Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e34302e302f32322d3234203d3e20323132393830.roa
File: 3231372e3231372e34302e302f32322d3234203d3e20323132393830.roa (raw, json)
Hash identifier: 1zOLd1MyUbEMzfiwmt5DhLlqSmd8avdLxNf7jwMNQZo=
Subject key identifier: F6:EE:F0:82:A1:27:51:3B:E6:48:48:6C:11:60:4B:4F:B6:19:9B:72
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 378007DCACC591B05D02693502D9D344DBB76FD8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e34302e302f32322d3234203d3e20323132393830.roa
Signing time: Tue 05 May 2026 09:45:11 +0000
ROA not before: Tue 05 May 2026 09:40:11 +0000
ROA not after: Tue 04 May 2027 09:45:11 +0000
asID: 212980
IP address blocks: 217.217.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 12:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:80:07:dc:ac:c5:91:b0:5d:02:69:35:02:d9:d3:44:db:b7:6f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 5 09:40:11 2026 GMT
Not After : May 4 09:45:11 2027 GMT
Subject: CN=F6EEF082A127513BE648486C11604B4FB6199B72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:6e:a6:8c:be:8f:95:1b:e6:c3:e4:d0:7a:0b:
d0:25:b3:c3:5f:92:55:a2:47:25:74:5e:df:ca:46:
ca:5e:5a:c3:68:d9:e7:01:82:6f:1f:30:63:bf:9a:
91:ab:35:99:ba:6c:89:e1:1d:df:62:17:65:28:69:
23:a2:b0:6e:10:d5:3e:dd:21:df:52:70:30:fb:f4:
28:88:67:27:a3:a9:bd:64:1f:5b:c3:53:62:e4:ba:
f0:76:13:a0:7e:49:a6:20:de:5c:ca:12:22:74:20:
5f:c6:8a:25:87:ff:79:e6:89:60:70:4f:07:74:ad:
54:84:06:49:66:ed:79:79:0d:61:b9:59:95:00:cf:
e2:ba:b1:fe:92:05:31:4e:f2:81:d2:6b:5a:6a:bc:
e7:b6:2a:2b:b0:5d:62:2f:be:08:eb:a6:93:f8:b5:
a9:73:9a:6b:84:05:61:45:60:ef:c6:ee:da:a1:7a:
ee:96:78:dc:67:76:74:c2:de:b0:40:0f:e8:d1:f0:
b8:11:22:e0:22:82:63:17:bb:17:fd:27:49:39:9b:
77:40:fd:16:6a:94:89:2f:bd:33:60:22:7c:00:ca:
38:12:2a:00:9d:03:4d:c2:5b:c1:b2:40:60:49:70:
cd:63:3c:5c:02:28:f1:ff:20:8d:17:ea:ff:e7:11:
f0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:EE:F0:82:A1:27:51:3B:E6:48:48:6C:11:60:4B:4F:B6:19:9B:72
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e34302e302f32322d3234203d3e20323132393830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:08:bd:9e:ed:6e:d5:d2:bd:95:d8:e6:08:de:d1:be:81:1e:
d5:80:f3:35:8b:0a:56:fe:69:65:fb:66:33:fd:60:14:3a:68:
48:dd:de:16:91:3d:3b:ff:58:e9:44:9a:32:f7:77:64:cc:bc:
3f:b1:6f:9a:da:89:a8:a0:a1:8e:48:00:9e:98:a9:6e:08:1c:
10:e5:d1:54:83:f9:b3:1d:69:7a:be:74:53:1f:26:1f:90:09:
8b:ba:7e:91:7d:fc:96:db:88:ce:d4:4d:ff:47:ac:77:f4:88:
42:dc:c5:69:a2:bd:3b:2a:af:08:6d:0d:3c:29:9a:3d:b2:37:
be:91:fe:80:93:39:83:a3:19:4c:c8:0a:16:fd:55:e8:0f:8e:
5e:d2:cc:fb:e8:b4:dd:84:23:cf:39:6c:42:b0:ce:e1:00:ac:
d6:69:c5:dd:98:c1:1b:e6:40:4a:40:67:19:1b:78:e4:ac:46:
26:32:a1:8d:78:80:8a:e7:16:98:77:d4:1c:7e:3a:23:2c:3d:
60:ab:83:44:7c:30:22:93:3b:d8:87:fb:9b:c3:c6:33:e9:59:
5a:c5:a5:8a:89:c9:c5:1d:9f:e1:03:d3:15:df:d5:64:76:4b:
de:62:9f:21:ad:fd:71:97:20:11:dd:d7:b3:85:1e:0c:6c:41:
40:08:b3:00
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUN4AH3KzFkbBdAmk1AtnTRNu3b9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MDUwOTQwMTFaFw0yNzA1MDQwOTQ1MTFaMDMxMTAvBgNV
BAMTKEY2RUVGMDgyQTEyNzUxM0JFNjQ4NDg2QzExNjA0QjRGQjYxOTlCNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqbqaMvo+VG+bD5NB6C9Als8Nf
klWiRyV0Xt/KRspeWsNo2ecBgm8fMGO/mpGrNZm6bInhHd9iF2UoaSOisG4Q1T7d
Id9ScDD79CiIZyejqb1kH1vDU2LkuvB2E6B+SaYg3lzKEiJ0IF/GiiWH/3nmiWBw
Twd0rVSEBklm7Xl5DWG5WZUAz+K6sf6SBTFO8oHSa1pqvOe2KiuwXWIvvgjrppP4
talzmmuEBWFFYO/G7tqheu6WeNxndnTC3rBAD+jR8LgRIuAigmMXuxf9J0k5m3dA
/RZqlIkvvTNgInwAyjgSKgCdA03CW8GyQGBJcM1jPFwCKPH/II0X6v/nEfDXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9u7wgqEnUTvmSEhsEWBLT7YZm3IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTM0
MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMxMzIzOTM4MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALZ2SgwDQYJKoZIhvcNAQELBQADggEBABwIvZ7tbtXSvZXY5gje0b6BHtWA8zWL
Clb+aWX7ZjP9YBQ6aEjd3haRPTv/WOlEmjL3d2TMvD+xb5raiaigoY5IAJ6YqW4I
HBDl0VSD+bMdaXq+dFMfJh+QCYu6fpF9/JbbiM7UTf9HrHf0iELcxWmivTsqrwht
DTwpmj2yN76R/oCTOYOjGUzIChb9VegPjl7SzPvotN2EI885bEKwzuEArNZpxd2Y
wRvmQEpAZxkbeOSsRiYyoY14gIrnFph31Bx+OiMsPWCrg0R8MCKTO9iH+5vDxjPp
WVrFpYqJycUdn+ED0xXf1WR2S95inyGt/XGXIBHd17OFHgxsQUAIswA=
-----END CERTIFICATE-----
Generated at Wed May 13 04:47:02 2026 by rpki-client