Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33362e302f32322d3234203d3e20333939393535.roa
File: 3231372e3231372e33362e302f32322d3234203d3e20333939393535.roa (raw, json)
Hash identifier: +PIAyj7JZa6QF689YYvse9vbNhjwNlZL/eaQeF5rzvE=
Subject key identifier: D0:4F:56:45:C2:1F:55:3A:39:8A:FB:36:4A:43:F3:98:4A:0E:47:4B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2AA4C7CEBC2B4BAA641B81AE49A758A1FA8DC070
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33362e302f32322d3234203d3e20333939393535.roa
Signing time: Thu 30 Apr 2026 13:46:22 +0000
ROA not before: Thu 30 Apr 2026 13:41:22 +0000
ROA not after: Thu 29 Apr 2027 13:46:22 +0000
asID: 399955
IP address blocks: 217.217.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:a4:c7:ce:bc:2b:4b:aa:64:1b:81:ae:49:a7:58:a1:fa:8d:c0:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 30 13:41:22 2026 GMT
Not After : Apr 29 13:46:22 2027 GMT
Subject: CN=D04F5645C21F553A398AFB364A43F3984A0E474B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ff:64:f7:7a:62:e9:b3:d5:e6:22:3f:e1:c4:
92:de:f8:93:65:8b:3f:bc:9d:ea:9b:52:f0:bd:09:
06:83:69:ad:5f:63:de:1e:9c:d8:d0:84:9a:2b:f1:
e3:8e:8e:f1:69:97:1b:4e:c3:d3:1e:cc:c2:6a:37:
24:fc:84:86:20:b2:ba:7a:92:43:21:52:bf:75:4f:
37:fb:df:9a:d0:31:70:c4:22:eb:25:e7:5a:ac:87:
0b:b2:35:f5:29:14:5c:8c:f6:fd:02:4e:6c:3f:23:
99:57:42:f6:d5:5c:22:cb:61:11:4b:30:4f:37:b9:
9f:f3:5f:38:99:fc:15:09:dd:df:80:4b:22:6a:07:
dd:9b:c3:eb:db:d1:2e:7a:34:97:49:07:b5:ab:8b:
84:cb:86:01:a2:a6:98:77:68:c1:c4:60:b8:e1:94:
0a:54:41:69:f0:35:9a:7e:b3:e0:f4:04:f4:a4:18:
18:70:bc:5b:ec:af:93:8e:fb:ec:5c:61:52:b7:c5:
14:73:63:95:6b:aa:84:62:2a:88:63:4e:de:b6:1e:
2c:e2:14:06:df:1a:c5:20:37:9a:6a:6a:22:22:87:
f7:b3:cf:32:88:21:01:e7:ad:2b:96:68:5a:2f:2a:
85:1d:c0:d9:88:79:71:dd:78:3a:05:13:11:bc:82:
fb:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4F:56:45:C2:1F:55:3A:39:8A:FB:36:4A:43:F3:98:4A:0E:47:4B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33362e302f32322d3234203d3e20333939393535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.36.0/22
Signature Algorithm: sha256WithRSAEncryption
33:be:e0:23:91:a1:7f:c8:e9:81:d2:49:bd:30:18:d2:0e:81:
be:da:03:20:a6:79:4e:2e:b8:22:67:40:d2:3f:b1:fa:ab:ec:
61:b6:1f:3c:65:eb:39:ff:58:dc:e5:5d:d1:0d:35:7d:58:1c:
ba:42:5a:8e:99:95:4a:d9:a7:41:e9:4a:12:41:1a:22:4c:bb:
37:36:d2:76:90:c7:57:e0:de:90:6e:08:91:50:3a:39:26:55:
5e:ec:c1:e5:b3:ec:43:62:42:c8:5c:09:b4:a8:78:11:41:2c:
dd:4a:a6:e5:89:c8:6f:fe:a3:1f:c9:36:50:80:7a:a9:46:aa:
26:0f:bf:e0:94:5c:88:fe:43:76:8b:46:f9:85:fa:1d:99:26:
a2:04:b1:04:0a:83:a4:d3:91:d1:3f:58:26:61:f7:02:ba:6f:
5a:50:e2:59:7f:f5:8b:53:71:fe:f9:e7:ae:ff:75:c0:c6:9c:
b6:2c:1e:ff:06:21:53:63:e2:a2:44:01:f4:c7:17:03:c8:75:
09:e8:20:c7:ea:76:3f:cc:bc:cb:79:99:a2:3c:2f:cb:9f:38:
96:a0:84:61:fd:6e:01:c7:e0:de:9c:f7:9c:ba:e1:53:f9:b2:
29:a1:e5:57:58:e2:bf:f1:ad:6d:2c:d4:af:b9:eb:b6:cc:9e:
70:49:7f:bb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKqTHzrwrS6pkG4GuSadYofqNwHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MzAxMzQxMjJaFw0yNzA0MjkxMzQ2MjJaMDMxMTAvBgNV
BAMTKEQwNEY1NjQ1QzIxRjU1M0EzOThBRkIzNjRBNDNGMzk4NEEwRTQ3NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO/2T3emLps9XmIj/hxJLe+JNl
iz+8neqbUvC9CQaDaa1fY94enNjQhJor8eOOjvFplxtOw9MezMJqNyT8hIYgsrp6
kkMhUr91Tzf735rQMXDEIusl51qshwuyNfUpFFyM9v0CTmw/I5lXQvbVXCLLYRFL
ME83uZ/zXziZ/BUJ3d+ASyJqB92bw+vb0S56NJdJB7Wri4TLhgGipph3aMHEYLjh
lApUQWnwNZp+s+D0BPSkGBhwvFvsr5OO++xcYVK3xRRzY5VrqoRiKohjTt62Hizi
FAbfGsUgN5pqaiIih/ezzzKIIQHnrSuWaFovKoUdwNmIeXHdeDoFExG8gvuNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0E9WRcIfVTo5ivs2SkPzmEoOR0swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMz
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMzM5MzkzOTM1MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALZ2SQwDQYJKoZIhvcNAQELBQADggEBADO+4CORoX/I6YHSSb0wGNIOgb7aAyCm
eU4uuCJnQNI/sfqr7GG2Hzxl6zn/WNzlXdENNX1YHLpCWo6ZlUrZp0HpShJBGiJM
uzc20naQx1fg3pBuCJFQOjkmVV7sweWz7ENiQshcCbSoeBFBLN1KpuWJyG/+ox/J
NlCAeqlGqiYPv+CUXIj+Q3aLRvmF+h2ZJqIEsQQKg6TTkdE/WCZh9wK6b1pQ4ll/
9YtTcf75567/dcDGnLYsHv8GIVNj4qJEAfTHFwPIdQnoIMfqdj/MvMt5maI8L8uf
OJaghGH9bgHH4N6c95y64VP5simh5VdY4r/xrW0s1K+567bMnnBJf7s=
-----END CERTIFICATE-----
Generated at Wed May 13 04:26:27 2026 by rpki-client