Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34322e3133362e302f32342d3234203d3e203437353833.roa
File: 3139332e34322e3133362e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: KNbu0XgxBsWt8zGh7bahquJlQJ+9SPLTajKAlc4E5gk=
Subject key identifier: 6E:7E:D2:56:16:B3:93:34:C8:65:C8:81:98:90:2D:45:90:C5:4F:94
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 63D8C5CD8BF568134BA5F535413B43261CA0D0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34322e3133362e302f32342d3234203d3e203437353833.roa
Signing time: Mon 29 Dec 2025 09:50:59 +0000
ROA not before: Mon 29 Dec 2025 09:45:59 +0000
ROA not after: Mon 28 Dec 2026 09:50:59 +0000
asID: 47583
IP address blocks: 193.42.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:d8:c5:cd:8b:f5:68:13:4b:a5:f5:35:41:3b:43:26:1c:a0:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 29 09:45:59 2025 GMT
Not After : Dec 28 09:50:59 2026 GMT
Subject: CN=6E7ED25616B39334C865C88198902D4590C54F94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:86:02:6f:cb:c2:32:5e:33:fe:51:62:58:d8:
03:65:c8:05:dc:13:9c:51:6d:f1:da:d2:65:3f:45:
60:da:e9:7b:cb:42:9a:e3:9d:6e:34:0e:5e:a9:df:
e5:d9:75:fd:99:bf:cd:d6:8b:8e:a6:f3:71:60:fa:
ac:0c:ba:8c:31:ea:93:16:51:6a:a6:10:4a:04:e0:
35:51:6f:54:09:87:f1:3d:07:b8:7b:16:60:c2:99:
ff:8e:b3:a2:b0:e7:e5:61:10:04:13:9f:53:3c:c2:
16:de:8f:ae:c2:e7:a4:98:02:16:d7:83:0b:50:da:
88:50:ec:f9:14:3b:39:c9:d9:e1:b3:d8:66:f2:cd:
50:8e:36:8f:6e:4a:c5:07:27:dd:90:34:16:4b:c8:
ff:63:d9:33:4f:4c:0b:14:7a:cd:a3:90:5d:da:c7:
15:81:38:cd:19:15:a5:8c:da:be:1c:a8:d6:c5:1a:
3e:3c:ee:8b:1e:32:81:c6:6f:53:5f:92:f2:d7:57:
63:d5:d2:06:51:81:83:69:45:1a:e5:84:89:3b:78:
10:64:58:e8:15:35:7b:5c:9b:34:92:8a:91:f8:00:
5f:40:02:f3:1f:dc:7e:96:8b:37:62:36:68:8c:34:
c2:7c:19:eb:e3:db:f0:bb:4d:45:0d:d1:0f:e9:05:
91:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7E:D2:56:16:B3:93:34:C8:65:C8:81:98:90:2D:45:90:C5:4F:94
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e34322e3133362e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.136.0/24
Signature Algorithm: sha256WithRSAEncryption
40:fe:82:c9:9f:8d:b0:22:32:b6:7a:98:1a:8d:18:a0:fd:4a:
01:45:38:92:14:91:ad:f5:dc:42:d4:42:6f:f8:66:e7:37:92:
9d:c7:88:39:af:29:8b:60:90:a7:19:24:e5:92:c2:ab:70:a0:
a8:8f:0c:23:b7:e6:6f:04:99:c6:89:9b:13:61:d6:62:ff:90:
d0:20:93:08:bd:df:9f:f0:b5:9a:09:dc:1b:dd:43:48:49:c2:
ae:3a:46:34:da:f0:b5:4f:97:fc:b3:82:03:6b:72:ed:ad:1f:
57:c8:6d:d9:8a:8c:5f:72:e8:f9:37:61:27:e3:e8:b8:37:27:
ef:98:2e:8d:85:91:19:d5:99:7c:0d:31:ea:70:31:a2:dd:df:
bf:be:5d:f1:d6:e3:4f:af:dd:1c:46:b5:15:d2:7d:bb:bc:53:
78:a9:ed:21:e4:73:36:1b:f4:71:7e:c5:0f:5b:8c:06:9f:b5:
03:3c:a3:7c:e5:c7:73:20:ea:d0:f2:a6:c7:af:a9:e7:96:76:
21:a7:58:c5:90:85:6c:84:de:e2:a1:bf:0e:e7:cb:73:13:d5:
41:d0:24:91:67:4a:19:f8:b7:d5:35:d0:f0:9d:4f:9b:a5:28:
e1:9a:da:b4:fa:a6:d2:b4:b1:69:3f:37:1e:2a:9f:d8:ef:42:
0c:00:26:58
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgITY9jFzYv1aBNLpfU1QTtDJhyg0DANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhhYjJkY2MxNjljOTVmMmIxNGRmMzFkZDI0YTFmNjcwMzRl
YTc3NzljMB4XDTI1MTIyOTA5NDU1OVoXDTI2MTIyODA5NTA1OVowMzExMC8GA1UE
AxMoNkU3RUQyNTYxNkIzOTMzNEM4NjVDODgxOTg5MDJENDU5MEM1NEY5NDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOaGAm/LwjJeM/5RYljYA2XIBdwT
nFFt8drSZT9FYNrpe8tCmuOdbjQOXqnf5dl1/Zm/zdaLjqbzcWD6rAy6jDHqkxZR
aqYQSgTgNVFvVAmH8T0HuHsWYMKZ/46zorDn5WEQBBOfUzzCFt6PrsLnpJgCFteD
C1DaiFDs+RQ7OcnZ4bPYZvLNUI42j25KxQcn3ZA0FkvI/2PZM09MCxR6zaOQXdrH
FYE4zRkVpYzavhyo1sUaPjzuix4ygcZvU1+S8tdXY9XSBlGBg2lFGuWEiTt4EGRY
6BU1e1ybNJKKkfgAX0AC8x/cfpaLN2I2aIw0wnwZ6+Pb8LtNRQ3RD+kFkRkCAwEA
AaOCAj0wggI5MB0GA1UdDgQWBBRuftJWFrOTNMhlyIGYkC1FkMVPlDAfBgNVHSME
GDAWgBSrLcwWnJXysU3zHdJKH2cDTqd3nDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9mZTM3MDhhMC02N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5
YWYvNC9BQjJEQ0MxNjlDOTVGMkIxNERGMzFERDI0QTFGNjcwMzRFQTc3NzlDLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcXkzTUZweVY4ckZOOHgzU1NoOW5BMDZu
ZDV3LmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mZTM3MDhhMC02
N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5YWYvNC8zMTM5MzMyZTM0MzIyZTMxMzMz
NjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADB
KogwDQYJKoZIhvcNAQELBQADggEBAED+gsmfjbAiMrZ6mBqNGKD9SgFFOJIUka31
3ELUQm/4Zuc3kp3HiDmvKYtgkKcZJOWSwqtwoKiPDCO35m8EmcaJmxNh1mL/kNAg
kwi935/wtZoJ3BvdQ0hJwq46RjTa8LVPl/yzggNrcu2tH1fIbdmKjF9y6Pk3YSfj
6Lg3J++YLo2FkRnVmXwNMepwMaLd37++XfHW40+v3RxGtRXSfbu8U3ip7SHkczYb
9HF+xQ9bjAaftQM8o3zlx3Mg6tDypsevqeeWdiGnWMWQhWyE3uKhvw7ny3MT1UHQ
JJFnShn4t9U10PCdT5ulKOGa2rT6ptK0sWk/Nx4qn9jvQgwAJlg=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:35:10 2026 by rpki-client