Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231332e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3231332e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: MgpNd1YMGYC9aIWL27iFEndqrwuC1ZypuDNWb/HgGGk=
Subject key identifier: 38:AC:DE:E5:E2:17:54:B7:F6:23:15:BC:FB:64:FF:E1:60:13:16:4F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 65D2D8C7042BE824E6081322ABD308AA5AE0E383
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231332e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:49:06 +0000
ROA not before: Wed 25 Mar 2026 08:44:06 +0000
ROA not after: Wed 24 Mar 2027 08:49:06 +0000
asID: 48266
IP address blocks: 217.217.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:d2:d8:c7:04:2b:e8:24:e6:08:13:22:ab:d3:08:aa:5a:e0:e3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:44:06 2026 GMT
Not After : Mar 24 08:49:06 2027 GMT
Subject: CN=38ACDEE5E21754B7F62315BCFB64FFE16013164F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b2:58:93:46:4b:2c:27:b2:93:2b:73:6a:8d:
01:9d:5f:e7:e5:5c:4f:c9:a9:54:ea:be:8f:5e:b3:
07:06:7d:fe:19:77:22:ed:b4:a2:c2:cc:a3:f7:cf:
d4:e1:11:cc:ae:01:15:37:0d:01:e5:75:2e:01:15:
06:53:1e:20:70:b5:1e:cc:e6:d3:a8:2d:c9:b1:be:
62:c7:d3:5d:c2:31:24:58:95:4d:b8:56:95:75:90:
5a:2c:41:37:97:6c:79:47:00:42:31:a4:53:6d:17:
f6:29:39:9f:c2:70:76:b5:f0:a8:f0:c4:b1:ea:7b:
fe:9a:77:a9:70:d6:b8:87:d8:fb:74:fb:b3:5b:68:
bd:e3:6c:58:00:9e:d8:a6:ca:20:b4:a3:21:66:88:
59:b1:f0:bf:06:67:a2:87:39:0e:c1:53:e6:a8:03:
0b:20:0f:23:ff:5d:1f:bb:cc:58:6f:b8:c4:4c:85:
5f:1a:8f:b9:f1:09:81:a0:97:68:c1:63:74:9c:8c:
e9:dd:ab:4f:c2:69:ee:57:b2:31:ae:08:ac:59:bb:
c2:35:10:7a:81:0d:55:4a:a6:b7:01:15:4e:4d:b2:
8a:8f:fd:69:b6:ef:d3:fb:07:94:77:6c:fd:6c:d6:
7c:ca:47:38:d7:8b:25:16:7e:c1:6f:fa:3d:4b:36:
27:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AC:DE:E5:E2:17:54:B7:F6:23:15:BC:FB:64:FF:E1:60:13:16:4F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231332e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.213.0/24
Signature Algorithm: sha256WithRSAEncryption
12:35:f3:8b:b7:06:8a:4e:d7:2f:d0:7a:30:35:b9:3e:bd:bc:
8b:5b:64:8a:e6:b8:46:22:9d:7c:67:fb:6e:7c:95:61:3e:b8:
8a:cd:71:c6:e5:d4:1a:1e:50:a3:14:15:94:34:b0:5a:d9:ae:
d7:f1:53:78:0f:cb:0d:57:64:16:de:50:7c:bf:95:6c:48:e7:
ce:3c:0a:d2:0f:67:87:ac:cc:53:71:93:c2:c3:b5:29:e4:1d:
61:d5:9d:37:a2:1d:6e:ec:72:0e:79:5d:2a:23:0c:70:43:3e:
2b:18:b8:49:33:36:f0:dd:a1:f0:d5:06:92:a1:ac:50:ec:70:
db:ea:a0:fc:af:82:94:39:8f:0c:31:f9:a1:11:98:f9:68:63:
e9:3a:42:4e:cc:33:28:db:b0:d2:06:fa:ee:02:e5:f7:cb:55:
33:b1:7c:a6:18:c5:1b:cd:6d:59:96:b8:ac:19:a7:f9:68:4a:
0c:27:42:03:da:cd:ea:6c:10:6b:e7:2a:5b:e7:67:75:f0:9f:
cd:ec:29:82:da:48:6f:ca:91:59:8a:d3:9e:65:e2:0d:79:08:
7f:f0:d7:86:9c:e0:c5:d4:28:91:48:b9:66:45:00:72:6b:0b:
f5:76:bf:d6:a8:aa:c4:49:7b:80:a8:42:20:e8:f3:49:fa:a3:
b5:95:3b:3d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZdLYxwQr6CTmCBMiq9MIqlrg44MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQ0MDZaFw0yNzAzMjQwODQ5MDZaMDMxMTAvBgNV
BAMTKDM4QUNERUU1RTIxNzU0QjdGNjIzMTVCQ0ZCNjRGRkUxNjAxMzE2NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIsliTRkssJ7KTK3NqjQGdX+fl
XE/JqVTqvo9eswcGff4ZdyLttKLCzKP3z9ThEcyuARU3DQHldS4BFQZTHiBwtR7M
5tOoLcmxvmLH013CMSRYlU24VpV1kFosQTeXbHlHAEIxpFNtF/YpOZ/CcHa18Kjw
xLHqe/6ad6lw1riH2Pt0+7NbaL3jbFgAntimyiC0oyFmiFmx8L8GZ6KHOQ7BU+ao
AwsgDyP/XR+7zFhvuMRMhV8aj7nxCYGgl2jBY3ScjOndq0/Cae5XsjGuCKxZu8I1
EHqBDVVKprcBFU5NsoqP/Wm279P7B5R3bP1s1nzKRzjXiyUWfsFv+j1LNiftAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOKze5eIXVLf2IxW8+2T/4WATFk8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2dUwDQYJKoZIhvcNAQELBQADggEBABI184u3BopO1y/QejA1uT69vItbZIrm
uEYinXxn+258lWE+uIrNccbl1BoeUKMUFZQ0sFrZrtfxU3gPyw1XZBbeUHy/lWxI
5848CtIPZ4eszFNxk8LDtSnkHWHVnTeiHW7scg55XSojDHBDPisYuEkzNvDdofDV
BpKhrFDscNvqoPyvgpQ5jwwx+aERmPloY+k6Qk7MMyjbsNIG+u4C5ffLVTOxfKYY
xRvNbVmWuKwZp/loSgwnQgPazepsEGvnKlvnZ3Xwn83sKYLaSG/KkVmK055l4g15
CH/w14ac4MXUKJFIuWZFAHJrC/V2v9aoqsRJe4CoQiDo80n6o7WVOz0=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:49 2026 by rpki-client