Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139382e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3139382e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: 1RnjK7JlXiCEM0f+3R6FzkQTQjtWoYLAHHeo4nlM6QY=
Subject key identifier: A6:D3:3D:8E:9C:A1:91:1A:2A:09:DA:22:BF:18:28:61:80:D5:08:54
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 12EC599290F453E85B95236DFBFBFAC93A36B3AE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139382e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:15 +0000
ROA not before: Wed 25 Mar 2026 08:44:15 +0000
ROA not after: Wed 24 Mar 2027 08:49:15 +0000
asID: 48266
IP address blocks: 217.217.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ec:59:92:90:f4:53:e8:5b:95:23:6d:fb:fb:fa:c9:3a:36:b3:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:15 2026 GMT
Not After : Mar 24 08:49:15 2027 GMT
Subject: CN=A6D33D8E9CA1911A2A09DA22BF18286180D50854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c8:ee:60:db:62:34:32:8d:a2:8e:b1:31:d1:
06:5f:67:65:44:ee:ca:03:6a:77:23:8d:dd:ba:09:
c1:d3:22:5c:6f:cb:cc:bb:d0:4e:40:2e:22:b1:bf:
ea:cf:d9:b3:06:a0:5b:58:55:11:9f:2b:8f:ea:9e:
22:2b:39:81:23:19:4f:ab:50:85:8a:79:6f:70:be:
e9:10:fe:11:67:14:ec:9f:ba:e6:aa:f8:e8:89:3b:
ad:99:9e:87:f5:0d:a5:ec:c1:54:68:91:5a:9c:b3:
d6:fb:78:f7:06:f6:e5:9b:00:6b:81:07:b8:3b:e3:
9d:be:e6:df:f0:c5:4f:34:48:b5:e0:16:d0:50:c5:
a4:50:d5:ea:cb:d9:75:da:07:e9:ea:1f:53:71:8c:
77:97:f7:27:aa:02:bd:6c:f9:f0:98:39:02:18:84:
8b:70:63:a5:a9:6d:5e:13:af:91:98:d5:1d:b2:cb:
2d:07:65:e7:7d:ba:fc:45:ea:0e:d0:84:34:6d:4a:
74:3e:7b:bc:0e:7d:b7:13:f7:34:a2:91:e5:ff:c1:
6b:bd:2d:66:0e:14:ac:65:0a:b5:ca:7b:32:24:1e:
51:7c:07:55:e3:bd:c6:d3:df:51:a3:5b:51:c0:9f:
eb:c9:e7:0b:36:cc:a7:6d:86:8b:29:b2:57:a7:8c:
e0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D3:3D:8E:9C:A1:91:1A:2A:09:DA:22:BF:18:28:61:80:D5:08:54
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139382e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.198.0/24
Signature Algorithm: sha256WithRSAEncryption
00:09:12:03:15:74:2a:54:0b:e9:ae:08:d7:4a:4d:29:8d:bd:
03:66:15:ab:68:80:bc:53:ed:dc:3e:2f:6b:cf:0f:1b:be:5d:
43:6b:a5:f5:48:c1:a8:ff:39:de:9e:fa:7c:13:99:dc:31:9b:
6a:53:e6:32:97:07:b4:7b:06:70:ac:a9:9d:44:19:75:80:00:
3c:7b:6c:f3:30:18:29:84:47:35:70:3e:ad:5b:eb:9f:f1:bb:
b2:51:f1:f9:26:9e:63:da:d1:4c:70:ce:63:a2:fd:60:56:7b:
8b:40:61:34:26:42:11:fb:13:05:a7:82:a1:f0:94:56:18:18:
20:c9:f4:12:b9:3d:2d:b3:39:24:ad:01:71:ee:8a:22:f2:ce:
2d:71:fd:30:24:2e:46:d6:ed:22:55:23:d4:97:57:93:32:e1:
e7:d6:20:3f:7e:97:bf:47:2b:45:a9:72:be:7a:67:81:22:a4:
26:73:b1:90:5c:4f:a0:7a:e0:47:a8:7a:0d:11:6b:42:f3:3e:
62:47:81:3d:f7:63:6d:fd:b6:f2:fd:fc:cb:61:2d:75:ba:29:
a6:f0:3b:99:70:ad:8b:06:e6:3b:89:67:b5:35:e8:9e:af:0f:
e1:01:51:b3:aa:9d:a5:66:04:3b:5c:af:d7:13:a8:a7:4b:62:
83:4a:d1:53
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEuxZkpD0U+hblSNt+/v6yTo2s64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MTVaFw0yNzAzMjQwODQ5MTVaMDMxMTAvBgNV
BAMTKEE2RDMzRDhFOUNBMTkxMUEyQTA5REEyMkJGMTgyODYxODBENTA4NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCyO5g22I0Mo2ijrEx0QZfZ2VE
7soDancjjd26CcHTIlxvy8y70E5ALiKxv+rP2bMGoFtYVRGfK4/qniIrOYEjGU+r
UIWKeW9wvukQ/hFnFOyfuuaq+OiJO62Znof1DaXswVRokVqcs9b7ePcG9uWbAGuB
B7g7452+5t/wxU80SLXgFtBQxaRQ1erL2XXaB+nqH1NxjHeX9yeqAr1s+fCYOQIY
hItwY6WpbV4Tr5GY1R2yyy0HZed9uvxF6g7QhDRtSnQ+e7wOfbcT9zSikeX/wWu9
LWYOFKxlCrXKezIkHlF8B1XjvcbT31GjW1HAn+vJ5ws2zKdthospslenjOABAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUptM9jpyhkRoqCdoivxgoYYDVCFQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2cYwDQYJKoZIhvcNAQELBQADggEBAAAJEgMVdCpUC+muCNdKTSmNvQNmFato
gLxT7dw+L2vPDxu+XUNrpfVIwaj/Od6e+nwTmdwxm2pT5jKXB7R7BnCsqZ1EGXWA
ADx7bPMwGCmERzVwPq1b65/xu7JR8fkmnmPa0UxwzmOi/WBWe4tAYTQmQhH7EwWn
gqHwlFYYGCDJ9BK5PS2zOSStAXHuiiLyzi1x/TAkLkbW7SJVI9SXV5My4efWID9+
l79HK0Wpcr56Z4EipCZzsZBcT6B64Eeoeg0Ra0LzPmJHgT33Y239tvL9/MthLXW6
KabwO5lwrYsG5juJZ7U16J6vD+EBUbOqnaVmBDtcr9cTqKdLYoNK0VM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:46 2026 by rpki-client