Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230362e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3230362e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: AvVd2d4E4uKX7cqz2/bpfQqfZfENSlPHB62hlxWvTlA=
Subject key identifier: 48:CB:CE:9E:21:10:22:D5:F7:7E:2E:8D:DB:C1:BB:F1:B2:A0:7F:AB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1ADA3FA15C42F95BC32606F86F3F26A09C45AD0B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230362e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:10 +0000
ROA not before: Wed 25 Mar 2026 08:44:10 +0000
ROA not after: Wed 24 Mar 2027 08:49:10 +0000
asID: 48266
IP address blocks: 217.217.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:da:3f:a1:5c:42:f9:5b:c3:26:06:f8:6f:3f:26:a0:9c:45:ad:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:10 2026 GMT
Not After : Mar 24 08:49:10 2027 GMT
Subject: CN=48CBCE9E211022D5F77E2E8DDBC1BBF1B2A07FAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d5:84:3d:1c:e2:bc:ac:72:83:81:d6:a1:38:
81:46:e1:16:04:8d:6e:1b:b8:88:ef:38:4e:32:77:
af:0a:85:d5:91:6b:af:2c:78:b8:ef:c4:a2:4f:e8:
ae:b2:2e:f9:a0:68:e4:5e:5c:11:42:db:4f:4c:69:
15:66:7c:b4:cb:72:d6:db:e3:9e:3f:50:13:1a:39:
74:cc:d8:81:14:c0:ef:d8:f8:92:35:3a:23:ae:91:
a6:aa:b3:53:96:3c:13:69:9b:56:91:43:d1:0f:a2:
9e:d4:4d:d7:ed:8e:0c:94:fb:08:2e:02:c6:24:2b:
66:8f:6a:82:da:60:58:5c:7b:17:6c:e7:39:06:c8:
1b:b1:56:0f:f9:44:61:a1:11:e1:b2:b4:de:b6:5c:
8b:7b:6f:be:e0:5c:7f:8f:44:82:c8:e1:cf:9f:f3:
1f:85:58:dd:dc:49:05:93:79:c3:b1:a4:21:4a:34:
ac:a7:0a:dd:48:df:f6:f1:66:5a:f8:9b:31:0b:66:
18:71:cb:3c:d2:82:61:46:4a:7a:d1:39:10:2d:42:
86:83:bd:15:89:47:2d:59:fe:61:5c:c9:a7:15:3e:
bf:df:d7:bb:54:e6:df:01:65:4b:6f:35:68:56:8b:
8e:7b:2f:4a:9c:e7:8a:e6:80:99:e6:d8:d5:79:7b:
54:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:CB:CE:9E:21:10:22:D5:F7:7E:2E:8D:DB:C1:BB:F1:B2:A0:7F:AB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230362e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.206.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:f6:95:b4:54:1d:a2:4f:0c:fa:5b:9a:15:5b:68:a1:0d:a0:
f4:d2:02:e7:44:af:80:df:79:b8:07:d7:22:b2:a7:1b:51:2b:
e4:ca:6d:27:65:67:b3:0b:cb:7f:a7:93:1b:ee:0c:9c:35:ab:
37:9b:99:a2:25:3c:1a:ee:10:59:fa:36:55:2d:11:14:f1:a0:
8f:9b:7c:de:2f:5e:d9:69:21:10:a8:6a:27:f8:96:33:4a:7f:
00:9e:8a:a8:7e:d5:77:37:9c:28:91:68:53:c2:01:37:bc:65:
5e:10:e0:a9:be:41:ac:7e:5b:03:f9:f1:ac:63:56:47:0d:84:
4f:10:ca:4d:ca:b7:7d:b8:87:a0:0b:69:25:5a:79:9d:2a:ec:
3b:70:97:d4:91:50:1a:9d:0e:b0:de:94:df:ea:16:7c:3d:f4:
44:de:d9:91:93:8d:3c:aa:17:b5:dc:b6:a1:92:c6:79:dd:7c:
2d:01:aa:cc:c8:82:55:2a:b1:b6:ee:45:8b:50:aa:87:a0:ad:
13:5a:bc:a1:6a:53:58:de:35:fc:cc:b4:59:9c:27:0d:20:59:
db:f3:84:21:66:4f:93:2b:3c:19:4e:ed:6a:b6:38:a1:da:f2:
13:7c:1d:86:d3:da:a3:b6:86:e2:78:34:db:13:90:0d:5c:f5:
b7:ba:e1:cf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGto/oVxC+VvDJgb4bz8moJxFrQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MTBaFw0yNzAzMjQwODQ5MTBaMDMxMTAvBgNV
BAMTKDQ4Q0JDRTlFMjExMDIyRDVGNzdFMkU4RERCQzFCQkYxQjJBMDdGQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF1YQ9HOK8rHKDgdahOIFG4RYE
jW4buIjvOE4yd68KhdWRa68seLjvxKJP6K6yLvmgaOReXBFC209MaRVmfLTLctbb
454/UBMaOXTM2IEUwO/Y+JI1OiOukaaqs1OWPBNpm1aRQ9EPop7UTdftjgyU+wgu
AsYkK2aPaoLaYFhcexds5zkGyBuxVg/5RGGhEeGytN62XIt7b77gXH+PRILI4c+f
8x+FWN3cSQWTecOxpCFKNKynCt1I3/bxZlr4mzELZhhxyzzSgmFGSnrRORAtQoaD
vRWJRy1Z/mFcyacVPr/f17tU5t8BZUtvNWhWi457L0qc54rmgJnm2NV5e1SFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSMvOniEQItX3fi6N28G78bKgf6swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2c4wDQYJKoZIhvcNAQELBQADggEBAB72lbRUHaJPDPpbmhVbaKENoPTSAudE
r4DfebgH1yKypxtRK+TKbSdlZ7MLy3+nkxvuDJw1qzebmaIlPBruEFn6NlUtERTx
oI+bfN4vXtlpIRCoaif4ljNKfwCeiqh+1Xc3nCiRaFPCATe8ZV4Q4Km+Qax+WwP5
8axjVkcNhE8Qyk3Kt324h6ALaSVaeZ0q7Dtwl9SRUBqdDrDelN/qFnw99ETe2ZGT
jTyqF7XctqGSxnndfC0BqszIglUqsbbuRYtQqoegrRNavKFqU1jeNfzMtFmcJw0g
WdvzhCFmT5MrPBlO7Wq2OKHa8hN8HYbT2qO2huJ4NNsTkA1c9be64c8=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:51 2026 by rpki-client