Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39392e302f32342d3234203d3e20323033333830.roa
File: 3138352e3231342e39392e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: prOovGY0oBRfvO/VIoA6JQAE1aUuvOD+Hs2fScFYQvg=
Subject key identifier: 33:6A:34:04:B7:75:9E:4A:3C:7C:8B:7F:4E:22:BE:AC:45:99:1F:6F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 33B015838A50CAD1841CA65A439BB331B6A4823F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39392e302f32342d3234203d3e20323033333830.roa
Signing time: Wed 18 Feb 2026 14:23:21 +0000
ROA not before: Wed 18 Feb 2026 14:18:21 +0000
ROA not after: Wed 17 Feb 2027 14:23:21 +0000
asID: 203380
IP address blocks: 185.214.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:b0:15:83:8a:50:ca:d1:84:1c:a6:5a:43:9b:b3:31:b6:a4:82:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 18 14:18:21 2026 GMT
Not After : Feb 17 14:23:21 2027 GMT
Subject: CN=336A3404B7759E4A3C7C8B7F4E22BEAC45991F6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0e:e0:05:2a:d9:04:1e:c9:2d:b8:57:cd:e1:
c6:c5:f8:33:e4:c4:2b:a4:ae:75:50:65:45:04:21:
1d:42:8f:50:e7:a0:bf:fb:19:4e:e1:1e:cc:62:33:
ef:15:86:b3:d8:a1:b7:12:c5:7d:f8:a0:7e:b9:64:
59:90:7d:4c:c4:c8:08:20:ac:b5:aa:73:5d:f0:14:
ac:94:e6:90:72:e5:5b:f4:1b:56:b7:67:01:72:2b:
43:46:e7:a7:ac:62:74:be:05:45:69:4f:8d:31:66:
aa:63:a7:82:87:d4:35:49:c4:7b:45:3c:24:83:dc:
38:ab:62:2e:a9:01:67:b0:eb:31:87:ae:50:47:88:
03:47:fd:e5:73:11:1f:9c:52:54:a8:d0:c9:16:40:
3c:28:20:8d:b2:f4:66:59:43:b0:8a:87:ba:95:44:
ed:35:39:f4:dc:4c:9a:00:4e:68:09:ee:2d:69:a5:
87:ec:8a:da:72:7f:e1:2f:ba:68:84:fc:1c:bd:bd:
09:c0:65:4a:e6:a8:bc:71:a9:f2:2e:6d:1b:cb:9c:
4b:64:b5:c5:de:60:77:c0:ea:dd:b1:ec:b8:b4:bd:
25:9d:ec:49:a8:44:01:ed:47:5a:f3:02:f4:0a:e7:
29:6b:12:3e:4d:b2:b4:b4:0e:87:f0:32:f9:69:8c:
bf:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6A:34:04:B7:75:9E:4A:3C:7C:8B:7F:4E:22:BE:AC:45:99:1F:6F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39392e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.99.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:5e:33:9e:16:40:fb:76:ff:4b:30:f7:68:17:4a:c9:8c:64:
21:0b:0b:57:77:15:d9:64:51:ff:10:b9:34:b0:7e:2a:5a:e3:
26:9d:19:30:64:22:ed:91:85:22:8e:de:a6:e5:ca:11:37:bc:
a7:1a:c2:38:e4:4e:61:0c:31:93:76:63:12:66:c9:73:8a:d8:
dc:77:d1:b4:d4:99:6b:5e:64:b6:09:b0:f6:c0:e6:c4:1b:a1:
ed:46:65:0c:8b:06:de:40:99:14:4d:83:1b:45:c6:d4:27:2a:
fd:57:16:09:4f:9c:ce:46:45:48:97:3d:18:cc:13:5a:b9:e1:
4e:7f:6f:b8:19:d7:88:00:d8:4d:b6:01:ce:c3:51:8c:54:c4:
1a:d2:0c:c4:62:08:c6:38:a0:89:eb:87:3a:d8:9d:3d:ce:74:
30:78:ba:9c:15:78:15:52:6f:83:3c:bc:ec:fb:9a:5f:e5:cb:
67:a0:5b:a5:3e:eb:38:9a:1e:bc:e7:a4:26:ba:64:27:90:17:
60:b7:53:d7:31:30:dc:fa:90:cb:1f:29:79:b9:be:1b:30:34:
c9:c2:65:94:10:b6:b5:c0:9d:09:36:c1:e0:02:92:a5:db:48:
de:36:56:9d:74:d1:52:b0:a4:b8:07:ce:18:ab:69:4f:f3:ea:
e1:36:ed:2a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM7AVg4pQytGEHKZaQ5uzMbakgj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAyMTgxNDE4MjFaFw0yNzAyMTcxNDIzMjFaMDMxMTAvBgNV
BAMTKDMzNkEzNDA0Qjc3NTlFNEEzQzdDOEI3RjRFMjJCRUFDNDU5OTFGNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNDuAFKtkEHsktuFfN4cbF+DPk
xCukrnVQZUUEIR1Cj1DnoL/7GU7hHsxiM+8VhrPYobcSxX34oH65ZFmQfUzEyAgg
rLWqc13wFKyU5pBy5Vv0G1a3ZwFyK0NG56esYnS+BUVpT40xZqpjp4KH1DVJxHtF
PCSD3DirYi6pAWew6zGHrlBHiANH/eVzER+cUlSo0MkWQDwoII2y9GZZQ7CKh7qV
RO01OfTcTJoATmgJ7i1ppYfsitpyf+EvumiE/By9vQnAZUrmqLxxqfIubRvLnEtk
tcXeYHfA6t2x7Li0vSWd7EmoRAHtR1rzAvQK5ylrEj5NsrS0DofwMvlpjL/vAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUM2o0BLd1nko8fIt/TiK+rEWZH28wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzMzM4MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mMwDQYJKoZIhvcNAQELBQADggEBAFpeM54WQPt2/0sw92gXSsmMZCELC1d3
FdlkUf8QuTSwfipa4yadGTBkIu2RhSKO3qblyhE3vKcawjjkTmEMMZN2YxJmyXOK
2Nx30bTUmWteZLYJsPbA5sQboe1GZQyLBt5AmRRNgxtFxtQnKv1XFglPnM5GRUiX
PRjME1q54U5/b7gZ14gA2E22Ac7DUYxUxBrSDMRiCMY4oInrhzrYnT3OdDB4upwV
eBVSb4M8vOz7ml/ly2egW6U+6ziaHrznpCa6ZCeQF2C3U9cxMNz6kMsfKXm5vhsw
NMnCZZQQtrXAnQk2weACkqXbSN42Vp100VKwpLgHzhiraU/z6uE27So=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:25:48 2026 by rpki-client