Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234302e302f32332d3332203d3e203531313637.roa
File: 3138352e3232322e3234302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: 82XbKxCDD2S8xH6iUJP0/SAi35E9oM4CqfSu6arYCPo=
Subject key identifier: ED:CE:4C:69:6A:3E:46:FE:8F:75:61:8B:03:7E:7D:8D:1D:DE:ED:A2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 043BDFDA608BF8CF93ADCD49CB408436B8B02A3C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234302e302f32332d3332203d3e203531313637.roa
Signing time: Thu 02 Apr 2026 21:23:33 +0000
ROA not before: Thu 02 Apr 2026 21:18:33 +0000
ROA not after: Thu 01 Apr 2027 21:23:33 +0000
asID: 51167
IP address blocks: 185.222.240.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:3b:df:da:60:8b:f8:cf:93:ad:cd:49:cb:40:84:36:b8:b0:2a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 21:18:33 2026 GMT
Not After : Apr 1 21:23:33 2027 GMT
Subject: CN=EDCE4C696A3E46FE8F75618B037E7D8D1DDEEDA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:8c:18:de:c4:03:96:bd:86:b3:31:32:9d:15:
ad:70:78:6d:9b:a0:40:b9:82:dc:8c:1f:21:db:4e:
1e:67:59:f3:f2:98:3d:79:14:8e:9c:03:9f:39:12:
51:83:f4:bb:0d:c8:45:9e:59:f6:cc:c0:cb:1b:c3:
30:a3:f4:a7:b4:8f:fa:9d:73:3f:ee:f1:f4:73:fe:
e5:cb:14:cb:4d:61:04:05:8b:6f:6b:d8:84:e9:29:
1d:4b:0a:22:47:4c:d7:f5:ce:07:3e:a4:2f:c9:8e:
02:56:9b:88:f6:06:a9:88:12:a0:ed:9f:15:ec:64:
83:21:19:71:ae:b4:89:a4:27:2b:ba:e1:04:92:db:
57:ee:58:0e:ec:80:ac:b4:a7:d3:d8:28:6d:a3:b3:
e2:61:96:bc:32:65:25:8c:e8:b0:3a:0f:44:cc:71:
cd:19:52:8e:94:1c:73:0e:25:90:9f:2d:b9:eb:a6:
db:0f:a1:a0:6c:0e:87:99:3d:f3:a9:7a:dc:d7:2d:
5f:3e:66:aa:95:96:f3:df:db:d3:b1:5a:17:89:96:
4f:cb:04:fd:40:a8:79:9b:4f:cc:83:b2:cc:20:5b:
06:22:43:4f:00:b4:3c:b1:87:f1:c8:41:8c:d5:0a:
0e:3d:8d:84:de:de:b3:30:17:77:8f:ff:8e:a7:b8:
08:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:CE:4C:69:6A:3E:46:FE:8F:75:61:8B:03:7E:7D:8D:1D:DE:ED:A2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.240.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:79:1d:fd:08:4e:86:2d:13:1d:04:2f:ec:a2:85:1f:01:16:
f1:42:c4:02:f3:97:d1:e7:1e:24:ce:03:fb:e3:d1:a3:b8:39:
4e:b1:ea:57:38:09:e7:e2:ef:cd:c1:81:d7:79:bd:23:be:25:
47:15:59:04:7c:4e:02:64:43:cf:98:2a:61:39:c7:2d:e9:35:
11:2a:00:ea:db:d6:e2:b3:62:ad:0e:cd:18:88:63:14:80:f9:
f9:31:2f:11:a8:e8:e1:a7:f9:de:3f:69:33:ca:b5:62:36:ed:
7e:af:45:c6:63:b9:08:c0:4b:60:8b:07:f4:ea:e1:61:b9:8e:
30:f3:7a:c0:49:08:47:7d:03:c5:d9:90:8b:c7:36:b8:9f:e8:
cc:8e:d5:1f:de:e6:1a:14:e2:68:c9:7d:63:cc:49:63:f6:f1:
bb:5d:8d:dc:8d:24:fb:8d:78:fd:cf:ef:aa:50:c3:4b:1c:6a:
2b:b6:d4:19:34:bc:20:f9:64:de:3b:95:48:e5:54:28:af:5f:
66:18:1f:a3:43:82:69:a5:5e:c8:2b:47:d7:5a:40:f1:e9:e2:
ca:bb:df:fe:e6:33:26:ff:39:c8:2d:4f:53:b9:b4:7d:95:21:
4c:f1:b5:ff:23:6b:58:6d:40:21:c7:8e:ee:cd:4e:81:cb:8f:
6c:f6:4a:ff
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBDvf2mCL+M+Trc1Jy0CENriwKjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MDIyMTE4MzNaFw0yNzA0MDEyMTIzMzNaMDMxMTAvBgNV
BAMTKEVEQ0U0QzY5NkEzRTQ2RkU4Rjc1NjE4QjAzN0U3RDhEMURERUVEQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtjBjexAOWvYazMTKdFa1weG2b
oEC5gtyMHyHbTh5nWfPymD15FI6cA585ElGD9LsNyEWeWfbMwMsbwzCj9Ke0j/qd
cz/u8fRz/uXLFMtNYQQFi29r2ITpKR1LCiJHTNf1zgc+pC/JjgJWm4j2BqmIEqDt
nxXsZIMhGXGutImkJyu64QSS21fuWA7sgKy0p9PYKG2js+JhlrwyZSWM6LA6D0TM
cc0ZUo6UHHMOJZCfLbnrptsPoaBsDoeZPfOpetzXLV8+ZqqVlvPf29OxWheJlk/L
BP1AqHmbT8yDsswgWwYiQ08AtDyxh/HIQYzVCg49jYTe3rMwF3eP/46nuAiZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7c5MaWo+Rv6PdWGLA359jR3e7aIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMy
MzQzMDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG53vAwDQYJKoZIhvcNAQELBQADggEBAJ95Hf0IToYtEx0EL+yihR8BFvFCxALz
l9HnHiTOA/vj0aO4OU6x6lc4Cefi783Bgdd5vSO+JUcVWQR8TgJkQ8+YKmE5xy3p
NREqAOrb1uKzYq0OzRiIYxSA+fkxLxGo6OGn+d4/aTPKtWI27X6vRcZjuQjAS2CL
B/Tq4WG5jjDzesBJCEd9A8XZkIvHNrif6MyO1R/e5hoU4mjJfWPMSWP28btdjdyN
JPuNeP3P76pQw0scaiu21Bk0vCD5ZN47lUjlVCivX2YYH6NDgmmlXsgrR9daQPHp
4sq73/7mMyb/OcgtT1O5tH2VIUzxtf8ja1htQCHHju7NToHLj2z2Sv8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:21:52 2026 by rpki-client