Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230322e302f32342d3234203d3e20323037313337.roa
File: 3138352e3136312e3230322e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: aWFh7xn3ahNcCWL9Pld9mviNtfM/mmsXiQkB9ht89Kk=
Subject key identifier: 55:5E:AA:9E:00:F0:7B:31:A7:D7:47:6E:B2:AE:A8:40:48:E8:36:B8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 57233A485243DD2156DBDB19FC0F27B4E8DAB9B2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230322e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 27 Feb 2026 14:23:21 +0000
ROA not before: Fri 27 Feb 2026 14:18:21 +0000
ROA not after: Fri 26 Feb 2027 14:23:21 +0000
asID: 207137
IP address blocks: 185.161.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:23:3a:48:52:43:dd:21:56:db:db:19:fc:0f:27:b4:e8:da:b9:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 27 14:18:21 2026 GMT
Not After : Feb 26 14:23:21 2027 GMT
Subject: CN=555EAA9E00F07B31A7D7476EB2AEA84048E836B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:bf:33:a8:ea:63:77:55:60:bc:14:03:26:61:
64:e7:f7:38:fb:a4:0e:fb:11:76:6f:df:f6:ad:87:
5e:54:70:b9:11:c5:c9:b4:26:cb:0a:a3:f7:02:db:
58:03:d0:99:ff:a2:39:a1:e7:0a:9f:2e:92:46:02:
07:3c:d7:84:b7:3a:85:2f:a5:a3:7b:df:0c:01:e2:
ed:4c:93:1e:1c:80:91:ff:27:af:76:fb:da:44:25:
29:cd:67:9d:4f:ce:f6:d5:01:9a:28:04:c9:67:e6:
6d:f3:3c:1a:01:c9:a8:46:fd:0d:9a:26:51:ac:46:
d9:89:b7:93:d6:25:88:6a:bb:95:a4:59:f4:88:00:
52:1e:21:7d:06:7c:a6:ad:77:25:4a:43:89:8e:32:
a6:50:e5:73:66:af:22:8f:17:34:93:7e:ff:ee:39:
59:01:1a:98:e7:a0:5c:62:e3:69:45:c1:a0:b1:01:
4f:52:a1:dd:1e:9f:00:a5:c7:bd:a3:57:28:cd:cb:
f2:4f:70:6c:b7:2b:25:56:b8:0e:32:c7:0b:e1:b2:
8a:f7:77:58:d0:fc:61:da:72:2f:08:77:b8:52:b9:
f0:f6:1c:60:57:9f:93:ba:35:5f:68:95:24:93:7a:
e6:9f:99:69:2c:8d:40:5f:c4:78:dd:30:b4:69:61:
6c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5E:AA:9E:00:F0:7B:31:A7:D7:47:6E:B2:AE:A8:40:48:E8:36:B8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3136312e3230322e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.202.0/24
Signature Algorithm: sha256WithRSAEncryption
65:06:37:f5:a5:99:ff:b4:e8:55:64:d3:6c:55:63:e3:45:3a:
26:af:35:ad:43:ed:e2:24:6c:63:43:31:ea:df:8a:bb:f0:87:
e6:a2:69:55:07:60:f0:d3:34:a9:78:94:f1:a6:c4:cd:f1:5c:
2d:fa:13:f3:f9:0d:11:b9:16:06:a6:f6:71:1d:99:a8:4d:c8:
25:76:7d:07:f7:a9:80:d4:47:5c:3b:af:93:85:9b:ff:cf:b8:
76:21:7a:ff:5b:71:96:5d:96:b4:31:1e:24:16:5e:15:9c:f5:
7a:ed:58:51:eb:6d:54:20:87:b2:dc:dd:40:19:ab:55:eb:1b:
a7:de:62:2c:09:27:35:de:f9:ec:e6:74:88:a9:37:a4:07:12:
2b:f4:f9:57:64:c1:9c:cc:93:4b:f1:c5:cf:6b:1e:8e:3d:40:
87:bf:78:8c:74:ab:cd:c3:24:b5:fd:e8:cc:26:a5:8d:55:51:
5f:3a:c0:93:9b:e1:f0:d0:c2:42:e8:eb:5b:5f:fd:6a:ab:2c:
eb:7f:e7:74:9f:8e:a4:08:6f:3b:bb:33:f9:9a:44:17:d7:80:
e4:f9:7c:39:c5:fa:e2:0f:37:5d:bd:8a:0c:e4:c0:4b:b5:d6:
19:3e:f2:50:0f:28:6a:0e:86:e3:e9:93:8c:af:61:3a:4c:6c:
25:d9:23:93
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVyM6SFJD3SFW29sZ/A8ntOjaubIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAyMjcxNDE4MjFaFw0yNzAyMjYxNDIzMjFaMDMxMTAvBgNV
BAMTKDU1NUVBQTlFMDBGMDdCMzFBN0Q3NDc2RUIyQUVBODQwNDhFODM2QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpvzOo6mN3VWC8FAMmYWTn9zj7
pA77EXZv3/ath15UcLkRxcm0JssKo/cC21gD0Jn/ojmh5wqfLpJGAgc814S3OoUv
paN73wwB4u1Mkx4cgJH/J692+9pEJSnNZ51PzvbVAZooBMln5m3zPBoByahG/Q2a
JlGsRtmJt5PWJYhqu5WkWfSIAFIeIX0GfKatdyVKQ4mOMqZQ5XNmryKPFzSTfv/u
OVkBGpjnoFxi42lFwaCxAU9Sod0enwClx72jVyjNy/JPcGy3KyVWuA4yxwvhsor3
d1jQ/GHaci8Id7hSufD2HGBXn5O6NV9olSSTeuafmWksjUBfxHjdMLRpYWy3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUVV6qngDwezGn10dusq6oQEjoNrgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM2MzEyZTMy
MzAzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzMxMzMzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmhyjANBgkqhkiG9w0BAQsFAAOCAQEAZQY39aWZ/7ToVWTTbFVj40U6Jq81
rUPt4iRsY0Mx6t+Ku/CH5qJpVQdg8NM0qXiU8abEzfFcLfoT8/kNEbkWBqb2cR2Z
qE3IJXZ9B/epgNRHXDuvk4Wb/8+4diF6/1txll2WtDEeJBZeFZz1eu1YUettVCCH
stzdQBmrVesbp95iLAknNd757OZ0iKk3pAcSK/T5V2TBnMyTS/HFz2sejj1Ah794
jHSrzcMktf3ozCaljVVRXzrAk5vh8NDCQujrW1/9aqss63/ndJ+OpAhvO7sz+ZpE
F9eA5Pl8OcX64g83Xb2KDOTAS7XWGT7yUA8oag6G4+mTjK9hOkxsJdkjkw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:05:02 2026 by rpki-client