Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232322e302f32342d3234203d3e203438323636.roa
File: 3231372e3231372e3232322e302f32342d3234203d3e203438323636.roa (raw, json)
Hash identifier: n3LirY4fqKZMZDUR8gh47ipJn++1J1jHe+4H0sMaP40=
Subject key identifier: B9:2D:B6:10:8A:92:C0:22:D4:A6:DD:AA:30:CB:12:41:C7:9B:81:B2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 126AF16F844C634DFBB4E5A6FC8634BDE7AC702D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232322e302f32342d3234203d3e203438323636.roa
Signing time: Wed 25 Mar 2026 08:47:27 +0000
ROA not before: Wed 25 Mar 2026 08:42:27 +0000
ROA not after: Wed 24 Mar 2027 08:47:27 +0000
asID: 48266
IP address blocks: 217.217.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:6a:f1:6f:84:4c:63:4d:fb:b4:e5:a6:fc:86:34:bd:e7:ac:70:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 25 08:42:27 2026 GMT
Not After : Mar 24 08:47:27 2027 GMT
Subject: CN=B92DB6108A92C022D4A6DDAA30CB1241C79B81B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ad:78:d9:b5:19:bc:a4:59:13:54:dd:c6:4d:
02:b0:f3:58:81:16:58:5a:ba:c0:a1:70:c3:79:fe:
30:46:e1:b3:04:18:cc:8f:24:e2:83:0e:50:86:6a:
b3:48:9c:aa:db:27:f5:e8:58:fb:c8:bb:f2:4f:15:
55:b2:f4:18:da:00:0d:07:34:14:06:44:a4:a8:e5:
a3:fc:eb:7a:cd:15:fa:a2:90:f2:24:b5:db:c4:05:
a6:c5:96:fa:ed:c2:b9:18:22:eb:1b:ab:89:e0:26:
8f:3d:f6:1b:0c:83:3f:83:06:d6:ec:82:d7:3b:43:
23:d1:d6:a3:73:17:60:c5:45:3d:f6:27:b6:e3:dc:
32:0a:2b:54:28:87:53:38:63:3b:58:d5:e8:87:c9:
d2:02:e1:7b:e0:90:b0:47:99:ea:26:f7:24:6b:84:
7b:51:24:85:94:20:9c:fe:ec:e4:2b:ef:45:1c:d0:
69:98:0a:f7:d6:f1:d2:ae:7b:d6:c5:1a:14:2c:3f:
4b:8b:58:bf:6e:6d:85:1a:e5:e7:a9:45:dd:f9:09:
be:93:59:e3:2f:96:62:4c:23:19:92:b2:78:c9:8b:
eb:ac:7d:8f:fe:df:00:f5:16:e1:8b:26:9a:d8:80:
da:6e:fd:86:53:1c:8a:63:e3:3c:d9:f3:0c:8a:09:
e2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2D:B6:10:8A:92:C0:22:D4:A6:DD:AA:30:CB:12:41:C7:9B:81:B2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232322e302f32342d3234203d3e203438323636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:1f:92:5d:f4:56:ce:6a:8b:47:52:cc:30:f7:f6:e9:13:bc:
f6:c8:91:a1:ce:94:d2:37:86:40:33:41:98:92:5c:64:aa:64:
e4:37:72:ab:01:a0:e3:a4:0a:21:e1:8c:56:b0:e4:9f:3d:52:
e6:6d:dd:05:37:ad:07:54:8f:df:a6:ba:81:da:62:1c:c2:f6:
78:84:6c:3c:18:96:f5:17:65:53:11:e3:86:ee:b3:ef:b7:22:
75:c3:0d:1c:01:26:61:a7:e6:80:c6:d7:7f:cd:f4:dc:2d:d6:
b7:42:03:80:80:22:c3:c3:ea:9a:f1:12:a1:2c:0d:f9:43:c1:
79:f5:34:bd:bb:f5:08:c8:65:e1:85:58:68:51:b1:33:6b:d3:
6d:76:83:d6:96:dc:56:12:86:76:71:87:6e:eb:60:94:49:26:
af:52:20:4e:68:b2:a6:e0:d1:4e:b0:83:bc:83:41:28:38:d8:
f4:14:b8:73:a6:13:9e:d1:46:fb:b4:07:dc:ed:92:a7:1c:af:
dd:67:a4:2c:c9:fc:04:fc:18:4f:bf:be:41:7c:4a:1e:ad:58:
21:f6:29:30:5c:64:c3:9a:60:95:9f:89:81:f4:06:5d:3c:58:
f6:37:06:79:06:b3:c5:e5:d4:20:6b:76:44:a7:3c:0c:e4:5a:
6f:bf:a7:d7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEmrxb4RMY037tOWm/IY0veescC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjUwODQyMjdaFw0yNzAzMjQwODQ3MjdaMDMxMTAvBgNV
BAMTKEI5MkRCNjEwOEE5MkMwMjJENEE2RERBQTMwQ0IxMjQxQzc5QjgxQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqrXjZtRm8pFkTVN3GTQKw81iB
FlhausChcMN5/jBG4bMEGMyPJOKDDlCGarNInKrbJ/XoWPvIu/JPFVWy9BjaAA0H
NBQGRKSo5aP863rNFfqikPIktdvEBabFlvrtwrkYIusbq4ngJo899hsMgz+DBtbs
gtc7QyPR1qNzF2DFRT32J7bj3DIKK1Qoh1M4YztY1eiHydIC4XvgkLBHmeom9yRr
hHtRJIWUIJz+7OQr70Uc0GmYCvfW8dKue9bFGhQsP0uLWL9ubYUa5eepRd35Cb6T
WeMvlmJMIxmSsnjJi+usfY/+3wD1FuGLJprYgNpu/YZTHIpj4zzZ8wyKCeLfAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuS22EIqSwCLUpt2qMMsSQcebgbIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzgzMjM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2d4wDQYJKoZIhvcNAQELBQADggEBAG4fkl30Vs5qi0dSzDD39ukTvPbIkaHO
lNI3hkAzQZiSXGSqZOQ3cqsBoOOkCiHhjFaw5J89UuZt3QU3rQdUj9+muoHaYhzC
9niEbDwYlvUXZVMR44bus++3InXDDRwBJmGn5oDG13/N9Nwt1rdCA4CAIsPD6prx
EqEsDflDwXn1NL279QjIZeGFWGhRsTNr0212g9aW3FYShnZxh27rYJRJJq9SIE5o
sqbg0U6wg7yDQSg42PQUuHOmE57RRvu0B9ztkqccr91npCzJ/AT8GE+/vkF8Sh6t
WCH2KTBcZMOaYJWfiYH0Bl08WPY3BnkGs8Xl1CBrdkSnPAzkWm+/p9c=
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:13:47 2026 by rpki-client