Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3134302e302f32322d3232203d3e20323132393830.roa
File: 3231372e3231372e3134302e302f32322d3232203d3e20323132393830.roa (raw, json)
Hash identifier: k2fjvLQa3VPk2FVDVEYjoZ59HfoBA/XzuEo12Wz7Om0=
Subject key identifier: 88:94:7C:E9:6B:D6:18:42:D9:B5:5D:EE:4B:50:34:81:B3:16:D0:4F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5565ED3C83EE8298A38744411FC8DE32F5570D9D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3134302e302f32322d3232203d3e20323132393830.roa
Signing time: Mon 11 May 2026 14:43:13 +0000
ROA not before: Mon 11 May 2026 14:38:13 +0000
ROA not after: Mon 10 May 2027 14:43:13 +0000
asID: 212980
IP address blocks: 217.217.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:65:ed:3c:83:ee:82:98:a3:87:44:41:1f:c8:de:32:f5:57:0d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 11 14:38:13 2026 GMT
Not After : May 10 14:43:13 2027 GMT
Subject: CN=88947CE96BD61842D9B55DEE4B503481B316D04F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:99:d0:22:c2:bb:37:c2:9e:2f:08:be:a8:8d:
cb:70:e1:23:ee:1b:16:36:8c:e7:df:ea:78:87:82:
1a:e9:cc:70:5e:83:5f:ec:4e:bf:7b:99:e9:82:dd:
1e:b4:76:b5:e0:48:c3:5d:98:22:08:c8:b8:d3:d7:
03:72:bc:bd:f2:67:13:52:7d:30:0d:f9:8e:f1:57:
96:74:cc:e4:f0:e6:f7:0a:cf:6d:80:96:a9:d9:e0:
1e:b0:5d:c9:4c:7b:30:d6:77:39:09:4c:62:f5:57:
4b:03:e2:62:d2:18:43:8c:6d:ea:3d:4c:92:e4:66:
d9:c4:d3:c1:95:71:95:77:1b:d9:a3:d6:61:f7:8d:
24:48:88:66:8a:cf:d3:77:4d:a1:59:ba:fc:1d:51:
77:2b:eb:5f:32:27:1b:82:cf:9a:a2:76:e9:1f:0e:
00:4e:6a:68:29:47:ea:cd:2a:60:14:39:e3:b7:42:
71:97:bd:c2:72:d6:63:85:ef:ee:f0:36:19:7e:a9:
ce:eb:a1:90:9e:05:f9:9f:99:c1:40:95:ac:ca:77:
3c:59:69:41:64:72:d9:a0:1f:ad:42:ed:60:ef:27:
32:82:ac:9b:ce:02:6a:8b:bd:b6:7d:bd:14:96:f9:
b1:1a:68:dd:ad:46:eb:94:ee:51:b5:4e:fd:ea:b6:
92:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:94:7C:E9:6B:D6:18:42:D9:B5:5D:EE:4B:50:34:81:B3:16:D0:4F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3134302e302f32322d3232203d3e20323132393830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.140.0/22
Signature Algorithm: sha256WithRSAEncryption
00:04:19:ab:c1:40:64:fa:c7:7c:1c:73:4c:a8:74:56:ec:b1:
d9:5f:e8:95:d6:08:26:4a:50:55:32:31:01:f1:84:e8:6f:05:
5c:45:fb:39:41:cc:80:a9:b5:9d:9e:26:79:66:4c:ed:2d:77:
8c:8c:af:96:14:c0:98:80:99:c0:6f:3a:14:ef:47:a2:b8:95:
ff:76:ad:90:77:c1:c7:1b:9b:9d:f4:06:c8:54:45:26:69:4b:
6e:40:b4:2b:a8:64:1e:cf:d7:5c:94:c4:ee:65:c9:c0:66:98:
c9:9a:37:3f:3e:e4:76:bf:40:00:6c:3d:2a:7a:33:5c:c1:67:
54:b4:6f:58:27:19:7b:c5:aa:7b:6c:98:7b:2c:6e:da:71:de:
7c:e7:f0:b4:44:78:37:56:dc:a3:ad:3e:a3:08:98:04:72:74:
46:1f:45:f3:10:2d:13:aa:fc:26:f2:14:ba:b0:ad:a2:23:b7:
8f:80:d4:eb:e2:f8:74:23:1c:c6:4e:48:ef:89:ce:e1:ec:d0:
38:aa:36:5c:1d:18:6e:cd:2e:10:16:bb:c4:e5:bc:d9:cd:9f:
9b:79:38:aa:5f:89:cf:95:56:c7:c9:93:6e:cb:2d:bf:67:84:
ac:77:b0:fd:69:fc:ae:1d:6a:60:7b:41:c6:7b:55:73:5c:c1:
e4:59:45:9f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVWXtPIPugpijh0RBH8jeMvVXDZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MTExNDM4MTNaFw0yNzA1MTAxNDQzMTNaMDMxMTAvBgNV
BAMTKDg4OTQ3Q0U5NkJENjE4NDJEOUI1NURFRTRCNTAzNDgxQjMxNkQwNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwmdAiwrs3wp4vCL6ojctw4SPu
GxY2jOff6niHghrpzHBeg1/sTr97memC3R60drXgSMNdmCIIyLjT1wNyvL3yZxNS
fTAN+Y7xV5Z0zOTw5vcKz22AlqnZ4B6wXclMezDWdzkJTGL1V0sD4mLSGEOMbeo9
TJLkZtnE08GVcZV3G9mj1mH3jSRIiGaKz9N3TaFZuvwdUXcr618yJxuCz5qidukf
DgBOamgpR+rNKmAUOeO3QnGXvcJy1mOF7+7wNhl+qc7roZCeBfmfmcFAlazKdzxZ
aUFkctmgH61C7WDvJzKCrJvOAmqLvbZ9vRSW+bEaaN2tRuuU7lG1Tv3qtpIRAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUiJR86WvWGELZtV3uS1A0gbMW0E8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzQzMDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzEzMjM5MzgzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAtnZjDANBgkqhkiG9w0BAQsFAAOCAQEAAAQZq8FAZPrHfBxzTKh0Vuyx2V/o
ldYIJkpQVTIxAfGE6G8FXEX7OUHMgKm1nZ4meWZM7S13jIyvlhTAmICZwG86FO9H
oriV/3atkHfBxxubnfQGyFRFJmlLbkC0K6hkHs/XXJTE7mXJwGaYyZo3Pz7kdr9A
AGw9KnozXMFnVLRvWCcZe8Wqe2yYeyxu2nHefOfwtER4N1bco60+owiYBHJ0Rh9F
8xAtE6r8JvIUurCtoiO3j4DU6+L4dCMcxk5I74nO4ezQOKo2XB0Ybs0uEBa7xOW8
2c2fm3k4ql+Jz5VWx8mTbsstv2eErHew/Wn8rh1qYHtBxntVc1zB5FlFnw==
-----END CERTIFICATE-----
Generated at Wed May 13 05:50:15 2026 by rpki-client