Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e31322e302f32322d3234203d3e203437353833.roa
File: 3139352e3230302e31322e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: yQiPMo3YbEh39ubLRMJx9gX+gtzk0Z0Qt1iEzEjUEyQ=
Subject key identifier: 53:D1:3E:A8:DB:79:B3:94:04:23:70:D0:CE:F4:A4:40:CB:2E:64:04
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 30E8F1D16E3D7B7674D1143C0F9052225E4A8B98
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e31322e302f32322d3234203d3e203437353833.roa
Signing time: Thu 16 Apr 2026 11:23:42 +0000
ROA not before: Thu 16 Apr 2026 11:18:42 +0000
ROA not after: Thu 15 Apr 2027 11:23:42 +0000
asID: 47583
IP address blocks: 195.200.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:e8:f1:d1:6e:3d:7b:76:74:d1:14:3c:0f:90:52:22:5e:4a:8b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 16 11:18:42 2026 GMT
Not After : Apr 15 11:23:42 2027 GMT
Subject: CN=53D13EA8DB79B394042370D0CEF4A440CB2E6404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e3:4f:75:12:c1:19:63:0c:27:7d:c3:50:35:
2d:9e:6b:bd:1a:a7:46:05:4c:8e:9d:12:3a:a1:a3:
8e:19:59:3c:27:57:da:59:bb:47:c7:eb:f1:52:59:
22:a2:88:af:f7:75:af:be:cc:d9:b6:55:33:83:8e:
f3:1f:78:61:2a:65:27:6d:60:6c:45:1a:fc:24:38:
39:b3:32:0f:7a:e5:79:d1:99:96:1d:b8:a2:00:70:
35:b7:6d:d7:c9:d3:42:f1:4c:1a:c6:2a:1d:29:cd:
84:4f:65:1e:10:29:3a:cc:a7:10:ae:e6:99:02:c4:
90:5f:eb:eb:45:ca:8f:79:c3:21:66:45:94:40:92:
cc:27:fe:b8:6e:0d:1a:6b:6e:27:3b:ec:db:28:98:
c2:61:9c:3e:7c:2f:bc:05:38:b1:65:25:14:2f:bd:
23:03:55:57:85:27:99:34:29:f8:37:a3:5b:c1:d5:
dc:82:81:84:da:99:c3:35:69:12:93:ff:10:47:9d:
5e:f1:b9:c4:57:a2:47:0d:16:e9:c0:cd:36:29:7a:
47:b7:f0:47:f6:5d:93:d3:20:4a:d7:7b:ae:09:04:
bb:11:ba:c3:6c:48:b1:dc:d1:8a:31:ca:38:97:24:
a7:67:c8:5c:08:9a:5e:f8:4d:52:a8:b1:1e:d9:77:
92:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D1:3E:A8:DB:79:B3:94:04:23:70:D0:CE:F4:A4:40:CB:2E:64:04
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139352e3230302e31322e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.12.0/22
Signature Algorithm: sha256WithRSAEncryption
98:f8:61:44:65:7b:25:c5:2a:12:42:5a:84:ea:2a:f9:59:c7:
9e:5e:4c:af:5c:e1:c5:ae:ab:43:51:66:4b:9e:31:57:be:6e:
e5:cb:80:04:5e:e3:7a:9b:e4:60:63:cb:8b:7e:24:72:6c:30:
cc:9f:93:06:19:33:3e:44:80:3c:b0:d5:fa:1c:74:0b:01:47:
9c:23:63:07:09:d4:17:c4:3b:a9:4b:a4:dc:50:d6:c7:cc:36:
41:13:7c:19:91:e6:af:52:4b:8d:4f:1f:5e:e9:85:2c:5d:94:
04:3b:d7:e9:a5:b4:f5:cb:9d:3b:f8:d4:88:7a:23:74:48:e6:
a5:89:a3:d0:77:41:41:f4:93:57:fc:77:36:d4:2d:25:dc:c7:
b0:ed:41:a9:3b:0b:39:43:59:39:da:93:97:59:84:67:d8:9d:
0e:d9:b4:02:fe:9e:8d:f7:6b:73:47:80:63:8b:81:ee:f8:d9:
70:06:3b:bb:15:1e:77:47:27:69:d0:1d:3c:7e:4a:ab:59:cd:
73:41:25:a7:f3:f1:fc:ca:31:25:08:e4:d6:b7:e0:cb:ae:73:
2f:fd:f7:3c:ed:61:c3:f3:58:01:15:81:aa:5d:8d:10:a5:03:
47:4b:6a:d1:eb:84:8c:b1:1f:81:03:67:de:85:be:a6:b0:24:
d2:cc:b8:17
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMOjx0W49e3Z00RQ8D5BSIl5Ki5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTYxMTE4NDJaFw0yNzA0MTUxMTIzNDJaMDMxMTAvBgNV
BAMTKDUzRDEzRUE4REI3OUIzOTQwNDIzNzBEMENFRjRBNDQwQ0IyRTY0MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP4091EsEZYwwnfcNQNS2ea70a
p0YFTI6dEjqho44ZWTwnV9pZu0fH6/FSWSKiiK/3da++zNm2VTODjvMfeGEqZSdt
YGxFGvwkODmzMg965XnRmZYduKIAcDW3bdfJ00LxTBrGKh0pzYRPZR4QKTrMpxCu
5pkCxJBf6+tFyo95wyFmRZRAkswn/rhuDRprbic77NsomMJhnD58L7wFOLFlJRQv
vSMDVVeFJ5k0Kfg3o1vB1dyCgYTamcM1aRKT/xBHnV7xucRXokcNFunAzTYpeke3
8Ef2XZPTIErXe64JBLsRusNsSLHc0YoxyjiXJKdnyFwIml74TVKosR7Zd5KXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUU9E+qNt5s5QEI3DQzvSkQMsuZAQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM1MmUzMjMwMzAyZTMx
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
w8gMMA0GCSqGSIb3DQEBCwUAA4IBAQCY+GFEZXslxSoSQlqE6ir5WceeXkyvXOHF
rqtDUWZLnjFXvm7ly4AEXuN6m+RgY8uLfiRybDDMn5MGGTM+RIA8sNX6HHQLAUec
I2MHCdQXxDupS6TcUNbHzDZBE3wZkeavUkuNTx9e6YUsXZQEO9fppbT1y507+NSI
eiN0SOaliaPQd0FB9JNX/Hc21C0l3Mew7UGpOws5Q1k52pOXWYRn2J0O2bQC/p6N
92tzR4Bji4Hu+NlwBju7FR53Rydp0B08fkqrWc1zQSWn8/H8yjElCOTWt+DLrnMv
/fc87WHD81gBFYGqXY0QpQNHS2rR64SMsR+BA2fehb6msCTSzLgX
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:56:24 2026 by rpki-client