Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230352e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3230352e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: mgPHDZyBB3bFddV0Iw0ascTDJNNBs9lpnHm/nWtxtyU=
Subject key identifier: 2F:75:A5:6E:70:41:16:95:9D:89:71:23:B6:81:B6:13:F1:62:66:6B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3E0CA9200ACEFBCAE3934CE2BACD5993F7A18833
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230352e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:11 +0000
ROA not before: Wed 25 Mar 2026 08:44:11 +0000
ROA not after: Wed 24 Mar 2027 08:49:11 +0000
asID: 48266
IP address blocks: 217.217.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:0c:a9:20:0a:ce:fb:ca:e3:93:4c:e2:ba:cd:59:93:f7:a1:88:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:11 2026 GMT
Not After : Mar 24 08:49:11 2027 GMT
Subject: CN=2F75A56E704116959D897123B681B613F162666B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:34:a2:c6:f1:34:5e:3d:26:33:0f:e5:90:00:
43:77:02:85:14:02:d2:a9:4e:4d:86:df:89:e9:7c:
60:b1:0e:58:c2:c5:08:de:37:cf:77:9c:de:e8:d2:
41:fb:8a:45:82:d4:90:66:e0:1c:6d:37:33:c4:3d:
6b:bc:d9:6c:64:96:80:8e:2c:f4:bc:1c:13:ca:58:
07:ee:f4:3e:72:f5:a1:75:65:3c:f8:37:02:5e:e1:
f3:8b:92:db:c6:71:d7:3a:5d:90:c4:56:7b:a5:76:
57:58:e9:5a:ca:47:cb:5c:5f:10:c8:5c:70:3a:47:
64:58:42:cb:37:2b:28:b9:eb:2b:dc:56:b6:f5:48:
2c:57:0a:b7:45:26:26:ef:5d:09:c4:30:06:01:ba:
6c:c3:9f:76:56:83:c8:7a:56:ba:e1:38:01:cb:38:
aa:cd:c1:cd:15:72:4f:d1:c9:0b:a8:14:a6:eb:0f:
7b:51:8f:78:c7:0b:4c:8c:52:70:c2:83:45:3c:f6:
3a:93:24:fa:73:70:69:71:a4:2c:ae:b3:ad:5d:9b:
8f:27:d6:61:7d:73:36:0a:b8:dd:0a:bd:31:3d:c3:
b8:2a:d3:57:c2:ce:45:88:8d:64:d4:80:3b:c5:97:
62:32:0b:f2:ca:f3:ec:c2:e2:d7:58:7b:4a:bc:7e:
0e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:75:A5:6E:70:41:16:95:9D:89:71:23:B6:81:B6:13:F1:62:66:6B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230352e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.205.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:b2:3b:47:fc:b8:82:13:8d:e7:97:15:6f:5e:8a:00:f1:ab:
f2:44:74:11:d2:fd:b5:22:2e:c9:85:18:a2:9a:c4:14:e7:c5:
a5:d0:4b:8b:8b:4c:8a:8c:91:bf:fa:6e:83:ed:ec:37:28:69:
87:78:eb:16:2f:d0:ac:0e:bf:65:c9:c1:f8:12:6b:0e:06:f8:
b5:39:57:3d:81:93:0e:af:ac:f7:1d:30:66:10:3d:62:77:70:
3a:48:83:e3:cc:b3:c3:47:9c:2f:10:6d:39:18:cb:91:d8:c7:
f5:19:18:ba:57:ca:39:ad:2f:e3:de:32:1e:b8:dc:b6:66:4a:
aa:37:87:39:b2:23:c4:81:90:74:1e:16:e6:36:30:e3:e0:b0:
2f:2c:55:65:0d:84:77:38:3c:79:c7:09:7a:80:62:92:f5:8b:
34:a7:be:9e:c5:29:2b:22:a4:fe:49:aa:ac:03:56:7a:10:b9:
53:db:83:af:ea:a1:a5:c1:82:e6:c6:9b:c1:4d:ba:f6:44:50:
0a:50:03:f6:28:04:9b:a5:d2:ef:68:e3:24:a6:65:57:f5:0e:
23:94:2d:27:e6:52:8e:20:26:6f:9c:52:30:7a:b9:f3:51:3a:
a8:2f:fe:41:75:ec:f8:71:9f:8d:ff:3a:0f:dc:64:5c:24:93:
af:f9:e7:b7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPgypIArO+8rjk0zius1Zk/ehiDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MTFaFw0yNzAzMjQwODQ5MTFaMDMxMTAvBgNV
BAMTKDJGNzVBNTZFNzA0MTE2OTU5RDg5NzEyM0I2ODFCNjEzRjE2MjY2NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfNKLG8TRePSYzD+WQAEN3AoUU
AtKpTk2G34npfGCxDljCxQjeN893nN7o0kH7ikWC1JBm4BxtNzPEPWu82WxkloCO
LPS8HBPKWAfu9D5y9aF1ZTz4NwJe4fOLktvGcdc6XZDEVnuldldY6VrKR8tcXxDI
XHA6R2RYQss3Kyi56yvcVrb1SCxXCrdFJibvXQnEMAYBumzDn3ZWg8h6VrrhOAHL
OKrNwc0Vck/RyQuoFKbrD3tRj3jHC0yMUnDCg0U89jqTJPpzcGlxpCyus61dm48n
1mF9czYKuN0KvTE9w7gq01fCzkWIjWTUgDvFl2IyC/LK8+zC4tdYe0q8fg5BAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUL3WlbnBBFpWdiXEjtoG2E/FiZmswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2c0wDQYJKoZIhvcNAQELBQADggEBAKCyO0f8uIITjeeXFW9eigDxq/JEdBHS
/bUiLsmFGKKaxBTnxaXQS4uLTIqMkb/6boPt7DcoaYd46xYv0KwOv2XJwfgSaw4G
+LU5Vz2Bkw6vrPcdMGYQPWJ3cDpIg+PMs8NHnC8QbTkYy5HYx/UZGLpXyjmtL+Pe
Mh643LZmSqo3hzmyI8SBkHQeFuY2MOPgsC8sVWUNhHc4PHnHCXqAYpL1izSnvp7F
KSsipP5JqqwDVnoQuVPbg6/qoaXBgubGm8FNuvZEUApQA/YoBJul0u9o4ySmZVf1
DiOULSfmUo4gJm+cUjB6ufNROqgv/kF17Phxn43/Og/cZFwkk6/557c=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:51 2026 by rpki-client