Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130302e302f32342d3234203d3e20323132323338.roa
File: 3138352e3139392e3130302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: DDWKG8KdixG/p/QG/TnycGKDUY8RmeK5KPC2eqGYjrs=
Subject key identifier: B1:BC:9C:EF:D8:63:1A:4C:B2:D1:18:C0:3F:B1:73:14:8E:5A:A8:8B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7807659C86917B63FE668775120ABFBE1A448449
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130302e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 17 Apr 2026 10:23:45 +0000
ROA not before: Fri 17 Apr 2026 10:18:45 +0000
ROA not after: Fri 16 Apr 2027 10:23:45 +0000
asID: 212238
IP address blocks: 185.199.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:07:65:9c:86:91:7b:63:fe:66:87:75:12:0a:bf:be:1a:44:84:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 17 10:18:45 2026 GMT
Not After : Apr 16 10:23:45 2027 GMT
Subject: CN=B1BC9CEFD8631A4CB2D118C03FB173148E5AA88B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8c:a3:e4:80:da:50:db:cc:c2:21:dc:cb:c0:
60:4e:0f:0d:11:20:4e:5a:f1:12:d8:b2:69:fb:39:
2a:7f:38:08:c0:d4:3e:97:9e:ea:4c:b9:91:db:ad:
e5:49:47:e4:79:a4:8d:15:a3:00:ec:36:7e:79:1a:
e9:62:1a:61:3a:a4:1f:46:72:47:19:08:b2:9e:60:
db:a1:2f:f0:83:5b:54:ef:78:01:7b:9b:64:ee:9e:
87:38:76:73:da:a7:c6:e3:9a:fa:6c:d8:a8:1b:4a:
70:5b:51:ed:74:de:22:e2:94:84:8b:ee:1a:2c:d2:
aa:92:54:c6:51:0e:d4:68:2b:da:30:f8:79:8b:c5:
d0:c1:90:16:5d:61:02:b4:81:e3:be:c3:07:05:af:
20:20:72:22:42:88:4d:d7:c7:12:7d:54:d5:b7:f1:
82:76:c2:67:aa:85:6d:f7:0f:45:d9:80:1f:5e:70:
97:8c:b0:db:b2:5a:1e:f8:4e:d9:6a:b0:66:11:2f:
ba:0f:c5:9d:ce:a7:3b:1f:e9:38:fb:0a:15:e7:46:
18:36:4c:7a:4e:ad:4e:38:67:da:e0:23:fa:4e:e2:
14:f9:16:6c:db:a6:e8:94:70:52:35:e8:34:70:34:
fd:4f:51:95:f2:e1:6a:18:dc:9c:8b:e1:5e:8f:62:
e8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:BC:9C:EF:D8:63:1A:4C:B2:D1:18:C0:3F:B1:73:14:8E:5A:A8:8B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.100.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:3b:b0:d3:1b:2b:07:5f:f6:eb:34:a6:78:2d:09:97:3f:74:
ba:10:38:92:a5:39:36:be:5c:ec:0f:d8:1e:51:13:94:b9:f5:
2e:aa:b4:74:83:dc:71:d1:22:38:cc:41:50:3f:fe:21:ed:83:
7d:c5:c2:bd:78:10:9e:fd:d1:c1:a4:c1:18:46:6a:48:81:4c:
59:98:bc:cf:37:43:00:f6:64:70:12:d8:f3:2a:c1:da:0c:cc:
f3:fe:0d:3b:0b:17:e1:93:0f:8b:e6:f7:33:15:73:ec:45:ee:
a1:dd:0f:4f:c1:71:0b:2b:dd:f2:26:b8:0a:9e:24:c8:22:16:
ce:3b:6d:95:82:44:39:5e:61:1e:17:49:d5:71:d0:12:3b:a2:
b2:1d:36:d5:a9:e8:df:f4:34:4a:ef:82:7a:df:04:85:d2:0c:
7e:a6:a9:06:87:75:9a:19:a8:70:ce:f0:20:26:e4:37:b9:f6:
d4:ec:09:ee:ab:25:8d:f6:94:c0:c6:ea:6e:79:9c:72:c3:9d:
5c:36:37:06:df:f3:f2:ef:fd:4a:f8:82:b6:a3:0a:0b:e1:01:
ea:27:f2:1f:b4:ea:0a:41:d7:6c:ef:fd:d2:34:fd:d7:1e:e9:
7f:bc:2d:0a:1a:fb:ea:d4:94:19:54:79:a8:63:c6:24:27:15:
94:6d:2c:8f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUeAdlnIaRe2P+Zod1Egq/vhpEhEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTcxMDE4NDVaFw0yNzA0MTYxMDIzNDVaMDMxMTAvBgNV
BAMTKEIxQkM5Q0VGRDg2MzFBNENCMkQxMThDMDNGQjE3MzE0OEU1QUE4OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/jKPkgNpQ28zCIdzLwGBODw0R
IE5a8RLYsmn7OSp/OAjA1D6XnupMuZHbreVJR+R5pI0VowDsNn55GuliGmE6pB9G
ckcZCLKeYNuhL/CDW1TveAF7m2Tunoc4dnPap8bjmvps2KgbSnBbUe103iLilISL
7hos0qqSVMZRDtRoK9ow+HmLxdDBkBZdYQK0geO+wwcFryAgciJCiE3XxxJ9VNW3
8YJ2wmeqhW33D0XZgB9ecJeMsNuyWh74TtlqsGYRL7oPxZ3Opzsf6Tj7ChXnRhg2
THpOrU44Z9rgI/pO4hT5FmzbpuiUcFI16DRwNP1PUZXy4WoY3JyL4V6PYuhjAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUsbyc79hjGkyy0RjAP7FzFI5aqIswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzkyZTMx
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnHZDANBgkqhkiG9w0BAQsFAAOCAQEAoTuw0xsrB1/26zSmeC0Jlz90uhA4
kqU5Nr5c7A/YHlETlLn1Lqq0dIPccdEiOMxBUD/+Ie2DfcXCvXgQnv3RwaTBGEZq
SIFMWZi8zzdDAPZkcBLY8yrB2gzM8/4NOwsX4ZMPi+b3MxVz7EXuod0PT8FxCyvd
8ia4Cp4kyCIWzjttlYJEOV5hHhdJ1XHQEjuish021ano3/Q0Su+Cet8EhdIMfqap
Bod1mhmocM7wICbkN7n21OwJ7qsljfaUwMbqbnmccsOdXDY3Bt/z8u/9SviCtqMK
C+EB6ifyH7TqCkHXbO/90jT91x7pf7wtChr76tSUGVR5qGPGJCcVlG0sjw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:36:42 2026 by rpki-client