Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230382e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3230382e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: E8090HR93vhQi/9nVa/fyr/FZ/bDkc8XROiG8WErNps=
Subject key identifier: D5:AB:3B:A5:DD:9C:A5:52:E8:2F:DD:6C:10:39:27:A0:A5:65:86:7C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4E682F62F6A3F5C01C6CEFF24ED0ECEA2D5052E3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230382e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:09 +0000
ROA not before: Wed 25 Mar 2026 08:44:09 +0000
ROA not after: Wed 24 Mar 2027 08:49:09 +0000
asID: 48266
IP address blocks: 217.217.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:68:2f:62:f6:a3:f5:c0:1c:6c:ef:f2:4e:d0:ec:ea:2d:50:52:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:09 2026 GMT
Not After : Mar 24 08:49:09 2027 GMT
Subject: CN=D5AB3BA5DD9CA552E82FDD6C103927A0A565867C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e3:26:ab:09:e7:12:bd:bd:e3:8c:cc:ac:ee:
cf:a8:ef:94:a4:9d:2c:b4:96:cf:21:ac:81:bf:a2:
00:ea:bb:9a:13:3a:1c:66:8d:48:03:42:0e:61:fe:
42:de:ba:9d:b8:c7:bc:cf:55:e1:a0:1f:12:0f:f4:
e9:fe:0b:96:13:5b:e6:7a:ae:72:27:d4:ad:c6:06:
50:df:f1:86:8d:30:9b:af:8f:d5:23:ed:10:b2:8f:
bf:67:21:f4:92:f9:98:db:02:48:f1:39:f1:3e:2b:
34:b0:59:17:8f:90:b3:2d:66:63:3b:68:7e:9e:b0:
46:d3:07:7a:72:a7:21:2a:42:c0:70:33:95:25:a5:
0d:60:68:2f:da:23:59:c8:e8:3b:22:fd:1a:90:6b:
a5:f7:cd:3f:dd:95:31:ed:50:4b:d5:8f:f1:54:93:
f3:a1:ba:bf:54:11:c0:08:30:74:54:46:79:30:34:
a1:8f:aa:61:20:00:9e:48:1d:df:fa:4e:0c:f9:2f:
1f:d0:a5:b4:f5:05:b3:61:0f:c3:57:6e:18:15:69:
5b:c7:45:9d:42:6d:38:f0:f0:48:74:1e:60:b5:3c:
09:8f:3a:8f:5b:f9:a5:ca:e5:0d:54:30:cb:40:85:
1a:cd:05:b6:31:43:44:45:18:29:90:cf:00:99:26:
cc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:AB:3B:A5:DD:9C:A5:52:E8:2F:DD:6C:10:39:27:A0:A5:65:86:7C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230382e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.208.0/24
Signature Algorithm: sha256WithRSAEncryption
78:1b:c5:d0:12:84:e2:be:8c:a5:37:12:51:1b:79:1a:c2:74:
4a:db:15:89:3c:7c:9c:46:60:ea:f4:08:f5:a4:d2:e5:10:5b:
49:e7:bd:be:93:5e:54:13:82:44:89:bf:ec:09:98:37:1d:d5:
73:19:2e:0f:39:79:df:0a:f7:e1:06:1c:18:76:f3:48:e9:77:
ab:36:d5:ea:50:d8:35:f8:33:41:d3:56:56:9c:09:83:5a:a8:
78:cd:fa:fc:15:25:63:f8:48:54:18:d9:f6:fd:7a:f6:91:02:
87:2e:cb:88:31:07:b0:c6:af:13:32:b7:d9:74:f6:51:c6:69:
43:32:ea:35:89:e7:17:11:a1:71:f9:80:71:13:b9:7e:2f:84:
ff:b4:12:91:0e:c1:09:31:2f:26:e9:8b:33:3e:37:f8:2a:4c:
f9:ab:f1:a4:04:6d:a6:db:78:58:cb:b7:ee:8f:ce:0e:3c:37:
85:3e:c4:3c:89:04:6a:ee:3c:02:78:7d:74:55:25:61:16:f8:
de:6e:44:0c:98:27:d6:fe:65:cc:3d:e9:b7:29:77:3b:98:4f:
65:c9:b9:3b:b4:ff:6a:38:17:0a:ff:31:0a:95:30:a1:ae:d1:
c9:2f:9b:35:7a:56:23:12:1a:23:e7:52:a9:31:f9:d0:b3:29:
6a:53:b0:43
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTmgvYvaj9cAcbO/yTtDs6i1QUuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MDlaFw0yNzAzMjQwODQ5MDlaMDMxMTAvBgNV
BAMTKEQ1QUIzQkE1REQ5Q0E1NTJFODJGREQ2QzEwMzkyN0EwQTU2NTg2N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC04yarCecSvb3jjMys7s+o75Sk
nSy0ls8hrIG/ogDqu5oTOhxmjUgDQg5h/kLeup24x7zPVeGgHxIP9On+C5YTW+Z6
rnIn1K3GBlDf8YaNMJuvj9Uj7RCyj79nIfSS+ZjbAkjxOfE+KzSwWRePkLMtZmM7
aH6esEbTB3pypyEqQsBwM5UlpQ1gaC/aI1nI6Dsi/RqQa6X3zT/dlTHtUEvVj/FU
k/Ohur9UEcAIMHRURnkwNKGPqmEgAJ5IHd/6Tgz5Lx/QpbT1BbNhD8NXbhgVaVvH
RZ1CbTjw8Eh0HmC1PAmPOo9b+aXK5Q1UMMtAhRrNBbYxQ0RFGCmQzwCZJszVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1as7pd2cpVLoL91sEDknoKVlhnwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2dAwDQYJKoZIhvcNAQELBQADggEBAHgbxdAShOK+jKU3ElEbeRrCdErbFYk8
fJxGYOr0CPWk0uUQW0nnvb6TXlQTgkSJv+wJmDcd1XMZLg85ed8K9+EGHBh280jp
d6s21epQ2DX4M0HTVlacCYNaqHjN+vwVJWP4SFQY2fb9evaRAocuy4gxB7DGrxMy
t9l09lHGaUMy6jWJ5xcRoXH5gHETuX4vhP+0EpEOwQkxLybpizM+N/gqTPmr8aQE
babbeFjLt+6Pzg48N4U+xDyJBGruPAJ4fXRVJWEW+N5uRAyYJ9b+Zcw96bcpdzuY
T2XJuTu0/2o4Fwr/MQqVMKGu0ckvmzV6ViMSGiPnUqkx+dCzKWpTsEM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:50 2026 by rpki-client