Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3136302e302f32322d3232203d3e20323132393830.roa
File: 3231372e3231362e3136302e302f32322d3232203d3e20323132393830.roa (raw, json)
Hash identifier: BRSlHsj2wi5h5SdAnmzrybK/rqExsTXo9cshTNqrsJ0=
Subject key identifier: 58:CC:80:7D:09:37:68:43:09:49:A8:4E:A3:B6:FA:3D:A8:89:64:B0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3885AD54E51FF44F299EB716D0981AD1BCB2F458
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3136302e302f32322d3232203d3e20323132393830.roa
Signing time: Thu 07 May 2026 16:12:56 +0000
ROA not before: Thu 07 May 2026 16:07:56 +0000
ROA not after: Thu 06 May 2027 16:12:56 +0000
asID: 212980
IP address blocks: 217.216.160.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:85:ad:54:e5:1f:f4:4f:29:9e:b7:16:d0:98:1a:d1:bc:b2:f4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 7 16:07:56 2026 GMT
Not After : May 6 16:12:56 2027 GMT
Subject: CN=58CC807D093768430949A84EA3B6FA3DA88964B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:46:8a:54:bc:99:f2:c8:37:24:6f:71:63:17:
0a:b3:28:4d:27:b9:e2:0d:54:04:b0:d0:3e:78:7c:
d7:76:7f:88:40:2b:af:34:64:c0:bd:20:98:d4:04:
c0:d4:ef:d7:37:d5:97:a8:2b:2c:77:26:b6:99:b4:
01:df:1d:05:4e:a1:c5:03:87:08:d5:c5:d0:31:1e:
11:4a:99:57:a8:c2:85:ef:b9:94:64:ee:4a:37:b1:
34:75:dc:67:30:81:77:bb:98:9c:cb:45:b6:e4:4a:
0f:f8:14:45:70:92:6b:a1:ec:63:9d:f4:04:1a:fa:
64:5d:98:fa:cd:dd:16:f7:96:98:47:55:df:fd:2f:
b7:9c:e4:69:30:86:fb:74:33:cf:a8:e9:1c:d7:ff:
64:dd:01:ac:e7:09:f4:87:64:62:9e:c8:8d:0f:7a:
92:f2:ed:4a:20:d6:a0:a8:99:07:ec:ea:3e:09:8f:
50:d3:3c:3e:dd:d5:51:c9:85:4d:b1:cb:ef:31:b4:
51:c1:f6:8f:e2:81:cd:76:af:22:9b:da:82:7c:5a:
0f:2c:39:14:43:c0:f5:84:0e:4e:51:2d:5a:b6:9d:
1b:86:66:ac:57:9a:a9:f0:a0:e4:69:ac:4f:64:26:
e3:45:a5:c5:71:a1:5f:93:ce:9a:f8:05:0f:21:bd:
c1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CC:80:7D:09:37:68:43:09:49:A8:4E:A3:B6:FA:3D:A8:89:64:B0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3136302e302f32322d3232203d3e20323132393830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.160.0/22
Signature Algorithm: sha256WithRSAEncryption
49:ce:4b:49:f0:8f:d5:5a:75:c3:5d:8c:2f:ba:9c:28:68:72:
e2:9c:bb:38:21:03:1e:3b:2a:a3:42:a9:c1:f3:4f:7a:fa:4a:
ee:f9:8e:4d:0c:2f:55:1b:36:e4:d0:51:9b:52:a1:69:30:00:
76:5b:38:bf:12:64:03:a1:32:5d:31:01:ac:9c:d8:17:99:b8:
88:a7:32:50:ad:cf:47:9c:11:ae:ea:11:71:ef:95:6a:0d:a6:
79:26:d2:66:15:4e:d5:6a:46:c7:0e:ee:b6:9b:df:f4:fe:42:
50:24:9e:1b:fd:68:59:ca:ca:5a:80:cc:d8:6f:bb:e1:34:31:
b5:a7:3d:26:9e:2f:e8:85:eb:a9:41:45:52:db:e6:68:78:17:
c5:85:bf:29:c6:89:26:d7:32:a9:c3:1a:29:69:52:32:e2:b5:
fa:a1:11:29:2e:0b:e0:e9:55:67:87:2d:8e:96:35:72:98:4d:
98:7d:43:ad:33:5a:54:58:0d:b0:fd:7d:20:ae:7e:94:b8:75:
00:3d:5d:27:c8:4f:4f:15:b8:4a:e3:32:dd:07:f8:05:de:a3:
91:84:f3:5a:5a:f0:10:3e:de:90:fe:23:d0:54:41:2e:ee:10:
35:6c:f6:e2:ae:95:0a:6a:30:c7:d1:99:7e:bf:10:19:8e:d5:
03:4b:22:2d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOIWtVOUf9E8pnrcW0Jga0byy9FgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MDcxNjA3NTZaFw0yNzA1MDYxNjEyNTZaMDMxMTAvBgNV
BAMTKDU4Q0M4MDdEMDkzNzY4NDMwOTQ5QTg0RUEzQjZGQTNEQTg4OTY0QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/RopUvJnyyDckb3FjFwqzKE0n
ueINVASw0D54fNd2f4hAK680ZMC9IJjUBMDU79c31ZeoKyx3JraZtAHfHQVOocUD
hwjVxdAxHhFKmVeowoXvuZRk7ko3sTR13GcwgXe7mJzLRbbkSg/4FEVwkmuh7GOd
9AQa+mRdmPrN3Rb3lphHVd/9L7ec5Gkwhvt0M8+o6RzX/2TdAaznCfSHZGKeyI0P
epLy7Uog1qComQfs6j4Jj1DTPD7d1VHJhU2xy+8xtFHB9o/igc12ryKb2oJ8Wg8s
ORRDwPWEDk5RLVq2nRuGZqxXmqnwoORprE9kJuNFpcVxoV+Tzpr4BQ8hvcExAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUWMyAfQk3aEMJSahOo7b6PaiJZLAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzYzMDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzEzMjM5MzgzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAtnYoDANBgkqhkiG9w0BAQsFAAOCAQEASc5LSfCP1Vp1w12ML7qcKGhy4py7
OCEDHjsqo0KpwfNPevpK7vmOTQwvVRs25NBRm1KhaTAAdls4vxJkA6EyXTEBrJzY
F5m4iKcyUK3PR5wRruoRce+Vag2meSbSZhVO1WpGxw7utpvf9P5CUCSeG/1oWcrK
WoDM2G+74TQxtac9Jp4v6IXrqUFFUtvmaHgXxYW/KcaJJtcyqcMaKWlSMuK1+qER
KS4L4OlVZ4ctjpY1cphNmH1DrTNaVFgNsP19IK5+lLh1AD1dJ8hPTxW4SuMy3Qf4
Bd6jkYTzWlrwED7ekP4j0FRBLu4QNWz24q6VCmowx9GZfr8QGY7VA0siLQ==
-----END CERTIFICATE-----
Generated at Wed May 13 05:46:52 2026 by rpki-client