Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3230312e302f32342d3234203d3e20313431303339.roa
File: 3139352e3137392e3230312e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: dwlsnA2twieCoDTAml8g84lbmqx6dxMAr7HJpGuHlNo=
Subject key identifier: 48:EC:C2:BE:E9:B3:90:2E:B8:77:D4:9F:1C:13:47:7E:D1:12:14:C3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 52BB5B54EB57FF9C6B3ACE2B22235AA686893486
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3230312e302f32342d3234203d3e20313431303339.roa
Signing time: Thu 12 Feb 2026 10:23:20 +0000
ROA not before: Thu 12 Feb 2026 10:18:20 +0000
ROA not after: Thu 11 Feb 2027 10:23:20 +0000
asID: 141039
IP address blocks: 195.179.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:bb:5b:54:eb:57:ff:9c:6b:3a:ce:2b:22:23:5a:a6:86:89:34:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 12 10:18:20 2026 GMT
Not After : Feb 11 10:23:20 2027 GMT
Subject: CN=48ECC2BEE9B3902EB877D49F1C13477ED11214C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:70:be:0f:6f:73:29:07:9b:07:66:59:83:ac:
11:80:ad:5f:43:a0:85:d6:79:92:ed:a7:2b:c8:eb:
dd:ab:c2:c3:fc:3c:de:42:18:50:01:9f:fd:e6:8b:
50:5a:51:a4:f3:da:5f:42:a0:55:fe:4e:7f:c1:03:
55:3f:36:8a:33:75:62:fc:6e:eb:c0:7c:db:16:9a:
0e:2a:78:c5:5b:07:e5:13:e2:bd:8c:bd:f1:c5:36:
02:03:6f:b2:7c:3e:21:88:cf:09:89:97:32:35:1c:
c2:e3:49:85:9a:8b:61:19:7e:3e:76:35:1d:19:d6:
de:e3:5c:3b:14:92:69:62:8c:5b:38:cd:ed:80:e8:
e6:8a:7f:9e:8e:63:d6:c8:7d:3f:c9:bf:d7:c7:e6:
cf:f4:57:9c:80:dc:e9:8d:fa:81:07:46:15:b8:49:
34:d1:1c:da:2e:46:fb:24:55:79:24:1d:b5:b7:84:
00:75:cf:e0:1b:13:ac:ed:8f:90:08:6d:ba:16:cd:
c6:1e:17:95:02:39:fb:96:37:a3:4c:d8:8b:e7:7b:
bd:8b:f1:4d:4d:d7:0e:b0:e3:27:a8:d6:0e:28:1e:
e3:30:d5:d2:1c:bc:4c:a6:30:57:e5:05:96:b1:9e:
6a:c0:c5:5a:9c:14:d4:35:e1:39:42:0d:a2:2a:78:
9f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:EC:C2:BE:E9:B3:90:2E:B8:77:D4:9F:1C:13:47:7E:D1:12:14:C3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3137392e3230312e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.179.201.0/24
Signature Algorithm: sha256WithRSAEncryption
72:77:88:88:b4:9f:c3:99:0e:33:0a:fe:c0:97:e8:d3:1a:88:
4a:a3:da:d4:67:48:32:75:f2:3e:f5:8a:86:a4:35:0e:07:18:
13:e1:b0:bc:96:f7:51:1b:e5:7f:a7:85:19:a0:0b:95:e5:ad:
a5:b5:43:bd:3d:d4:d9:25:79:b4:12:e3:73:82:bb:6a:36:f0:
b2:55:15:51:f7:d3:7c:6e:db:a6:42:5f:83:bd:74:16:c4:49:
ee:b6:5d:10:eb:af:e1:fc:21:ea:6b:af:26:33:6f:b0:e0:0a:
01:6a:6a:a4:55:d5:63:dd:e0:8c:14:78:2d:8f:13:64:0a:3b:
29:c7:24:72:12:9a:e4:2e:b2:1f:88:3b:58:5a:78:b0:67:b8:
9f:95:23:56:30:44:5c:ff:99:f8:e4:3d:fa:d5:38:c6:6f:02:
3d:6b:4e:2e:42:96:56:85:73:c4:0d:e2:0d:9a:69:f6:36:66:
1b:85:40:a5:ab:5a:46:c0:5b:3c:be:1a:1c:63:1c:43:05:8b:
c6:3c:e8:9e:08:f7:0a:9f:0f:b9:7d:b7:05:47:83:06:46:98:
73:db:58:56:91:00:42:7d:d9:88:de:3e:89:8b:41:49:e6:7e:
de:b5:dd:25:36:3c:51:9d:8b:71:49:c3:46:04:57:db:fe:68:
62:72:c5:80
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUrtbVOtX/5xrOs4rIiNapoaJNIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAyMTIxMDE4MjBaFw0yNzAyMTExMDIzMjBaMDMxMTAvBgNV
BAMTKDQ4RUNDMkJFRTlCMzkwMkVCODc3RDQ5RjFDMTM0NzdFRDExMjE0QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhcL4Pb3MpB5sHZlmDrBGArV9D
oIXWeZLtpyvI692rwsP8PN5CGFABn/3mi1BaUaTz2l9CoFX+Tn/BA1U/NoozdWL8
buvAfNsWmg4qeMVbB+UT4r2MvfHFNgIDb7J8PiGIzwmJlzI1HMLjSYWai2EZfj52
NR0Z1t7jXDsUkmlijFs4ze2A6OaKf56OY9bIfT/Jv9fH5s/0V5yA3OmN+oEHRhW4
STTRHNouRvskVXkkHbW3hAB1z+AbE6ztj5AIbboWzcYeF5UCOfuWN6NM2Ivne72L
8U1N1w6w4yeo1g4oHuMw1dIcvEymMFflBZaxnmrAxVqcFNQ14TlCDaIqeJ+9AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUSOzCvumzkC64d9SfHBNHftESFMMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMTM3MzkyZTMy
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMOzyTANBgkqhkiG9w0BAQsFAAOCAQEAcneIiLSfw5kOMwr+wJfo0xqISqPa
1GdIMnXyPvWKhqQ1DgcYE+GwvJb3URvlf6eFGaALleWtpbVDvT3U2SV5tBLjc4K7
ajbwslUVUffTfG7bpkJfg710FsRJ7rZdEOuv4fwh6muvJjNvsOAKAWpqpFXVY93g
jBR4LY8TZAo7KcckchKa5C6yH4g7WFp4sGe4n5UjVjBEXP+Z+OQ9+tU4xm8CPWtO
LkKWVoVzxA3iDZpp9jZmG4VApataRsBbPL4aHGMcQwWLxjzongj3Cp8PuX23BUeD
BkaYc9tYVpEAQn3ZiN4+iYtBSeZ+3rXdJTY8UZ2LcUnDRgRX2/5oYnLFgA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:19:42 2026 by rpki-client