Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3235302e302f32332d3332203d3e203531313637.roa
File: 3138352e3133332e3235302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: HlOJ1ZxalHAz0TKyBkNzHnBQv3FKD5WG6ru5A+lSvv8=
Subject key identifier: 2B:CA:46:68:F1:DE:AC:50:F8:86:CD:C4:51:1B:21:C1:EE:86:02:5A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 66288DE0BB0C63572777FFA8069DA84A477F0BB0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3235302e302f32332d3332203d3e203531313637.roa
Signing time: Wed 15 Apr 2026 11:23:39 +0000
ROA not before: Wed 15 Apr 2026 11:18:39 +0000
ROA not after: Wed 14 Apr 2027 11:23:39 +0000
asID: 51167
IP address blocks: 185.133.250.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:27:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:28:8d:e0:bb:0c:63:57:27:77:ff:a8:06:9d:a8:4a:47:7f:0b:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 15 11:18:39 2026 GMT
Not After : Apr 14 11:23:39 2027 GMT
Subject: CN=2BCA4668F1DEAC50F886CDC4511B21C1EE86025A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:04:e2:0b:f8:05:d5:ea:a2:cd:1a:a4:d6:e0:
57:02:cf:d9:12:88:48:b3:ee:eb:bc:9d:2c:9e:86:
69:d5:c5:a3:6e:74:c6:91:b2:52:ec:ad:83:f1:80:
72:dd:1d:e1:08:50:6a:38:2b:d0:a4:29:67:26:9c:
b1:bf:31:72:fa:cc:d4:07:ea:f1:aa:d8:6c:45:c6:
a7:21:fa:f6:7d:e6:7d:99:3e:7e:32:fb:03:9d:b9:
38:52:a2:69:7c:02:fd:9f:76:49:ce:4e:2b:3a:30:
e4:74:41:c2:c6:cd:41:e0:93:ee:d3:98:50:62:a1:
3f:9c:5b:c8:db:20:c1:ec:49:35:ef:23:77:97:25:
a1:38:c8:a5:47:9a:3b:fd:6b:80:50:1f:11:a2:82:
80:61:a6:48:5e:d0:ff:16:39:33:6b:16:81:10:60:
10:71:8b:b8:45:19:44:d0:32:b5:75:21:67:18:99:
13:96:d6:91:a4:d9:a0:cd:74:e7:2e:3c:5b:46:22:
f3:eb:00:21:36:d1:6b:a3:7b:70:cf:f0:00:73:2e:
3f:04:ec:77:1e:52:b5:c7:d1:73:a7:bf:13:fd:08:
e2:3a:12:68:d7:bd:da:5b:6d:d7:59:c1:23:ab:f5:
a0:8a:df:35:fa:b7:e3:8b:5c:ca:2f:5f:25:95:ba:
e4:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:CA:46:68:F1:DE:AC:50:F8:86:CD:C4:51:1B:21:C1:EE:86:02:5A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3133332e3235302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.250.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:21:3b:a7:bb:1b:17:96:26:90:d3:bf:8d:2f:22:0b:f5:e8:
11:ae:ce:f4:d1:77:79:39:88:67:23:7d:81:cb:fd:46:67:38:
d8:4b:c6:a9:8f:c0:a7:73:5c:cb:e1:e9:d4:88:e9:ee:d6:aa:
39:78:3e:02:6f:48:aa:d2:26:8d:a7:22:b7:e3:95:37:94:ce:
69:0d:f8:64:dd:b7:fa:49:cb:bd:ba:75:11:39:bc:d1:eb:74:
a3:02:18:a1:be:dd:ac:f9:b0:90:8b:fc:ec:74:ae:ff:5e:31:
2e:28:78:e0:c1:a4:4a:17:91:33:27:41:4e:03:94:15:8f:64:
7c:25:29:01:e8:95:6e:bc:c5:6b:55:a8:5e:af:34:b0:96:93:
ad:41:a5:0a:c3:79:fe:8e:de:c4:5a:a0:63:4c:d9:be:8c:b0:
9e:d1:ac:01:c0:41:ac:8c:e4:9d:e9:a0:11:d9:00:9f:8f:56:
17:8b:56:93:98:9b:ec:c5:42:67:89:96:af:fb:fe:64:8d:79:
a6:67:81:04:f3:ba:18:1c:02:a2:6b:71:d8:d9:8c:c5:a8:f0:
67:c0:3a:27:bb:a3:65:f8:2e:95:db:4a:99:37:d0:9f:e0:05:
e1:4a:6a:98:af:77:a4:a7:9e:16:3e:69:f8:94:e5:a5:69:6e:
5f:fd:b2:8a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZiiN4LsMY1cnd/+oBp2oSkd/C7AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTUxMTE4MzlaFw0yNzA0MTQxMTIzMzlaMDMxMTAvBgNV
BAMTKDJCQ0E0NjY4RjFERUFDNTBGODg2Q0RDNDUxMUIyMUMxRUU4NjAyNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqBOIL+AXV6qLNGqTW4FcCz9kS
iEiz7uu8nSyehmnVxaNudMaRslLsrYPxgHLdHeEIUGo4K9CkKWcmnLG/MXL6zNQH
6vGq2GxFxqch+vZ95n2ZPn4y+wOduThSoml8Av2fdknOTis6MOR0QcLGzUHgk+7T
mFBioT+cW8jbIMHsSTXvI3eXJaE4yKVHmjv9a4BQHxGigoBhpkhe0P8WOTNrFoEQ
YBBxi7hFGUTQMrV1IWcYmROW1pGk2aDNdOcuPFtGIvPrACE20Wuje3DP8ABzLj8E
7HceUrXH0XOnvxP9COI6EmjXvdpbbddZwSOr9aCK3zX6t+OLXMovXyWVuuR/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUK8pGaPHerFD4hs3EURshwe6GAlowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMzMzMyZTMy
MzUzMDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5hfowDQYJKoZIhvcNAQELBQADggEBAGwhO6e7GxeWJpDTv40vIgv16BGuzvTR
d3k5iGcjfYHL/UZnONhLxqmPwKdzXMvh6dSI6e7Wqjl4PgJvSKrSJo2nIrfjlTeU
zmkN+GTdt/pJy726dRE5vNHrdKMCGKG+3az5sJCL/Ox0rv9eMS4oeODBpEoXkTMn
QU4DlBWPZHwlKQHolW68xWtVqF6vNLCWk61BpQrDef6O3sRaoGNM2b6MsJ7RrAHA
QayM5J3poBHZAJ+PVheLVpOYm+zFQmeJlq/7/mSNeaZngQTzuhgcAqJrcdjZjMWo
8GfAOie7o2X4LpXbSpk30J/gBeFKapivd6SnnhY+afiU5aVpbl/9soo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:31:00 2026 by rpki-client