Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233382e302f32342d3234203d3e20323132323338.roa
File: 38352e3139302e3233382e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: VW8MlRrR66d3yHkFGl78NGSr8LHpWv1trwSdYTYAMNw=
Subject key identifier: 34:C9:AA:08:D8:DC:7C:8F:CB:44:3B:46:01:E7:FE:75:54:4C:73:78
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 26EC52DCDBE6B241BE4FCC0402D3CE1F2FB60BF8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233382e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 04 Jun 2026 20:24:56 +0000
ROA not before: Thu 04 Jun 2026 20:19:56 +0000
ROA not after: Thu 03 Jun 2027 20:24:56 +0000
asID: 212238
IP address blocks: 85.190.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:ec:52:dc:db:e6:b2:41:be:4f:cc:04:02:d3:ce:1f:2f:b6:0b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 4 20:19:56 2026 GMT
Not After : Jun 3 20:24:56 2027 GMT
Subject: CN=34C9AA08D8DC7C8FCB443B4601E7FE75544C7378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d3:1e:f8:b7:f2:ec:77:7a:ea:e4:1a:3f:ea:
71:07:ca:15:e2:11:84:63:eb:ad:7d:82:f2:73:7a:
49:ce:25:b0:b0:72:88:9e:ad:88:93:42:7a:83:dd:
29:1b:60:79:37:41:ba:e7:ba:f1:d4:bd:7a:cc:c6:
1d:5e:8a:1d:bd:bb:26:28:64:66:9a:0c:ab:07:21:
d9:8d:15:49:15:ee:37:4c:4f:5b:67:18:96:92:c6:
3f:3d:0f:ed:9b:13:27:27:06:23:31:9f:3b:bb:3e:
61:0b:41:6b:86:6b:65:e2:15:04:3a:19:f7:64:08:
d9:13:04:22:99:fb:32:3d:c3:da:d9:74:3f:43:cd:
38:83:91:98:ea:5b:d8:67:a8:b6:11:34:10:6b:00:
dc:2c:2a:63:c9:b6:7a:51:0e:57:fa:c4:8b:4c:29:
77:7c:df:a5:e6:ab:58:6f:17:cc:7a:3d:0b:ab:eb:
8c:07:f6:22:65:1c:1d:0b:f1:61:21:99:7c:fc:ac:
db:08:35:d0:69:ad:13:95:2c:69:56:48:24:64:e1:
3b:bc:ee:08:97:0b:e3:62:cf:6b:f1:0a:5c:d7:ec:
76:07:b7:91:54:d8:ae:ef:d7:69:7a:9f:63:8f:9a:
28:11:1d:57:fe:06:4b:66:25:dd:dc:44:39:61:17:
b2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C9:AA:08:D8:DC:7C:8F:CB:44:3B:46:01:E7:FE:75:54:4C:73:78
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233382e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.238.0/24
Signature Algorithm: sha256WithRSAEncryption
52:9e:0f:cb:d4:2e:04:41:aa:8f:6d:41:3c:d6:d2:e3:7b:a6:
2a:54:7f:89:8f:be:3c:be:56:be:e1:eb:22:df:d8:a9:ec:d1:
1d:57:43:be:50:b5:97:a6:33:2d:19:92:e0:53:d7:fc:b0:3d:
13:c0:72:14:0b:26:a1:bc:b9:66:81:ff:7e:54:b0:e7:75:39:
14:ff:0a:00:25:4c:6e:d0:5b:a3:4e:16:53:07:7e:3a:e5:70:
48:ce:42:8a:d6:3e:7c:e0:0e:69:00:c6:12:8c:b0:b5:df:90:
8a:fa:72:e5:62:7c:43:4b:33:12:f8:98:c9:f3:ec:d3:6e:45:
9d:e0:68:66:a4:b7:75:10:c2:51:14:43:ae:23:65:39:cd:5d:
ad:4c:43:5a:00:fd:09:de:57:ae:6a:07:1e:f3:45:29:b3:34:
02:79:6c:08:cc:f7:be:b1:af:7b:78:21:a9:26:84:fd:b6:02:
de:59:58:dd:a4:9e:e9:54:24:f5:37:b4:74:e2:75:bf:0e:34:
5c:12:65:18:a5:46:3a:85:1f:4a:04:de:d6:ef:2c:4a:9a:c4:
68:29:88:34:95:29:33:e3:4d:9f:3f:2a:58:d4:3a:78:23:90:
32:a2:dc:ef:1d:80:bf:5e:8c:24:fc:aa:8d:29:34:fa:96:20:
52:13:b2:b2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJuxS3NvmskG+T8wEAtPOHy+2C/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA2MDQyMDE5NTZaFw0yNzA2MDMyMDI0NTZaMDMxMTAvBgNV
BAMTKDM0QzlBQTA4RDhEQzdDOEZDQjQ0M0I0NjAxRTdGRTc1NTQ0QzczNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC50x74t/Lsd3rq5Bo/6nEHyhXi
EYRj6619gvJzeknOJbCwcoierYiTQnqD3SkbYHk3QbrnuvHUvXrMxh1eih29uyYo
ZGaaDKsHIdmNFUkV7jdMT1tnGJaSxj89D+2bEycnBiMxnzu7PmELQWuGa2XiFQQ6
GfdkCNkTBCKZ+zI9w9rZdD9DzTiDkZjqW9hnqLYRNBBrANwsKmPJtnpRDlf6xItM
KXd836Xmq1hvF8x6PQur64wH9iJlHB0L8WEhmXz8rNsINdBprROVLGlWSCRk4Tu8
7giXC+Niz2vxClzX7HYHt5FU2K7v12l6n2OPmigRHVf+BktmJd3cRDlhF7JDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNMmqCNjcfI/LRDtGAef+dVRMc3gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvu4wDQYJKoZIhvcNAQELBQADggEBAFKeD8vULgRBqo9tQTzW0uN7pipUf4mP
vjy+Vr7h6yLf2Kns0R1XQ75QtZemMy0ZkuBT1/ywPRPAchQLJqG8uWaB/35UsOd1
ORT/CgAlTG7QW6NOFlMHfjrlcEjOQorWPnzgDmkAxhKMsLXfkIr6cuVifENLMxL4
mMnz7NNuRZ3gaGakt3UQwlEUQ64jZTnNXa1MQ1oA/QneV65qBx7zRSmzNAJ5bAjM
976xr3t4IakmhP22At5ZWN2knulUJPU3tHTidb8ONFwSZRilRjqFH0oE3tbvLEqa
xGgpiDSVKTPjTZ8/KljUOngjkDKi3O8dgL9ejCT8qo0pNPqWIFITsrI=
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:01:32 2026 by rpki-client