Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32332d3332203d3e203531313637.roa
File: 3138352e3233342e37302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: iT9eGv2Bjt/seMCprS2/uxuu7RgiBklBdDkCMzR2Ir0=
Subject key identifier: 59:78:C7:5C:1D:B6:E4:54:D4:4F:8B:77:90:9A:FF:4A:C0:E4:3E:82
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5E68AE8EBDB85039F4D6FD92B49559E28D91FC9F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32332d3332203d3e203531313637.roa
Signing time: Thu 02 Apr 2026 21:23:33 +0000
ROA not before: Thu 02 Apr 2026 21:18:33 +0000
ROA not after: Thu 01 Apr 2027 21:23:33 +0000
asID: 51167
IP address blocks: 185.234.70.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:68:ae:8e:bd:b8:50:39:f4:d6:fd:92:b4:95:59:e2:8d:91:fc:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 2 21:18:33 2026 GMT
Not After : Apr 1 21:23:33 2027 GMT
Subject: CN=5978C75C1DB6E454D44F8B77909AFF4AC0E43E82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:92:3b:8e:e7:4d:56:94:68:c9:0b:e6:dd:36:
ae:a1:aa:e1:e6:37:5a:5b:26:76:94:ab:0d:da:b4:
7d:29:5a:8d:85:51:51:41:69:ac:14:79:c3:18:b3:
bc:db:4a:a3:7f:10:79:67:e2:37:9f:93:48:44:b7:
eb:0f:96:8f:1a:df:5c:d8:68:97:d7:7b:83:16:80:
5d:35:ff:52:89:77:33:47:1e:eb:73:2b:4a:b7:c4:
ca:66:a1:e0:59:93:e3:97:19:a7:78:47:45:0f:b5:
ee:b3:53:7f:b1:46:97:86:ce:eb:d1:e4:69:13:34:
a3:2e:3e:f2:83:fc:0d:a2:61:54:7e:17:02:4c:5f:
4c:93:fc:b5:0b:24:55:3d:90:00:b6:3a:10:d5:12:
31:1e:83:a1:4c:b3:ad:65:02:d5:7e:75:f8:37:17:
36:65:0e:9b:54:44:ff:a5:c1:21:3b:db:42:9a:62:
ba:44:b1:ed:01:b1:8c:90:65:e0:ba:80:f8:7e:1f:
71:98:8c:0e:36:72:00:3d:2f:2e:d4:9f:28:ef:7a:
d6:d5:6b:54:8f:40:b2:51:cc:ec:64:2d:93:9f:d8:
99:61:d9:9a:4d:ac:63:4a:37:6f:40:46:3d:c0:0b:
46:07:8a:8b:98:10:03:1c:53:d5:84:b0:ba:ba:41:
af:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:78:C7:5C:1D:B6:E4:54:D4:4F:8B:77:90:9A:FF:4A:C0:E4:3E:82
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233342e37302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.70.0/23
Signature Algorithm: sha256WithRSAEncryption
53:52:d8:6d:93:e2:e8:36:cb:83:14:e9:a6:11:e6:95:ca:1b:
65:1a:5a:72:7e:df:6d:66:fc:a7:63:46:a6:e9:44:d2:72:70:
76:64:cd:25:d3:91:ba:70:93:07:f7:41:db:64:b6:7f:49:12:
d3:a3:c9:cc:c8:50:4e:00:31:6b:66:ee:9c:64:c4:2b:5e:5c:
a8:10:8d:f8:b9:8b:dd:ce:16:2c:7c:23:57:e1:cf:0c:84:5f:
85:5a:b1:98:d3:bd:ee:63:30:18:c7:d6:70:44:3b:b2:c3:d7:
44:5c:5b:d0:2c:6c:df:86:32:72:8e:a6:c2:69:e8:99:9d:cc:
58:fd:28:d7:3c:98:22:25:66:fc:91:44:35:bf:3b:ad:ff:dd:
c9:90:0c:b5:e3:e4:c0:58:9b:a4:66:b0:c3:97:05:4c:b9:bb:
90:8d:68:78:02:dc:3d:96:01:bd:61:48:0e:9c:55:12:72:47:
38:14:bf:0d:c5:f0:29:7d:14:37:73:e0:87:46:80:83:15:96:
18:b5:d8:7e:de:1d:67:4e:24:2f:ef:4d:92:0a:18:cc:21:56:
a7:6e:74:24:4b:fd:61:8c:d1:d5:e1:db:8f:53:48:2c:df:15:
be:af:ae:dd:37:75:20:0d:a6:66:ec:56:e9:ee:a0:c0:ef:e0:
b2:d8:e2:de
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXmiujr24UDn01v2StJVZ4o2R/J8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MDIyMTE4MzNaFw0yNzA0MDEyMTIzMzNaMDMxMTAvBgNV
BAMTKDU5NzhDNzVDMURCNkU0NTRENDRGOEI3NzkwOUFGRjRBQzBFNDNFODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkkjuO501WlGjJC+bdNq6hquHm
N1pbJnaUqw3atH0pWo2FUVFBaawUecMYs7zbSqN/EHln4jefk0hEt+sPlo8a31zY
aJfXe4MWgF01/1KJdzNHHutzK0q3xMpmoeBZk+OXGad4R0UPte6zU3+xRpeGzuvR
5GkTNKMuPvKD/A2iYVR+FwJMX0yT/LULJFU9kAC2OhDVEjEeg6FMs61lAtV+dfg3
FzZlDptURP+lwSE720KaYrpEse0BsYyQZeC6gPh+H3GYjA42cgA9Ly7UnyjvetbV
a1SPQLJRzOxkLZOf2Jlh2ZpNrGNKN29ARj3AC0YHiouYEAMcU9WEsLq6Qa/9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWXjHXB225FTUT4t3kJr/SsDkPoIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzQyZTM3
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uepGMA0GCSqGSIb3DQEBCwUAA4IBAQBTUthtk+LoNsuDFOmmEeaVyhtlGlpyft9t
ZvynY0am6UTScnB2ZM0l05G6cJMH90HbZLZ/SRLTo8nMyFBOADFrZu6cZMQrXlyo
EI34uYvdzhYsfCNX4c8MhF+FWrGY073uYzAYx9ZwRDuyw9dEXFvQLGzfhjJyjqbC
aeiZncxY/SjXPJgiJWb8kUQ1vzut/93JkAy14+TAWJukZrDDlwVMubuQjWh4Atw9
lgG9YUgOnFUSckc4FL8NxfApfRQ3c+CHRoCDFZYYtdh+3h1nTiQv702SChjMIVan
bnQkS/1hjNHV4duPU0gs3xW+r67dN3UgDaZm7Fbp7qDA7+Cy2OLe
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:05:48 2026 by rpki-client