Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230302e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3230302e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: C7Tgd8iM4verMX1jlpSJ/bSSj1OIXvCDJ4FqlfBnj1s=
Subject key identifier: D9:F4:7E:C7:37:3D:6B:B2:8F:62:24:7A:E9:53:B2:2B:3E:D1:22:ED
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 26E95D706CB48BCC4CA7C7DCCAE8036F6D7CFCCF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230302e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:14 +0000
ROA not before: Wed 25 Mar 2026 08:44:14 +0000
ROA not after: Wed 24 Mar 2027 08:49:14 +0000
asID: 48266
IP address blocks: 217.217.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:e9:5d:70:6c:b4:8b:cc:4c:a7:c7:dc:ca:e8:03:6f:6d:7c:fc:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:14 2026 GMT
Not After : Mar 24 08:49:14 2027 GMT
Subject: CN=D9F47EC7373D6BB28F62247AE953B22B3ED122ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:8a:3d:a0:ee:5b:19:9b:ea:e5:4d:4e:d6:
de:00:8b:dc:5e:bb:43:cf:10:e0:e2:56:b5:76:a9:
32:f8:68:4c:a6:4a:22:6b:86:7f:21:dd:49:ab:db:
47:b5:b0:d2:ab:de:7b:91:eb:96:ee:86:77:e5:97:
0c:8e:99:3e:a7:52:e2:8b:9d:41:bf:44:2d:74:39:
76:69:20:0b:94:0d:7c:11:52:1b:2d:84:15:58:93:
3f:11:36:0b:a1:ee:0f:31:9d:ac:3d:68:38:42:49:
ae:68:19:24:87:46:3c:b5:e2:ab:e0:de:b2:5b:fd:
7a:ae:df:4b:55:3a:2f:ae:ca:29:df:9b:ca:d8:e3:
3a:ab:6a:4d:2a:a6:10:bd:29:b5:fb:0e:c2:d1:9d:
25:99:4e:ab:a1:45:1c:7a:d2:97:40:85:38:3a:69:
9d:1e:dd:ed:aa:68:fc:bb:56:2d:d3:54:d4:7b:84:
5d:fe:9e:4a:2f:50:cb:ef:73:8d:f3:cf:45:16:1e:
a1:96:af:7a:66:16:b1:d5:1b:42:39:96:2c:08:f2:
4b:59:59:fa:5e:79:d5:ee:ed:b5:e6:59:43:a6:cb:
69:ae:20:72:1c:e0:a5:04:7a:fb:da:c3:a6:47:f5:
88:0b:a9:43:ae:47:f7:3f:05:e1:43:f4:fe:c1:9f:
b0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F4:7E:C7:37:3D:6B:B2:8F:62:24:7A:E9:53:B2:2B:3E:D1:22:ED
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230302e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.200.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:e1:46:91:86:d7:86:dc:35:a8:42:e4:a3:34:8c:ef:61:0d:
16:8f:90:09:a4:3b:fd:f1:62:9d:a5:02:af:e7:84:d1:41:c3:
bf:a1:b1:6b:3a:4d:89:06:2a:f1:89:de:3d:ca:2b:26:f4:cf:
a4:d2:fd:55:08:7d:98:3c:7b:76:15:14:68:8f:69:6a:52:fb:
7c:91:65:06:bc:40:9a:7e:31:24:5d:b9:0a:22:67:ed:fb:e1:
34:2d:ed:25:37:71:8d:a2:7c:fc:81:7f:f4:58:1b:98:e7:5e:
d2:72:c9:f7:f7:00:fe:53:4e:bd:09:25:28:55:f4:ea:26:11:
a5:58:84:83:a5:b7:f9:c5:3d:78:4c:e9:7a:6f:00:c9:43:9a:
b4:1b:9c:8f:2f:e9:69:11:aa:78:56:b6:a9:9f:10:fe:2f:39:
72:18:7d:ab:d5:e2:54:c1:cd:03:42:81:b8:9a:9d:d9:04:cb:
53:6d:38:df:a2:92:9e:91:74:d7:7e:98:ea:b6:d9:29:7b:23:
b8:45:3d:c7:a9:61:92:ae:b2:91:c6:a8:f3:8a:92:b3:89:d2:
e7:db:f8:4a:74:0a:f9:14:04:08:6b:24:95:19:97:bb:1b:b3:
83:05:9a:c1:4f:db:4a:8f:41:33:db:86:cc:51:2b:4b:8f:96:
d5:12:81:aa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJuldcGy0i8xMp8fcyugDb218/M8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MTRaFw0yNzAzMjQwODQ5MTRaMDMxMTAvBgNV
BAMTKEQ5RjQ3RUM3MzczRDZCQjI4RjYyMjQ3QUU5NTNCMjJCM0VEMTIyRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0Uoo9oO5bGZvq5U1O1t4Ai9xe
u0PPEODiVrV2qTL4aEymSiJrhn8h3Umr20e1sNKr3nuR65buhnfllwyOmT6nUuKL
nUG/RC10OXZpIAuUDXwRUhsthBVYkz8RNguh7g8xnaw9aDhCSa5oGSSHRjy14qvg
3rJb/Xqu30tVOi+uyinfm8rY4zqrak0qphC9KbX7DsLRnSWZTquhRRx60pdAhTg6
aZ0e3e2qaPy7Vi3TVNR7hF3+nkovUMvvc43zz0UWHqGWr3pmFrHVG0I5liwI8ktZ
WfpeedXu7bXmWUOmy2muIHIc4KUEevvaw6ZH9YgLqUOuR/c/BeFD9P7Bn7CXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2fR+xzc9a7KPYiR66VOyKz7RIu0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2cgwDQYJKoZIhvcNAQELBQADggEBAH7hRpGG14bcNahC5KM0jO9hDRaPkAmk
O/3xYp2lAq/nhNFBw7+hsWs6TYkGKvGJ3j3KKyb0z6TS/VUIfZg8e3YVFGiPaWpS
+3yRZQa8QJp+MSRduQoiZ+374TQt7SU3cY2ifPyBf/RYG5jnXtJyyff3AP5TTr0J
JShV9OomEaVYhIOlt/nFPXhM6XpvAMlDmrQbnI8v6WkRqnhWtqmfEP4vOXIYfavV
4lTBzQNCgbiandkEy1NtON+ikp6RdNd+mOq22Sl7I7hFPcepYZKuspHGqPOKkrOJ
0ufb+Ep0CvkUBAhrJJUZl7sbs4MFmsFP20qPQTPbhsxRK0uPltUSgao=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:51 2026 by rpki-client