Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231322e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3231322e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: de0jmWbsamqiVAC0u8F3aZ+WizhuVsW6GDSDaACh87o=
Subject key identifier: 01:46:06:AD:F3:DA:E0:2E:59:09:6C:8C:2A:BE:F0:E4:11:DF:AF:18
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0C4741E09C667D6A90C9D6528FC7458372C90B41
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231322e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:06 +0000
ROA not before: Wed 25 Mar 2026 08:44:06 +0000
ROA not after: Wed 24 Mar 2027 08:49:06 +0000
asID: 48266
IP address blocks: 217.217.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:47:41:e0:9c:66:7d:6a:90:c9:d6:52:8f:c7:45:83:72:c9:0b:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:06 2026 GMT
Not After : Mar 24 08:49:06 2027 GMT
Subject: CN=014606ADF3DAE02E59096C8C2ABEF0E411DFAF18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b4:26:36:f9:c7:e9:00:58:29:d8:f7:d9:a3:
2b:bb:1e:62:9a:b4:b7:74:53:4a:e3:97:d8:aa:9f:
2a:3d:dd:a5:95:e3:1a:fa:f4:24:fb:75:f8:df:aa:
07:5f:be:f4:db:9a:c6:bf:70:52:ad:bc:61:09:8c:
08:ef:0b:38:92:76:48:27:67:f6:48:2b:7a:1b:ac:
14:0d:74:30:10:07:c9:3d:49:8c:ea:21:b2:24:10:
db:23:7d:b4:db:ab:4c:03:e5:74:8d:0f:78:d8:dd:
e1:56:c9:02:23:ae:4f:4c:36:1f:37:3c:0a:a6:f8:
2c:7c:b8:32:90:9e:c3:67:91:6b:0e:5f:1e:d4:49:
7e:c3:2b:f1:71:0e:db:a4:e2:17:45:f5:04:79:17:
d1:fd:66:f7:39:93:95:9c:21:2d:a9:7b:1d:e1:c3:
25:20:47:a8:f8:da:c1:eb:37:63:33:90:fb:ff:78:
0c:10:e8:6a:bf:1a:94:01:c5:5f:6b:03:67:47:b3:
49:85:69:ae:6e:0d:13:6b:76:e0:56:6b:eb:4e:74:
9b:95:eb:e5:23:73:98:15:31:a5:f7:f2:58:19:25:
be:25:33:c4:59:4c:c4:75:6c:0c:98:c6:b7:b2:93:
94:f6:29:f6:50:f7:6f:ff:bd:f9:76:74:03:0b:ad:
ff:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:46:06:AD:F3:DA:E0:2E:59:09:6C:8C:2A:BE:F0:E4:11:DF:AF:18
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231322e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.212.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d3:0d:35:2b:5b:ee:52:f3:00:ec:d4:2c:6b:96:f2:93:38:
ec:d1:dc:36:98:e0:b5:72:76:07:42:3d:62:9e:62:45:6a:12:
c9:56:2d:c9:2d:2a:4f:bc:bd:5e:02:3f:5e:aa:86:01:61:fd:
4c:e2:ee:f8:74:84:62:03:cb:de:30:a5:69:b4:58:de:80:5e:
31:3e:d2:10:8c:a7:76:89:6c:4a:a6:06:98:7c:a3:81:ba:a1:
0e:74:c8:85:34:34:96:7b:1f:e9:d3:f3:4c:bd:0d:d5:05:0c:
80:8e:05:2a:ab:b1:c6:84:4b:3a:83:15:6d:3e:1a:8e:64:12:
72:c6:2d:f3:8b:2e:37:98:6c:dd:2a:b1:c6:fe:ef:b5:2b:64:
a8:ec:46:ef:8f:c1:c9:48:45:8b:2c:d3:20:6a:1b:5b:8a:3f:
ea:59:65:40:23:c1:0c:df:67:ca:50:31:4f:c6:63:08:2c:54:
89:ee:d3:6b:6a:87:ab:c3:5d:a7:54:46:7d:1f:aa:98:4f:d6:
5e:06:3c:0e:9e:24:92:77:22:9a:2e:90:8e:e1:8d:44:9a:b0:
d1:d3:c9:29:96:fe:04:2e:f9:16:a2:5f:9e:8e:3c:1b:26:a7:
d2:22:20:2d:76:a5:1c:44:b8:55:49:f4:e5:d9:9f:95:cb:b1:
6e:84:41:95
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDEdB4JxmfWqQydZSj8dFg3LJC0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MDZaFw0yNzAzMjQwODQ5MDZaMDMxMTAvBgNV
BAMTKDAxNDYwNkFERjNEQUUwMkU1OTA5NkM4QzJBQkVGMEU0MTFERkFGMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBtCY2+cfpAFgp2PfZoyu7HmKa
tLd0U0rjl9iqnyo93aWV4xr69CT7dfjfqgdfvvTbmsa/cFKtvGEJjAjvCziSdkgn
Z/ZIK3obrBQNdDAQB8k9SYzqIbIkENsjfbTbq0wD5XSND3jY3eFWyQIjrk9MNh83
PAqm+Cx8uDKQnsNnkWsOXx7USX7DK/FxDtuk4hdF9QR5F9H9Zvc5k5WcIS2pex3h
wyUgR6j42sHrN2MzkPv/eAwQ6Gq/GpQBxV9rA2dHs0mFaa5uDRNrduBWa+tOdJuV
6+Ujc5gVMaX38lgZJb4lM8RZTMR1bAyYxreyk5T2KfZQ92//vfl2dAMLrf+3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAUYGrfPa4C5ZCWyMKr7w5BHfrxgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2dQwDQYJKoZIhvcNAQELBQADggEBAJnTDTUrW+5S8wDs1CxrlvKTOOzR3DaY
4LVydgdCPWKeYkVqEslWLcktKk+8vV4CP16qhgFh/Uzi7vh0hGIDy94wpWm0WN6A
XjE+0hCMp3aJbEqmBph8o4G6oQ50yIU0NJZ7H+nT80y9DdUFDICOBSqrscaESzqD
FW0+Go5kEnLGLfOLLjeYbN0qscb+77UrZKjsRu+PwclIRYss0yBqG1uKP+pZZUAj
wQzfZ8pQMU/GYwgsVInu02tqh6vDXadURn0fqphP1l4GPA6eJJJ3IpoukI7hjUSa
sNHTySmW/gQu+RaiX56OPBsmp9IiIC12pRxEuFVJ9OXZn5XLsW6EQZU=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:48 2026 by rpki-client