Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3134342e302f32322d3332203d3e20313431393935.roa
File: 38322e3138302e3134342e302f32322d3332203d3e20313431393935.roa (raw, json)
Hash identifier: MawNKfiTN2ED5ni5ZZ3zSFdzCRVnHs4WN3oiJwXZ9CM=
Subject key identifier: 8F:4B:D3:7D:DF:A8:64:BC:7B:EC:7E:A7:79:DA:09:90:40:73:E7:F7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6238057ACFECBED548B49F96B1D7CEC6B073CD1A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3134342e302f32322d3332203d3e20313431393935.roa
Signing time: Thu 05 Feb 2026 21:23:17 +0000
ROA not before: Thu 05 Feb 2026 21:18:17 +0000
ROA not after: Thu 04 Feb 2027 21:23:17 +0000
asID: 141995
IP address blocks: 82.180.144.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:38:05:7a:cf:ec:be:d5:48:b4:9f:96:b1:d7:ce:c6:b0:73:cd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 5 21:18:17 2026 GMT
Not After : Feb 4 21:23:17 2027 GMT
Subject: CN=8F4BD37DDFA864BC7BEC7EA779DA09904073E7F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:04:1f:d9:ba:e6:f3:e6:75:32:17:2c:4c:05:
5c:4f:61:5a:b4:5d:de:0a:86:9d:38:56:bf:cb:c0:
1b:f7:34:72:9e:b9:a3:1b:42:e8:cb:27:77:60:de:
26:f1:ff:09:1a:98:a1:3f:6a:f1:97:a1:8b:8b:08:
e7:37:f7:a1:f6:3d:bf:b2:e7:9d:76:f0:ae:66:09:
95:95:e1:81:bc:3c:2f:49:18:e4:a6:e6:59:f1:d4:
eb:24:89:59:23:7f:58:34:82:0a:13:0d:f9:49:f4:
ac:a2:92:f8:b2:17:24:37:4a:bf:e4:c4:e1:71:e8:
d4:40:d3:ff:1c:e2:fa:b2:b9:45:a3:b8:b5:2e:48:
da:7e:55:29:c9:11:e6:d5:cb:08:65:cf:c6:cd:6a:
34:60:15:b7:58:8c:e3:d0:0f:55:17:8c:ad:cd:5b:
d6:6f:66:cf:8a:fe:2d:3e:63:2f:ae:3a:fb:f7:fd:
c1:5e:31:59:fb:c7:3e:58:1a:36:aa:d8:01:a5:92:
77:e9:e7:2e:7f:31:e0:43:7b:e3:2a:f6:e1:a7:47:
f4:d0:36:8b:75:df:30:a6:f6:94:28:ab:c2:d5:6d:
63:a4:d6:8a:d3:de:d0:ae:bc:34:7e:d3:73:75:29:
52:17:92:6f:b1:c0:9b:91:d3:5b:9c:d3:9a:57:1d:
e5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4B:D3:7D:DF:A8:64:BC:7B:EC:7E:A7:79:DA:09:90:40:73:E7:F7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3134342e302f32322d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.144.0/22
Signature Algorithm: sha256WithRSAEncryption
37:10:dc:70:4c:99:7c:21:52:5f:51:0d:df:22:4e:a5:eb:dc:
1b:c7:78:c9:67:7a:64:a2:5d:c8:ac:cd:84:e7:97:90:a1:8d:
da:3a:95:4e:16:60:60:92:f3:b5:eb:44:75:e3:6e:56:17:0a:
06:c4:2c:75:ca:f5:fd:23:44:09:0c:af:6b:52:a0:6d:b6:ef:
d3:54:ec:17:8c:d4:68:7a:e1:6b:10:3a:f2:99:36:99:74:91:
ed:9b:be:94:4b:be:52:e2:c9:97:30:05:70:66:7d:6c:c6:f3:
20:4b:fd:66:fa:09:d7:28:bc:2d:d7:7c:7d:82:4a:a0:a6:34:
d7:fd:1e:f9:ad:66:68:48:2c:88:df:ed:e1:21:3c:42:36:5e:
7c:5e:e1:8f:3e:c1:2a:d1:ca:2e:2e:f7:88:c3:4d:83:cf:d5:
4e:1d:11:08:af:d8:29:ae:48:3e:bb:45:42:6d:12:6d:60:e4:
ac:53:36:56:d8:e0:6f:1a:0b:bf:df:3e:0d:92:ac:5c:23:e2:
0f:c9:70:83:5c:0f:a4:61:ea:52:bd:54:db:cd:c3:cd:df:f4:
dd:15:28:ac:9f:28:45:23:62:a1:61:e2:d6:82:34:58:b9:24:
85:dd:4d:51:24:43:a7:34:2c:07:8d:93:de:71:08:ab:6b:23:
4f:bf:7c:82
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYjgFes/svtVItJ+WsdfOxrBzzRowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAyMDUyMTE4MTdaFw0yNzAyMDQyMTIzMTdaMDMxMTAvBgNV
BAMTKDhGNEJEMzdEREZBODY0QkM3QkVDN0VBNzc5REEwOTkwNDA3M0U3RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaBB/Zuubz5nUyFyxMBVxPYVq0
Xd4Khp04Vr/LwBv3NHKeuaMbQujLJ3dg3ibx/wkamKE/avGXoYuLCOc396H2Pb+y
55128K5mCZWV4YG8PC9JGOSm5lnx1OskiVkjf1g0ggoTDflJ9KyikviyFyQ3Sr/k
xOFx6NRA0/8c4vqyuUWjuLUuSNp+VSnJEebVywhlz8bNajRgFbdYjOPQD1UXjK3N
W9ZvZs+K/i0+Yy+uOvv3/cFeMVn7xz5YGjaq2AGlknfp5y5/MeBDe+Mq9uGnR/TQ
Not13zCm9pQoq8LVbWOk1orT3tCuvDR+03N1KVIXkm+xwJuR01uc05pXHeV7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUj0vTfd+oZLx77H6nedoJkEBz5/cwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM0
MzQyZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJStJAwDQYJKoZIhvcNAQELBQADggEBADcQ3HBMmXwhUl9RDd8iTqXr3BvHeMln
emSiXciszYTnl5Chjdo6lU4WYGCS87XrRHXjblYXCgbELHXK9f0jRAkMr2tSoG22
79NU7BeM1Gh64WsQOvKZNpl0ke2bvpRLvlLiyZcwBXBmfWzG8yBL/Wb6CdcovC3X
fH2CSqCmNNf9HvmtZmhILIjf7eEhPEI2Xnxe4Y8+wSrRyi4u94jDTYPP1U4dEQiv
2CmuSD67RUJtEm1g5KxTNlbY4G8aC7/fPg2SrFwj4g/JcINcD6Rh6lK9VNvNw83f
9N0VKKyfKEUjYqFh4taCNFi5JIXdTVEkQ6c0LAeNk95xCKtrI0+/fII=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:03:06 2026 by rpki-client