Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230312e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3230312e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: goJgkTM7VnEcaZX4anMncIRJHh/DABiqrv9A5OUe+Fc=
Subject key identifier: 9B:E7:F4:5A:C6:BE:08:ED:95:69:DF:8D:8E:A4:B4:33:DB:6F:25:56
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2FFCD8A77AE4C33E08F4162013F502191D3769CE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230312e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:13 +0000
ROA not before: Wed 25 Mar 2026 08:44:13 +0000
ROA not after: Wed 24 Mar 2027 08:49:13 +0000
asID: 48266
IP address blocks: 217.217.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:fc:d8:a7:7a:e4:c3:3e:08:f4:16:20:13:f5:02:19:1d:37:69:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:13 2026 GMT
Not After : Mar 24 08:49:13 2027 GMT
Subject: CN=9BE7F45AC6BE08ED9569DF8D8EA4B433DB6F2556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ff:4a:ec:0c:65:84:bb:23:d0:ed:54:64:99:
4b:5a:a0:57:09:75:3a:9e:f2:92:ae:a7:cb:14:09:
89:dc:fb:10:2c:d9:52:05:8d:3c:39:59:52:54:35:
4e:c5:57:8f:1d:5d:63:43:c3:d9:68:fb:d6:a1:bf:
9b:ac:83:ea:ea:24:04:16:f2:c2:a5:f8:94:2e:6c:
18:06:d2:e7:4e:d8:3f:eb:38:f3:7a:5a:59:19:10:
26:10:2f:f8:43:06:52:ce:73:a1:a1:56:f5:1b:40:
00:55:d8:30:a6:55:12:aa:92:05:db:f4:3c:0c:1f:
07:9c:80:5e:57:d3:7c:4b:49:90:c6:50:11:9a:0f:
6c:b4:af:b3:60:da:44:e6:64:70:87:2f:53:ce:5c:
5a:56:18:a4:f0:28:a3:7f:cd:47:1a:cd:e7:f4:3f:
af:bb:83:76:8f:76:00:99:65:cc:2b:06:a8:03:d5:
67:e5:d0:0d:3b:10:01:4a:2e:39:ff:b9:a1:05:00:
77:e6:e4:6c:d1:94:7f:f7:e3:4f:86:7a:c4:c8:24:
93:09:56:ab:47:2a:f7:5a:dd:ff:a9:9d:c8:37:91:
1f:f5:c7:10:29:7a:3c:ad:cf:b1:91:0e:2a:6d:f9:
06:00:0f:c3:ce:f1:92:32:af:e4:3a:52:b9:4a:97:
40:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:E7:F4:5A:C6:BE:08:ED:95:69:DF:8D:8E:A4:B4:33:DB:6F:25:56
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230312e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.201.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:35:c1:48:68:75:12:07:e6:49:ca:64:37:e7:08:28:9c:ae:
4a:b3:1c:8e:98:b8:dc:61:47:65:f6:de:f3:72:1e:b7:fe:5d:
81:a4:f0:70:88:76:4f:f6:8d:6a:18:87:e0:3d:80:64:f1:fd:
df:3a:9c:14:3b:87:78:5a:20:8c:b5:af:00:6b:7c:6e:5a:dc:
9b:9e:d2:e5:45:e6:65:14:8c:3a:a6:d9:ea:b8:31:dc:bc:5d:
e7:3d:2e:33:c0:ef:3c:d1:fa:81:11:11:ff:d9:6a:e6:bd:ad:
3f:ab:23:a1:35:e3:5c:ac:13:df:be:aa:79:32:10:76:19:e7:
4f:a8:5c:84:f2:86:3d:19:4b:b4:67:6d:14:f3:c0:65:c0:d1:
34:98:6e:b7:96:7f:03:6b:03:6a:a4:7b:41:fd:34:cb:9a:58:
17:3a:3f:6e:db:24:08:e0:4e:64:2a:56:44:9a:9c:2e:13:59:
04:7e:26:84:83:21:73:ad:e3:30:39:85:ac:3a:74:05:1c:08:
9c:b6:dc:01:b8:5a:93:53:fa:23:40:78:55:1a:be:33:cf:97:
45:b7:c2:77:b5:14:92:13:57:b3:92:38:ea:c6:92:79:9a:2f:
00:4d:f3:50:13:52:d9:22:25:af:54:84:d6:0e:65:81:f7:6d:
69:09:35:10
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUL/zYp3rkwz4I9BYgE/UCGR03ac4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MTNaFw0yNzAzMjQwODQ5MTNaMDMxMTAvBgNV
BAMTKDlCRTdGNDVBQzZCRTA4RUQ5NTY5REY4RDhFQTRCNDMzREI2RjI1NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+/0rsDGWEuyPQ7VRkmUtaoFcJ
dTqe8pKup8sUCYnc+xAs2VIFjTw5WVJUNU7FV48dXWNDw9lo+9ahv5usg+rqJAQW
8sKl+JQubBgG0udO2D/rOPN6WlkZECYQL/hDBlLOc6GhVvUbQABV2DCmVRKqkgXb
9DwMHwecgF5X03xLSZDGUBGaD2y0r7Ng2kTmZHCHL1POXFpWGKTwKKN/zUcazef0
P6+7g3aPdgCZZcwrBqgD1Wfl0A07EAFKLjn/uaEFAHfm5GzRlH/340+GesTIJJMJ
VqtHKvda3f+pncg3kR/1xxApejytz7GRDipt+QYAD8PO8ZIyr+Q6UrlKl0CpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUm+f0Wsa+CO2Vad+NjqS0M9tvJVYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2ckwDQYJKoZIhvcNAQELBQADggEBAA81wUhodRIH5knKZDfnCCicrkqzHI6Y
uNxhR2X23vNyHrf+XYGk8HCIdk/2jWoYh+A9gGTx/d86nBQ7h3haIIy1rwBrfG5a
3Jue0uVF5mUUjDqm2eq4Mdy8Xec9LjPA7zzR+oEREf/Zaua9rT+rI6E141ysE9++
qnkyEHYZ50+oXITyhj0ZS7RnbRTzwGXA0TSYbreWfwNrA2qke0H9NMuaWBc6P27b
JAjgTmQqVkSanC4TWQR+JoSDIXOt4zA5haw6dAUcCJy23AG4WpNT+iNAeFUavjPP
l0W3wne1FJITV7OSOOrGknmaLwBN81ATUtkiJa9UhNYOZYH3bWkJNRA=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:49 2026 by rpki-client