Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139352e302f32342d3234203d3e20323134343332.roa
File: 3231372e3231362e3139352e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: UyAR2W7v7av+JwYzHl4SD9Ow9C9Q7hAwxLQcqMqzKaw=
Subject key identifier: 2B:4A:E3:2C:8B:E8:F5:AC:DA:18:A2:64:E3:43:12:6B:C2:BF:10:00
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6284BC3EEF3BE5131AC0731866C2076A49AFEEE2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139352e302f32342d3234203d3e20323134343332.roa
Signing time: Tue 26 May 2026 08:33:37 +0000
ROA not before: Tue 26 May 2026 08:28:37 +0000
ROA not after: Tue 25 May 2027 08:33:37 +0000
asID: 214432
IP address blocks: 217.216.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:84:bc:3e:ef:3b:e5:13:1a:c0:73:18:66:c2:07:6a:49:af:ee:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 26 08:28:37 2026 GMT
Not After : May 25 08:33:37 2027 GMT
Subject: CN=2B4AE32C8BE8F5ACDA18A264E343126BC2BF1000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c7:48:8d:94:86:0b:0a:83:76:31:54:d7:5a:
33:d3:e6:73:3a:69:59:02:a6:d8:ff:a0:c8:37:4a:
25:74:eb:95:4f:37:63:23:84:71:1c:48:4e:0c:8c:
84:c8:9a:bc:39:37:4e:f1:41:a7:69:9f:a0:67:4e:
d6:24:45:4c:a4:64:2e:2e:e2:a5:13:e1:83:13:d4:
f5:74:2d:f4:65:2f:af:e7:a2:de:a5:99:b2:a5:a9:
ad:9f:57:ab:5c:77:29:2a:c1:5c:57:c5:33:df:89:
7c:da:c1:d1:31:c6:11:34:f0:86:36:67:e5:4e:88:
80:aa:77:db:df:e0:8c:10:16:92:d8:02:a3:ab:b0:
60:c3:99:1f:06:72:f8:4e:12:1f:db:81:45:9b:0e:
ec:1f:ba:5f:3f:ae:7d:03:1b:a4:c9:95:00:f7:b2:
ea:de:a4:42:a0:b5:31:72:02:a7:a5:fc:ff:92:be:
2a:31:16:ec:10:30:1a:0a:3b:c7:e9:b0:a7:4d:70:
62:cb:6a:91:9c:7a:ed:47:76:d6:27:07:85:0e:e9:
2d:02:5c:3b:5e:7f:92:dc:eb:5c:f7:59:d5:20:af:
ba:03:49:b6:0c:cf:49:44:67:99:7f:78:2f:a3:1a:
14:dc:59:d0:89:8e:58:60:9e:a0:67:ac:a2:e4:87:
e3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4A:E3:2C:8B:E8:F5:AC:DA:18:A2:64:E3:43:12:6B:C2:BF:10:00
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139352e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.195.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:9b:90:28:c1:b0:dd:4e:68:20:a1:04:d6:2b:91:2c:14:4b:
de:c4:06:ac:79:21:b1:c0:dc:ef:e4:0a:a4:b9:9f:7e:11:2d:
fe:86:d5:2d:8f:17:50:92:bc:9b:d7:ff:84:45:41:42:3a:47:
54:93:31:23:d6:e2:6f:13:aa:47:f8:d7:fe:ef:c3:42:fa:82:
a4:73:1c:aa:5b:33:c8:f9:45:5d:ed:51:cc:23:c6:43:44:f1:
f4:c9:30:7f:29:fe:e3:9f:cc:bd:f8:80:78:da:e9:74:9d:66:
15:f6:d4:67:5e:b8:b2:48:30:6a:6c:bc:7e:18:15:8c:6d:a2:
ca:07:3f:2b:b3:85:96:ba:af:64:e9:71:78:f2:29:de:45:cc:
90:42:39:aa:af:b9:ab:f1:4b:51:42:48:80:3d:50:17:92:f0:
d9:14:60:6d:49:43:5b:70:ca:ea:6b:d4:cd:01:43:4f:b0:05:
9b:9a:9c:c3:3d:c9:f2:87:4a:db:32:aa:f7:81:1f:aa:aa:a9:
71:7e:1f:7b:30:37:f8:72:ec:6b:fb:0a:8c:4b:8b:b5:0f:b9:
bb:20:e4:16:e3:1e:80:83:5b:3f:e1:66:f6:6d:6f:fd:65:46:
65:4f:39:d6:fa:0b:1d:0b:ac:a2:b6:16:1a:92:db:66:80:d6:
11:1e:d8:04
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYoS8Pu875RMawHMYZsIHakmv7uIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjYwODI4MzdaFw0yNzA1MjUwODMzMzdaMDMxMTAvBgNV
BAMTKDJCNEFFMzJDOEJFOEY1QUNEQTE4QTI2NEUzNDMxMjZCQzJCRjEwMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+x0iNlIYLCoN2MVTXWjPT5nM6
aVkCptj/oMg3SiV065VPN2MjhHEcSE4MjITImrw5N07xQadpn6BnTtYkRUykZC4u
4qUT4YMT1PV0LfRlL6/not6lmbKlqa2fV6tcdykqwVxXxTPfiXzawdExxhE08IY2
Z+VOiICqd9vf4IwQFpLYAqOrsGDDmR8GcvhOEh/bgUWbDuwful8/rn0DG6TJlQD3
surepEKgtTFyAqel/P+SvioxFuwQMBoKO8fpsKdNcGLLapGceu1HdtYnB4UO6S0C
XDtef5Lc61z3WdUgr7oDSbYMz0lEZ5l/eC+jGhTcWdCJjlhgnqBnrKLkh+MhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUK0rjLIvo9azaGKJk40MSa8K/EAAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzkzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM0MzMzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYwzANBgkqhkiG9w0BAQsFAAOCAQEAf5uQKMGw3U5oIKEE1iuRLBRL3sQG
rHkhscDc7+QKpLmffhEt/obVLY8XUJK8m9f/hEVBQjpHVJMxI9bibxOqR/jX/u/D
QvqCpHMcqlszyPlFXe1RzCPGQ0Tx9Mkwfyn+45/MvfiAeNrpdJ1mFfbUZ164skgw
amy8fhgVjG2iygc/K7OFlrqvZOlxePIp3kXMkEI5qq+5q/FLUUJIgD1QF5Lw2RRg
bUlDW3DK6mvUzQFDT7AFm5qcwz3J8odK2zKq94EfqqqpcX4fezA3+HLsa/sKjEuL
tQ+5uyDkFuMegINbP+Fm9m1v/WVGZU851voLHQusorYWGpLbZoDWER7YBA==
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:16:56 2026 by rpki-client