Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230392e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3230392e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: RxxLTomhjpBNWFFHkGIiAHJLgwGrdCCmKkFFtsGJ10Q=
Subject key identifier: 5C:C5:36:7A:69:63:0D:0F:2F:9D:E4:41:C1:9F:88:8B:37:6E:5E:E6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2CF153B62165F263028ABB5CB35E5E7FB4161960
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230392e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:08 +0000
ROA not before: Wed 25 Mar 2026 08:44:08 +0000
ROA not after: Wed 24 Mar 2027 08:49:08 +0000
asID: 48266
IP address blocks: 217.217.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:f1:53:b6:21:65:f2:63:02:8a:bb:5c:b3:5e:5e:7f:b4:16:19:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:08 2026 GMT
Not After : Mar 24 08:49:08 2027 GMT
Subject: CN=5CC5367A69630D0F2F9DE441C19F888B376E5EE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b6:c8:3d:22:c7:c4:3b:03:39:0a:34:cb:b3:
d3:60:62:44:f7:b3:61:5d:f9:44:94:8a:f8:ba:c4:
cc:e3:cd:68:b2:a2:ad:b6:d3:38:c4:e2:c3:59:ce:
f1:61:48:ea:31:ec:fc:3c:ee:2d:22:f9:5b:50:f9:
13:d2:43:9f:c7:74:3d:6a:14:09:ff:ee:91:fb:cc:
e4:ee:7f:57:87:1b:c6:3d:90:bb:75:f3:9d:3c:5e:
f9:90:4e:9c:9a:04:3a:6c:0b:32:9a:1c:99:26:ac:
51:de:47:d6:cc:00:d4:80:f3:20:32:9c:2e:a8:ff:
44:d8:c7:a5:5a:05:03:e7:ca:91:45:45:87:b0:2f:
26:32:9c:45:20:9d:2d:a5:36:d5:2b:ad:13:43:b2:
75:ce:a0:af:f7:b7:2f:2c:f3:7e:e0:c2:d2:50:13:
04:f1:b2:d3:b1:70:58:ec:18:36:4a:92:df:45:63:
cf:4e:1b:33:b1:8b:b8:f9:fc:79:b9:39:df:c4:50:
99:b3:dd:4d:c1:82:ed:b5:37:db:94:27:62:ec:10:
8a:04:a8:36:25:5c:41:75:91:d3:e1:b4:5f:2f:02:
59:63:bd:b6:e2:c9:b8:ef:37:13:2e:46:8f:4d:ea:
40:6d:0f:df:8c:ad:fd:89:24:56:44:9f:57:ff:cf:
c8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C5:36:7A:69:63:0D:0F:2F:9D:E4:41:C1:9F:88:8B:37:6E:5E:E6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230392e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.209.0/24
Signature Algorithm: sha256WithRSAEncryption
57:15:c7:8e:6a:d6:aa:34:5a:a9:37:e6:7e:19:ba:84:dd:4c:
06:14:55:9a:4f:72:6d:a1:72:e6:fb:c0:7c:29:b2:6c:88:39:
5f:2f:e8:ae:0f:88:3c:a2:b1:a1:bf:2e:7c:8a:0d:71:b1:6b:
3f:29:83:dd:cc:a6:c7:6b:25:9e:88:0c:5f:dc:a9:8a:12:3d:
0c:78:9b:42:7a:8b:47:5d:98:79:1b:fd:89:af:e5:fe:b5:46:
c5:07:87:d6:c7:ca:c9:a4:b3:aa:8c:af:87:04:50:7c:8a:60:
1a:46:db:e5:75:d6:d9:1c:36:0f:af:aa:cf:5e:95:f3:3a:17:
6c:a1:57:ef:db:96:3f:c8:aa:ef:d8:63:20:63:8c:d0:e2:ad:
cf:3a:45:14:2c:0e:f7:0d:33:2f:e4:4f:2e:cc:46:c0:ce:27:
90:ee:66:e0:01:96:e9:36:21:6a:6f:5e:38:d2:a4:9c:20:c2:
e0:b2:47:8c:8f:b9:f6:2f:02:69:68:4a:c0:1b:78:ab:2e:1b:
c1:bc:ee:fc:93:7a:03:a5:ef:f5:83:b3:2d:75:0f:bf:0c:eb:
f4:a5:1f:fc:a3:e8:e7:14:ec:68:4f:4b:ef:07:57:44:98:7f:
d3:cd:5d:26:70:a7:a7:58:40:f4:1d:dc:13:54:54:69:ff:82:
b6:02:c8:ee
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULPFTtiFl8mMCirtcs15ef7QWGWAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MDhaFw0yNzAzMjQwODQ5MDhaMDMxMTAvBgNV
BAMTKDVDQzUzNjdBNjk2MzBEMEYyRjlERTQ0MUMxOUY4ODhCMzc2RTVFRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmtsg9IsfEOwM5CjTLs9NgYkT3
s2Fd+USUivi6xMzjzWiyoq220zjE4sNZzvFhSOox7Pw87i0i+VtQ+RPSQ5/HdD1q
FAn/7pH7zOTuf1eHG8Y9kLt18508XvmQTpyaBDpsCzKaHJkmrFHeR9bMANSA8yAy
nC6o/0TYx6VaBQPnypFFRYewLyYynEUgnS2lNtUrrRNDsnXOoK/3ty8s837gwtJQ
EwTxstOxcFjsGDZKkt9FY89OGzOxi7j5/Hm5Od/EUJmz3U3Bgu21N9uUJ2LsEIoE
qDYlXEF1kdPhtF8vAlljvbbiybjvNxMuRo9N6kBtD9+Mrf2JJFZEn1f/z8gPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXMU2emljDQ8vneRBwZ+IizduXuYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2dEwDQYJKoZIhvcNAQELBQADggEBAFcVx45q1qo0Wqk35n4ZuoTdTAYUVZpP
cm2hcub7wHwpsmyIOV8v6K4PiDyisaG/LnyKDXGxaz8pg93MpsdrJZ6IDF/cqYoS
PQx4m0J6i0ddmHkb/Ymv5f61RsUHh9bHysmks6qMr4cEUHyKYBpG2+V11tkcNg+v
qs9elfM6F2yhV+/blj/Iqu/YYyBjjNDirc86RRQsDvcNMy/kTy7MRsDOJ5DuZuAB
luk2IWpvXjjSpJwgwuCyR4yPufYvAmloSsAbeKsuG8G87vyTegOl7/WDsy11D78M
6/SlH/yj6OcU7GhPS+8HV0SYf9PNXSZwp6dYQPQd3BNUVGn/grYCyO4=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:49 2026 by rpki-client