Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134332e302f32342d3332203d3e203531313637.roa
File: 3138352e3231392e3134332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: PURdyqSFdVcmze8jz3QGTgRdU43ylYOxbxLsUk2NpVo=
Subject key identifier: 35:14:FC:4D:5E:6E:3D:E8:25:EE:5E:AB:96:22:96:7B:71:6C:09:92
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6F83CC42259CF3F8E9D971DEB0E216C9A9D04932
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134332e302f32342d3332203d3e203531313637.roa
Signing time: Thu 02 Apr 2026 21:23:34 +0000
ROA not before: Thu 02 Apr 2026 21:18:34 +0000
ROA not after: Thu 01 Apr 2027 21:23:34 +0000
asID: 51167
IP address blocks: 185.219.143.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:83:cc:42:25:9c:f3:f8:e9:d9:71:de:b0:e2:16:c9:a9:d0:49:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 21:18:34 2026 GMT
Not After : Apr 1 21:23:34 2027 GMT
Subject: CN=3514FC4D5E6E3DE825EE5EAB9622967B716C0992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:12:37:61:f3:04:5b:df:f0:34:0f:08:9e:de:
a4:89:05:2d:7f:a7:2c:23:38:b0:1f:57:97:7d:a8:
f3:7a:0b:13:00:b4:d1:db:b2:95:ab:6a:ee:ee:b6:
28:1e:4b:85:54:32:68:9e:61:ce:2b:bb:f5:b5:17:
b3:c1:e6:39:cd:5d:8c:37:4f:69:55:ea:03:34:e9:
c1:0c:2b:cb:5e:f0:fb:02:61:6b:5a:08:d9:13:11:
96:ea:c0:d6:04:7d:27:87:cc:fd:3e:80:c1:d9:a0:
91:85:5d:bc:9e:1c:d2:2b:19:a0:10:b0:77:67:a9:
59:89:73:30:a4:53:77:b4:13:33:02:d1:fb:aa:a0:
3f:d2:3c:a5:18:4c:e3:2b:1d:e8:15:45:ff:22:00:
1d:36:3c:ff:eb:f6:5d:95:3f:5d:44:82:89:68:e1:
d7:18:a9:cd:74:bc:4c:52:72:a0:fd:4e:ca:e6:25:
a5:19:98:09:9a:b7:10:3b:21:e7:9e:ad:ca:78:c4:
a7:31:d9:7a:bb:55:07:2e:0d:7f:ab:a7:51:57:79:
46:09:18:f1:10:34:a4:04:24:b7:bf:0e:e8:51:46:
b9:2d:d1:91:97:ae:e2:9b:9b:5f:84:69:c4:be:0d:
a2:27:7f:37:69:29:6d:b9:69:30:e7:e1:7e:fc:f7:
98:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:14:FC:4D:5E:6E:3D:E8:25:EE:5E:AB:96:22:96:7B:71:6C:09:92
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231392e3134332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.143.0/24
Signature Algorithm: sha256WithRSAEncryption
66:c0:0c:95:bd:06:f9:69:51:0c:a2:b9:57:d6:12:4b:59:1e:
35:d6:65:c4:27:31:28:17:41:da:2a:f8:68:48:79:6b:9d:c9:
96:d2:e3:88:01:e5:26:35:de:20:3a:12:e3:ab:37:73:ae:aa:
ce:3f:da:57:5f:70:29:8c:df:24:d1:b1:ad:fe:1f:6e:d2:64:
35:fe:6e:18:73:ef:b9:85:87:a6:43:f1:f6:05:ab:5d:a6:f8:
43:8c:41:c4:69:6e:95:07:ff:05:c2:c9:e1:17:68:d5:d6:22:
58:e7:0a:fd:25:bc:5a:19:c2:f0:64:ac:a0:3b:31:c8:74:6c:
b9:65:1f:5e:ba:73:7e:6d:d7:8d:66:e3:e7:0a:92:f4:19:3d:
c1:62:64:7d:f9:8c:a7:ac:b0:a3:02:cb:cc:fe:33:d3:0f:72:
68:a4:a1:92:24:fa:9e:71:8f:34:b1:2b:21:76:d3:cf:a0:3f:
5e:c3:aa:eb:70:b5:13:5f:7a:61:48:27:bb:59:23:73:82:e5:
84:0e:9b:06:12:6a:fe:2a:b5:1a:0a:b3:22:52:e4:cb:98:a0:
8d:9a:dd:cd:e5:42:98:24:cf:e1:a5:0b:25:42:00:ea:a3:12:
02:cb:34:07:ed:50:f1:fa:69:a3:89:f0:ff:4d:bc:a8:02:fe:
01:fb:73:8d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUb4PMQiWc8/jp2XHesOIWyanQSTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MDIyMTE4MzRaFw0yNzA0MDEyMTIzMzRaMDMxMTAvBgNV
BAMTKDM1MTRGQzRENUU2RTNERTgyNUVFNUVBQjk2MjI5NjdCNzE2QzA5OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtEjdh8wRb3/A0Dwie3qSJBS1/
pywjOLAfV5d9qPN6CxMAtNHbspWrau7utigeS4VUMmieYc4ru/W1F7PB5jnNXYw3
T2lV6gM06cEMK8te8PsCYWtaCNkTEZbqwNYEfSeHzP0+gMHZoJGFXbyeHNIrGaAQ
sHdnqVmJczCkU3e0EzMC0fuqoD/SPKUYTOMrHegVRf8iAB02PP/r9l2VP11Egolo
4dcYqc10vExScqD9TsrmJaUZmAmatxA7Ieeercp4xKcx2Xq7VQcuDX+rp1FXeUYJ
GPEQNKQEJLe/DuhRRrkt0ZGXruKbm1+EacS+DaInfzdpKW25aTDn4X7895jLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNRT8TV5uPegl7l6rliKWe3FsCZIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzkyZTMx
MzQzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5248wDQYJKoZIhvcNAQELBQADggEBAGbADJW9BvlpUQyiuVfWEktZHjXWZcQn
MSgXQdoq+GhIeWudyZbS44gB5SY13iA6EuOrN3Ouqs4/2ldfcCmM3yTRsa3+H27S
ZDX+bhhz77mFh6ZD8fYFq12m+EOMQcRpbpUH/wXCyeEXaNXWIljnCv0lvFoZwvBk
rKA7Mch0bLllH166c35t141m4+cKkvQZPcFiZH35jKessKMCy8z+M9MPcmikoZIk
+p5xjzSxKyF208+gP17DqutwtRNfemFIJ7tZI3OC5YQOmwYSav4qtRoKsyJS5MuY
oI2a3c3lQpgkz+GlCyVCAOqjEgLLNAftUPH6aaOJ8P9NvKgC/gH7c40=
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:17:45 2026 by rpki-client