Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139342e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3139342e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: XXeDjkCHbQ4SsslAfkTNDZVqm+dJXyvG97tbo4Y64tw=
Subject key identifier: 59:A9:D2:B2:4D:F7:F3:7A:D8:AC:03:2E:47:1A:40:F1:C8:18:E1:33
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7461A24B29BC1E0AF377F974C4484ED66BFDBA91
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139342e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:18 +0000
ROA not before: Wed 25 Mar 2026 08:44:18 +0000
ROA not after: Wed 24 Mar 2027 08:49:18 +0000
asID: 48266
IP address blocks: 217.217.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:61:a2:4b:29:bc:1e:0a:f3:77:f9:74:c4:48:4e:d6:6b:fd:ba:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:18 2026 GMT
Not After : Mar 24 08:49:18 2027 GMT
Subject: CN=59A9D2B24DF7F37AD8AC032E471A40F1C818E133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1f:21:98:84:73:6d:a2:c9:28:e3:f2:58:9d:
5e:ec:b4:3b:7a:6b:b1:a5:20:4d:e3:c7:44:26:0a:
e2:e6:cc:96:40:0b:92:d0:b6:6d:a0:58:45:4e:e2:
5a:8a:59:c7:d0:03:30:78:8c:bd:3c:24:c9:99:67:
f2:fc:1c:92:20:30:79:a2:91:c1:a0:cd:c1:44:dc:
d1:69:5b:99:61:58:c9:e7:3a:ff:d8:a7:c9:93:54:
74:27:93:4a:d7:ba:9a:1a:a0:e6:c2:88:3f:89:06:
54:f3:dd:9c:a8:ff:ce:50:2f:ac:03:7c:89:2f:fd:
f3:b3:05:df:b4:b4:9b:0e:b4:12:c0:9c:b3:0a:7a:
ea:cf:07:9b:5d:f7:d4:3b:c1:03:c0:49:53:c9:be:
b9:71:55:a4:98:2d:b4:75:df:d1:f3:2b:2b:e2:92:
22:ec:9b:33:20:e7:9d:38:81:98:b4:87:1d:52:a6:
21:23:da:1d:4a:96:11:25:85:1d:f6:6d:fa:bf:00:
70:f9:0e:b4:02:fd:f2:b3:9d:65:b8:07:a8:6a:c8:
55:8c:56:63:7a:f0:89:b6:0b:b5:d2:b7:0b:78:b0:
98:9f:6d:19:98:ad:07:bd:8b:74:5c:5c:ee:d2:1c:
0b:d1:d0:4e:50:13:6e:2f:53:2d:29:74:a5:41:a3:
57:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:A9:D2:B2:4D:F7:F3:7A:D8:AC:03:2E:47:1A:40:F1:C8:18:E1:33
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139342e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.194.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:44:dd:6c:b1:5c:b0:f8:ca:d5:c5:f2:29:f3:cf:d7:7b:c5:
0c:7f:b2:1d:02:10:2d:77:99:45:cf:04:21:ac:39:2b:11:dd:
e1:ce:ef:1e:81:c2:72:f6:ea:99:40:89:b3:27:7c:5d:9c:35:
e8:89:01:62:fe:2a:73:b7:9e:56:3c:ae:b8:bb:91:be:05:c1:
30:b5:73:91:d3:e8:ee:5f:a5:7b:87:b8:18:f1:e9:a3:61:95:
0c:5b:30:f8:71:a0:95:fe:21:f1:5c:cf:b1:5e:2a:20:e9:d7:
21:78:e0:01:81:f6:66:84:aa:73:ee:b1:b9:42:48:b4:55:6d:
5c:60:9a:ff:d8:9a:51:80:5c:d1:29:9a:da:36:a1:68:ee:bc:
9d:62:c3:61:0d:97:4b:f0:fb:01:4f:4c:77:87:35:27:ec:9e:
1e:fe:d5:89:10:c9:6d:39:9a:19:a1:21:6e:6c:1f:52:53:b0:
89:96:ed:ec:68:03:54:da:89:9c:dc:63:9c:cc:a9:55:be:3b:
bd:89:10:47:37:bd:09:04:8a:cc:59:f2:38:41:d2:7e:62:ac:
27:8e:5a:f5:85:3c:59:44:b3:a3:b6:63:d4:46:c8:77:96:49:
5f:b5:1a:ed:54:4b:4c:17:02:56:ed:aa:45:21:e3:52:5b:d0:
72:14:15:ec
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdGGiSym8Hgrzd/l0xEhO1mv9upEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MThaFw0yNzAzMjQwODQ5MThaMDMxMTAvBgNV
BAMTKDU5QTlEMkIyNERGN0YzN0FEOEFDMDMyRTQ3MUE0MEYxQzgxOEUxMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLHyGYhHNtosko4/JYnV7stDt6
a7GlIE3jx0QmCuLmzJZAC5LQtm2gWEVO4lqKWcfQAzB4jL08JMmZZ/L8HJIgMHmi
kcGgzcFE3NFpW5lhWMnnOv/Yp8mTVHQnk0rXupoaoObCiD+JBlTz3Zyo/85QL6wD
fIkv/fOzBd+0tJsOtBLAnLMKeurPB5td99Q7wQPASVPJvrlxVaSYLbR139HzKyvi
kiLsmzMg5504gZi0hx1SpiEj2h1KlhElhR32bfq/AHD5DrQC/fKznWW4B6hqyFWM
VmN68Im2C7XStwt4sJifbRmYrQe9i3RcXO7SHAvR0E5QE24vUy0pdKVBo1czAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWanSsk3383rYrAMuRxpA8cgY4TMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzkzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2cIwDQYJKoZIhvcNAQELBQADggEBAC5E3WyxXLD4ytXF8inzz9d7xQx/sh0C
EC13mUXPBCGsOSsR3eHO7x6BwnL26plAibMnfF2cNeiJAWL+KnO3nlY8rri7kb4F
wTC1c5HT6O5fpXuHuBjx6aNhlQxbMPhxoJX+IfFcz7FeKiDp1yF44AGB9maEqnPu
sblCSLRVbVxgmv/YmlGAXNEpmto2oWjuvJ1iw2ENl0vw+wFPTHeHNSfsnh7+1YkQ
yW05mhmhIW5sH1JTsImW7exoA1TaiZzcY5zMqVW+O72JEEc3vQkEisxZ8jhB0n5i
rCeOWvWFPFlEs6O2Y9RGyHeWSV+1Gu1US0wXAlbtqkUh41Jb0HIUFew=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:47 2026 by rpki-client