Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139322e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3139322e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: jERWMAUriypkOkRJ58Y2EWFGBeGR0E0mD02NUmkQF44=
Subject key identifier: 29:05:E8:8D:47:7F:F9:1A:C7:F8:1E:68:79:A5:2D:EE:E1:4D:F8:0D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4FFF4A7C334DF73C156C7D2D861595371C171273
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139322e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:19 +0000
ROA not before: Wed 25 Mar 2026 08:44:19 +0000
ROA not after: Wed 24 Mar 2027 08:49:19 +0000
asID: 48266
IP address blocks: 217.217.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:ff:4a:7c:33:4d:f7:3c:15:6c:7d:2d:86:15:95:37:1c:17:12:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:19 2026 GMT
Not After : Mar 24 08:49:19 2027 GMT
Subject: CN=2905E88D477FF91AC7F81E6879A52DEEE14DF80D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:87:78:1a:e2:ad:b8:c1:35:7f:b2:50:e0:d7:
d4:4d:bc:ca:9a:f1:44:2f:ad:d5:53:ce:7c:2c:d9:
d4:fb:8e:86:0a:49:16:db:98:62:3a:df:71:72:95:
74:f4:98:f5:90:ba:d9:61:61:4e:9c:df:87:65:ec:
17:68:b8:c7:46:bf:9b:5c:aa:9f:5f:cb:fc:1c:68:
ac:58:84:7d:3f:a1:c2:c8:63:ff:4f:7c:17:bb:c7:
fe:2f:13:50:db:e4:df:79:44:58:25:dc:25:7b:7d:
b3:83:c5:6a:65:7a:fb:49:a7:41:c2:4a:0a:95:92:
af:40:29:f7:f4:0e:82:f2:7f:68:28:31:8d:6b:23:
1c:68:6a:82:5b:00:78:53:e5:d9:97:c0:49:e9:39:
26:3c:03:a6:58:c9:4f:82:58:81:e6:4f:0e:f6:64:
57:c0:98:ee:b7:41:cc:2a:2f:93:84:42:c2:74:be:
81:3b:8a:ba:3f:27:d0:a5:6f:4e:d4:28:4c:75:71:
ff:fd:b6:83:5a:dc:2c:9a:52:0f:9e:5b:86:fb:7b:
9e:4e:da:40:2c:44:0e:28:53:66:cd:c5:e5:cb:26:
1d:7c:a4:14:ef:a7:a8:01:46:2d:9c:01:74:c2:32:
bc:89:18:5d:0a:05:f2:33:b6:f5:98:28:b4:09:59:
0c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:05:E8:8D:47:7F:F9:1A:C7:F8:1E:68:79:A5:2D:EE:E1:4D:F8:0D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139322e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.192.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:86:9b:8f:cc:c5:b9:31:df:41:d5:3e:54:94:59:48:80:17:
73:04:33:5a:b9:06:d6:f0:02:3d:dc:4b:02:ce:22:d1:81:3a:
8a:36:20:62:93:2b:8d:f8:ef:94:d3:93:e6:14:f3:99:f0:55:
be:20:0e:2a:72:68:be:38:fe:3c:b5:55:50:f1:84:e6:15:8f:
a6:54:77:a8:bd:2f:cd:61:7a:3d:cd:f6:73:1b:c4:43:1e:7b:
06:1f:d0:fb:74:4e:0f:7d:3f:1f:be:39:55:11:f1:88:50:71:
ed:0a:29:9f:1e:e8:3d:0a:d3:fa:cf:e5:2c:9b:60:20:ba:3a:
1f:5f:a7:d6:1c:c6:65:9e:aa:11:8c:f4:4d:ce:c5:73:7e:0e:
dc:cf:f9:38:c2:3d:9f:c6:c1:e7:ed:c2:2f:c9:04:d7:32:11:
b0:18:ab:95:12:86:7b:72:c2:9b:fa:ef:74:62:64:3c:e1:9c:
92:e8:c3:e2:4d:64:eb:4e:f5:93:51:86:07:18:8e:cb:71:b4:
a3:0b:f4:73:c1:94:6a:86:1f:ac:fd:7a:60:6f:c8:bc:f1:1c:
cc:4b:8f:9e:c1:6a:9b:c9:0b:2a:88:7a:92:5a:4a:41:55:73:
e3:40:88:9c:30:b9:c8:f6:18:4d:13:9d:53:db:b4:e3:3c:c8:
5a:e3:27:ba
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUT/9KfDNN9zwVbH0thhWVNxwXEnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MTlaFw0yNzAzMjQwODQ5MTlaMDMxMTAvBgNV
BAMTKDI5MDVFODhENDc3RkY5MUFDN0Y4MUU2ODc5QTUyREVFRTE0REY4MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7h3ga4q24wTV/slDg19RNvMqa
8UQvrdVTznws2dT7joYKSRbbmGI633FylXT0mPWQutlhYU6c34dl7BdouMdGv5tc
qp9fy/wcaKxYhH0/ocLIY/9PfBe7x/4vE1Db5N95RFgl3CV7fbODxWplevtJp0HC
SgqVkq9AKff0DoLyf2goMY1rIxxoaoJbAHhT5dmXwEnpOSY8A6ZYyU+CWIHmTw72
ZFfAmO63QcwqL5OEQsJ0voE7iro/J9Clb07UKEx1cf/9toNa3CyaUg+eW4b7e55O
2kAsRA4oU2bNxeXLJh18pBTvp6gBRi2cAXTCMryJGF0KBfIztvWYKLQJWQx3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKQXojUd/+RrH+B5oeaUt7uFN+A0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzkzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2cAwDQYJKoZIhvcNAQELBQADggEBACqGm4/Mxbkx30HVPlSUWUiAF3MEM1q5
BtbwAj3cSwLOItGBOoo2IGKTK43475TTk+YU85nwVb4gDipyaL44/jy1VVDxhOYV
j6ZUd6i9L81hej3N9nMbxEMeewYf0Pt0Tg99Px++OVUR8YhQce0KKZ8e6D0K0/rP
5SybYCC6Oh9fp9YcxmWeqhGM9E3OxXN+DtzP+TjCPZ/Gweftwi/JBNcyEbAYq5US
hntywpv673RiZDzhnJLow+JNZOtO9ZNRhgcYjstxtKML9HPBlGqGH6z9emBvyLzx
HMxLj57BapvJCyqIepJaSkFVc+NAiJwwucj2GE0TnVPbtOM8yFrjJ7o=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:49 2026 by rpki-client