Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/322e35362e3235332e302f32342d3234203d3e20323034313730.roa
File: 322e35362e3235332e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: zEvh7XWpRDzqWMAlrVUUIrkZWDpd355B5qIhxMi/Jo0=
Subject key identifier: 5F:85:B6:16:C2:7A:8F:A5:01:91:0D:14:43:0B:E3:AD:96:EE:6E:B3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 03B2CBAAE5D2463CE2913F9EF864629D5FC47E20
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/322e35362e3235332e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 28 Apr 2026 23:23:55 +0000
ROA not before: Tue 28 Apr 2026 23:18:55 +0000
ROA not after: Tue 27 Apr 2027 23:23:55 +0000
asID: 204170
IP address blocks: 2.56.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:b2:cb:aa:e5:d2:46:3c:e2:91:3f:9e:f8:64:62:9d:5f:c4:7e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 28 23:18:55 2026 GMT
Not After : Apr 27 23:23:55 2027 GMT
Subject: CN=5F85B616C27A8FA501910D14430BE3AD96EE6EB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:49:5b:31:13:37:7d:ea:f5:a7:35:c9:ba:ce:
d2:d0:f3:2e:ec:d7:1d:d0:72:e3:1a:19:d1:be:8e:
c4:3e:89:8d:21:c1:b8:91:bf:72:0e:c1:cd:bd:d3:
5b:f8:4a:93:7a:91:9b:3e:e8:b1:68:c6:e4:db:7e:
83:69:18:fa:76:08:e8:99:d5:4c:7d:35:5d:e1:b5:
3f:51:6f:e5:87:55:55:48:6e:d9:17:f4:be:30:50:
5f:6e:84:24:be:33:6a:13:71:e1:ae:c5:7d:ae:f5:
b6:57:ab:2b:74:67:ae:ca:a2:2a:97:db:05:6e:00:
47:c8:0f:df:49:2b:ce:b9:21:1c:8b:e8:b8:4e:fb:
fe:73:f1:20:43:17:29:6c:1a:33:6d:5a:bc:75:76:
4d:a4:93:39:c3:a4:d0:90:b5:ba:2f:00:ec:da:95:
11:e3:10:4a:c0:6a:3c:10:a8:6a:98:e7:fa:8a:36:
4b:6d:da:b2:25:36:4b:e1:54:31:1b:da:2b:92:2f:
37:b2:9d:19:86:95:a8:da:21:05:34:2b:f8:df:bc:
16:2e:49:29:1a:00:c5:6f:c2:c1:2c:fb:1c:0a:ee:
19:36:a3:c7:4c:93:c2:87:3b:47:76:91:62:c2:99:
ae:c6:d1:d5:17:fc:e7:e3:a0:18:5b:67:e4:41:ef:
76:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:85:B6:16:C2:7A:8F:A5:01:91:0D:14:43:0B:E3:AD:96:EE:6E:B3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/322e35362e3235332e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.253.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7d:95:0a:dc:fa:fb:d6:20:e8:23:8f:91:6f:c6:d8:74:3b:
82:39:4c:12:f9:da:ae:31:87:f1:f5:48:0a:00:56:cc:33:a4:
54:29:cb:2f:98:fb:3e:54:82:d5:a9:6e:b4:ee:1b:02:79:fc:
cb:e4:f4:99:f5:b9:39:df:a0:6a:f9:74:82:a5:c4:b9:f3:4d:
e9:97:c1:01:ae:31:43:5f:2f:8c:a8:16:1a:7e:2b:b4:b5:48:
93:b4:db:62:b3:c2:9e:91:9e:0a:97:8d:4c:a6:72:ce:00:ba:
c0:d7:8e:fb:ed:ea:14:89:24:57:0a:82:88:f1:8d:07:e4:15:
d8:55:31:9d:fe:14:3d:5d:60:6a:2b:9a:c4:57:3a:27:ea:93:
8d:28:a9:f9:97:db:54:a0:ad:e0:53:7a:6e:40:13:5d:6c:56:
f4:05:a6:00:e4:73:7a:47:f2:b8:52:e2:1b:73:2d:37:cc:c9:
93:31:63:af:d1:a9:e7:f0:07:b9:25:b1:67:1f:5e:c4:f3:a2:
f3:be:fe:90:e2:c1:e4:a4:e7:84:4c:99:10:a0:e6:fc:bb:dd:
79:50:6b:8d:88:fd:56:60:cd:94:e5:67:02:e7:34:4b:62:35:
8b:ab:35:b6:3b:5c:9e:c5:be:17:99:c8:d6:42:4c:6d:bc:bc:
5e:e4:7e:7f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUA7LLquXSRjzikT+e+GRinV/EfiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MjgyMzE4NTVaFw0yNzA0MjcyMzIzNTVaMDMxMTAvBgNV
BAMTKDVGODVCNjE2QzI3QThGQTUwMTkxMEQxNDQzMEJFM0FEOTZFRTZFQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2SVsxEzd96vWnNcm6ztLQ8y7s
1x3QcuMaGdG+jsQ+iY0hwbiRv3IOwc2901v4SpN6kZs+6LFoxuTbfoNpGPp2COiZ
1Ux9NV3htT9Rb+WHVVVIbtkX9L4wUF9uhCS+M2oTceGuxX2u9bZXqyt0Z67KoiqX
2wVuAEfID99JK865IRyL6LhO+/5z8SBDFylsGjNtWrx1dk2kkznDpNCQtbovAOza
lRHjEErAajwQqGqY5/qKNktt2rIlNkvhVDEb2iuSLzeynRmGlajaIQU0K/jfvBYu
SSkaAMVvwsEs+xwK7hk2o8dMk8KHO0d2kWLCma7G0dUX/OfjoBhbZ+RB73bBAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUX4W2FsJ6j6UBkQ0UQwvjrZbubrMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIyZTM1MzYyZTMyMzUzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI4
/TANBgkqhkiG9w0BAQsFAAOCAQEAY32VCtz6+9Yg6COPkW/G2HQ7gjlMEvnarjGH
8fVICgBWzDOkVCnLL5j7PlSC1alutO4bAnn8y+T0mfW5Od+gavl0gqXEufNN6ZfB
Aa4xQ18vjKgWGn4rtLVIk7TbYrPCnpGeCpeNTKZyzgC6wNeO++3qFIkkVwqCiPGN
B+QV2FUxnf4UPV1gaiuaxFc6J+qTjSip+ZfbVKCt4FN6bkATXWxW9AWmAORzekfy
uFLiG3MtN8zJkzFjr9Gp5/AHuSWxZx9exPOi877+kOLB5KTnhEyZEKDm/LvdeVBr
jYj9VmDNlOVnAuc0S2I1i6s1tjtcnsW+F5nI1kJMbby8XuR+fw==
-----END CERTIFICATE-----
Generated at Wed May 13 04:46:29 2026 by rpki-client