr 14 11:23:39 2027 GMT
Subject: CN=2FB932E4893E6BC43F4137691C030B549EB092C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:98:a7:45:07:70:dd:32:39:1a:d7:ab:fc:6f:
e4:ff:30:95:f2:ce:cf:5e:77:10:70:4c:e7:a2:20:
bd:39:f6:f4:82:fb:6d:8b:83:a4:77:a5:98:86:21:
6f:fd:b7:ba:48:ec:07:3a:f5:42:99:0e:98:80:2c:
99:8c:bd:f1:ac:6a:39:a2:57:cc:65:d7:26:0b:2d:
c7:05:b8:e2:46:b9:9a:08:43:5a:48:28:f9:a1:c8:
3b:08:83:a1:0a:d0:8e:1e:5d:43:bf:51:01:94:4c:
97:f4:74:d0:24:05:1c:0a:c7:5a:e8:b1:11:61:1d:
44:cd:ee:4d:29:98:f6:5e:6c:6f:e2:40:f0:ee:01:
de:2a:ae:54:3c:f2:ad:d3:89:f6:82:cb:1c:47:3b:
ca:28:c4:cd:bd:56:da:16:26:ad:ee:4a:49:fd:80:
ab:c4:cc:53:e9:e8:d7:63:0d:55:33:86:0d:a0:35:
84:c2:5a:53:11:4f:85:b7:d0:57:11:f0:15:99:92:
b8:ff:c5:30:f9:63:db:d4:d3:b3:ee:81:cd:b0:e5:
3d:81:71:b6:80:35:d8:21:cc:ed:5f:51:ee:20:38:
2e:aa:51:7d:71:f3:09:c3:e0:83:25:81:29:94:0f:
93:3e:24:24:3f:37:a0:42:11:ed:19:16:31:c8:8f:
85:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B9:32:E4:89:3E:6B:C4:3F:41:37:69:1C:03:0B:54:9E:B0:92:C4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3234382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.248.0/23
Signature Algorithm: sha256WithRSAEncryption
28:7c:d8:66:24:27:84:77:8b:85:29:a5:fd:1e:5c:a5:d2:6c:
11:99:23:28:94:8f:e1:1f:04:54:80:8c:5b:0d:0c:d7:06:a3:
6f:92:0d:6b:54:b1:c9:e4:4d:f3:69:58:4a:26:4e:14:4b:f2:
2f:8d:2a:cc:23:a8:72:0e:11:29:c6:a2:ba:b8:c7:13:36:79:
e9:c9:f6:fe:17:aa:b9:2c:9c:56:c6:3b:c3:e8:5f:45:dc:ef:
98:fb:47:0a:f2:7c:0e:a3:05:24:9c:ed:1c:f8:8a:2f:0e:9c:
70:00:4b:d8:80:64:42:a8:46:2a:6b:49:35:6a:16:41:f3:19:
6f:8c:e2:57:f4:d9:51:7b:19:6c:f1:2a:d1:cc:6e:35:f3:fa:
e3:3a:78:82:d8:c0:21:56:20:2d:db:36:70:ed:15:7c:2d:c2:
94:51:4b:fd:62:ba:c0:72:55:72:03:64:ea:23:c5:ca:2b:0c:
18:fa:80:86:13:fa:08:2b:84:ef:8d:46:f8:e8:55:97:ff:45:
e7:7f:63:2b:be:9f:51:3f:48:0b:b7:bd:82:0f:91:3d:cd:30:
67:a4:a4:91:cb:98:8d:e7:4d:f1:9f:70:1d:82:57:bf:4b:cf:
87:24:55:9d:3f:30:b1:e8:3c:b5:f0:b7:e2:d1:50:d4:ec:35:
16:f2:92:5c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTB58lfxJ4Snmkaw2YfMUVx0sC4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTUxMTE4MzlaFw0yNzA0MTQxMTIzMzlaMDMxMTAvBgNV
BAMTKDJGQjkzMkU0ODkzRTZCQzQzRjQxMzc2OTFDMDMwQjU0OUVCMDkyQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+mKdFB3DdMjka16v8b+T/MJXy
zs9edxBwTOeiIL059vSC+22Lg6R3pZiGIW/9t7pI7Ac69UKZDpiALJmMvfGsajmi
V8xl1yYLLccFuOJGuZoIQ1pIKPmhyDsIg6EK0I4eXUO/UQGUTJf0dNAkBRwKx1ro
sRFhHUTN7k0pmPZebG/iQPDuAd4qrlQ88q3TifaCyxxHO8ooxM29VtoWJq3uSkn9
gKvEzFPp6NdjDVUzhg2gNYTCWlMRT4W30FcR8BWZkrj/xTD5Y9vU07Pugc2w5T2B
cbaANdghzO1fUe4gOC6qUX1x8wnD4IMlgSmUD5M+JCQ/N6BCEe0ZFjHIj4UXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUL7ky5Ik+a8Q/QTdpHAMLVJ6wksQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMzMzMyZTMy
MzQzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5hfgwDQYJKoZIhvcNAQELBQADggEBACh82GYkJ4R3i4Uppf0eXKXSbBGZIyiU
j+EfBFSAjFsNDNcGo2+SDWtUscnkTfNpWEomThRL8i+NKswjqHIOESnGorq4xxM2
eenJ9v4XqrksnFbGO8PoX0Xc75j7RwryfA6jBSSc7Rz4ii8OnHAAS9iAZEKoRipr
STVqFkHzGW+M4lf02VF7GWzxKtHMbjXz+uM6eILYwCFWIC3bNnDtFXwtwpRRS/1i
usByVXIDZOojxcorDBj6gIYT+ggrhO+NRvjoVZf/Red/Yyu+n1E/SAu3vYIPkT3N
MGekpJHLmI3nTfGfcB2CV79Lz4ckVZ0/MLHoPLXwt+LRUNTsNRbyklw=
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:52:37 2026 by rpki-client