Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139332e302f32342d3234203d3e20323134303235.roa
File: 3231372e3231362e3139332e302f32342d3234203d3e20323134303235.roa (raw, json)
Hash identifier: MYx1vouwkYfid6rQhwKlrAoIIvXVKn+60kZ4uMWFCzk=
Subject key identifier: 96:50:A4:E0:99:DE:4E:E5:70:39:90:7F:3C:54:8C:10:85:65:99:13
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5045411A49B5905F741C8B311BA0569F55971F17
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139332e302f32342d3234203d3e20323134303235.roa
Signing time: Wed 25 Mar 2026 11:55:45 +0000
ROA not before: Wed 25 Mar 2026 11:50:45 +0000
ROA not after: Wed 24 Mar 2027 11:55:45 +0000
asID: 214025
IP address blocks: 217.216.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:45:41:1a:49:b5:90:5f:74:1c:8b:31:1b:a0:56:9f:55:97:1f:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 11:50:45 2026 GMT
Not After : Mar 24 11:55:45 2027 GMT
Subject: CN=9650A4E099DE4EE57039907F3C548C1085659913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:62:11:86:b5:73:20:ab:46:e1:13:ef:01:1d:
02:93:60:55:93:ab:26:2a:d3:77:c1:1e:59:ca:60:
0f:2f:91:ea:15:4c:e1:b5:23:22:dc:ec:18:7f:aa:
60:b0:df:ad:6e:12:86:57:6b:39:95:3c:a3:2b:60:
ab:e6:af:35:eb:89:bd:fb:31:26:ab:89:c5:87:40:
da:26:9e:75:9f:0d:94:8a:9c:b9:cc:0e:f8:c0:34:
de:a2:75:34:25:a7:da:12:68:c0:08:98:60:f4:96:
4c:62:a7:61:76:7f:1a:fe:11:0d:11:c5:8d:09:36:
83:39:64:8d:8b:74:82:41:ea:83:d3:e5:ba:ad:98:
9f:11:ad:e0:5c:f3:ba:53:b6:e0:d1:4c:52:50:df:
11:ad:23:af:67:cc:6d:04:52:e8:d6:89:81:f7:47:
df:1f:3c:61:b6:99:25:5b:80:ef:93:95:c2:99:8e:
9e:48:2a:3d:ac:a6:d4:5a:27:57:2c:fa:38:7f:36:
02:f6:2a:b5:49:e7:1b:17:cc:33:8d:80:b4:bc:c7:
7c:c3:6c:fb:51:45:87:95:f6:fd:26:c9:d9:32:34:
ba:06:74:84:0c:9a:e8:05:be:76:03:02:b0:a1:fe:
6f:b8:57:45:99:6b:c8:2e:40:17:11:a4:49:b6:47:
9c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:50:A4:E0:99:DE:4E:E5:70:39:90:7F:3C:54:8C:10:85:65:99:13
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139332e302f32342d3234203d3e20323134303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.193.0/24
Signature Algorithm: sha256WithRSAEncryption
98:66:6d:3f:c6:62:38:8a:7d:22:78:12:fe:94:7f:cf:e5:4a:
d9:a5:42:ed:3a:f1:46:4c:67:b7:91:c8:81:bf:7b:d0:e1:54:
8c:9e:9b:b8:ef:2b:71:63:fe:65:0c:e0:bc:d7:80:6e:25:03:
82:00:e4:52:34:62:3d:8e:39:9e:ae:a4:28:31:12:13:97:16:
79:07:31:13:13:2e:54:84:ec:17:08:2b:b2:8f:55:90:ca:d0:
cd:d7:25:c6:6f:b0:b8:9a:b4:25:74:d4:24:bf:f3:89:ef:10:
f3:48:ef:aa:19:23:d7:eb:74:d4:4f:e2:b1:43:13:d3:5c:3d:
46:b6:49:51:7e:98:20:41:2f:c6:ad:bc:f2:e9:de:47:23:b4:
37:fc:69:f7:82:95:07:bc:1d:91:20:8b:76:b6:26:c2:1e:b5:
99:b0:06:2b:3a:fe:d2:c2:fb:a0:8f:be:59:cd:b6:e5:74:48:
53:6b:58:92:cb:92:0b:91:ba:6a:4e:ac:0f:65:e3:c9:51:dd:
97:5e:c8:84:fc:cb:22:a9:93:c8:10:4a:49:4a:d7:03:f9:76:
e3:dd:1b:97:c1:ae:87:96:37:fb:2e:0c:7e:e4:bb:c5:7a:0d:
b6:69:39:ee:83:0d:6c:5f:ae:a1:61:85:48:8d:60:93:4e:0b:
24:4d:ea:b7
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUEVBGkm1kF90HIsxG6BWn1WXHxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUxMTUwNDVaFw0yNzAzMjQxMTU1NDVaMDMxMTAvBgNV
BAMTKDk2NTBBNEUwOTlERTRFRTU3MDM5OTA3RjNDNTQ4QzEwODU2NTk5MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQYhGGtXMgq0bhE+8BHQKTYFWT
qyYq03fBHlnKYA8vkeoVTOG1IyLc7Bh/qmCw361uEoZXazmVPKMrYKvmrzXrib37
MSaricWHQNomnnWfDZSKnLnMDvjANN6idTQlp9oSaMAImGD0lkxip2F2fxr+EQ0R
xY0JNoM5ZI2LdIJB6oPT5bqtmJ8RreBc87pTtuDRTFJQ3xGtI69nzG0EUujWiYH3
R98fPGG2mSVbgO+TlcKZjp5IKj2sptRaJ1cs+jh/NgL2KrVJ5xsXzDONgLS8x3zD
bPtRRYeV9v0mydkyNLoGdIQMmugFvnYDArCh/m+4V0WZa8guQBcRpEm2R5xTAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUllCk4JneTuVwOZB/PFSMEIVlmRMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzkzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDMwMzIzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYwTANBgkqhkiG9w0BAQsFAAOCAQEAmGZtP8ZiOIp9IngS/pR/z+VK2aVC
7TrxRkxnt5HIgb970OFUjJ6buO8rcWP+ZQzgvNeAbiUDggDkUjRiPY45nq6kKDES
E5cWeQcxExMuVITsFwgrso9VkMrQzdclxm+wuJq0JXTUJL/zie8Q80jvqhkj1+t0
1E/isUMT01w9RrZJUX6YIEEvxq288uneRyO0N/xp94KVB7wdkSCLdrYmwh61mbAG
Kzr+0sL7oI++Wc225XRIU2tYksuSC5G6ak6sD2XjyVHdl17IhPzLIqmTyBBKSUrX
A/l2490bl8Guh5Y3+y4MfuS7xXoNtmk57oMNbF+uoWGFSI1gk04LJE3qtw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:53:36 2026 by rpki-client