Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3231352e302f32342d3234203d3e20323034373730.roa
File: 3231372e3231362e3231352e302f32342d3234203d3e20323034373730.roa (raw, json)
Hash identifier: Q/xXhH47gpvi6nxxPUZFuzorTEIeA9QDYjrfJwWWdfI=
Subject key identifier: 11:AA:D4:2A:59:F0:53:0D:D1:2E:32:54:BC:6E:0E:53:F3:BD:DF:71
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 41E723AE85BFFBB2D8200E8F3C7639E363C3D60E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3231352e302f32342d3234203d3e20323034373730.roa
Signing time: Tue 23 Jun 2026 11:57:55 +0000
ROA not before: Tue 23 Jun 2026 11:52:55 +0000
ROA not after: Tue 22 Jun 2027 11:57:55 +0000
asID: 204770
IP address blocks: 217.216.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Jun 2026 13:08:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e7:23:ae:85:bf:fb:b2:d8:20:0e:8f:3c:76:39:e3:63:c3:d6:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 23 11:52:55 2026 GMT
Not After : Jun 22 11:57:55 2027 GMT
Subject: CN=11AAD42A59F0530DD12E3254BC6E0E53F3BDDF71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:96:fa:6e:fe:59:4f:a4:b6:42:34:19:e5:a6:
4f:60:18:d0:dc:a3:b8:a6:f6:2d:fa:9f:c8:6b:00:
43:ae:56:17:30:3b:3b:b5:d5:49:df:28:de:ef:a3:
da:3c:81:aa:b3:5c:b2:05:b5:aa:0a:af:0e:e0:26:
59:8b:88:9d:3a:44:ac:e8:a9:e8:75:13:c9:52:a9:
4f:8e:df:8a:75:a9:16:19:92:46:50:fd:fa:9e:81:
5a:72:4f:ca:c7:b0:f6:7a:38:3b:f5:03:07:c6:61:
ff:9e:a5:28:63:5a:62:64:a4:0a:97:57:bc:c7:d6:
b5:a0:76:68:bf:c1:76:1f:ed:52:ec:f8:80:d1:6f:
e6:76:9d:0b:3e:2a:72:81:5b:e0:d6:0f:ad:3a:94:
d0:30:da:bf:92:77:16:a1:f2:36:00:94:8f:58:6d:
37:b1:d3:61:fd:5c:6c:da:39:39:1e:ae:7d:8c:31:
17:b9:da:b7:f8:7a:c7:9b:71:c6:dd:09:dc:72:da:
b4:0f:dc:17:f4:32:dd:05:91:c8:dd:62:97:42:19:
10:35:26:5b:a6:91:38:cf:89:17:07:89:9e:45:cd:
e7:13:7b:86:be:e5:f8:c4:67:cc:2c:ef:88:0c:95:
08:41:ea:19:75:3c:c1:7e:05:b0:89:0b:45:80:ab:
24:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AA:D4:2A:59:F0:53:0D:D1:2E:32:54:BC:6E:0E:53:F3:BD:DF:71
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3231352e302f32342d3234203d3e20323034373730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
12:f6:2f:56:86:53:13:b1:e7:be:5f:aa:7c:f8:7a:45:08:8f:
5e:3a:2b:d9:e6:75:9c:e3:df:93:74:b1:3d:44:e6:1d:cb:4f:
dc:71:8a:a6:4f:22:68:6d:df:95:56:bb:fb:2d:62:dc:00:08:
db:0e:20:0a:40:d1:b2:38:5d:68:2f:12:57:96:c4:39:e9:44:
57:61:62:d1:01:d8:fe:65:0c:a5:fe:f1:66:fd:cb:c2:3d:9c:
21:f5:c0:9b:bf:dc:3d:e4:bf:33:49:b1:e8:7d:fc:9a:ed:d7:
2c:56:72:8e:24:bd:6a:e7:13:c1:98:b9:9a:e1:af:61:39:32:
d4:de:28:2a:07:c8:ad:07:5f:0e:43:e9:37:ef:be:8d:76:5c:
5b:69:bb:8a:d4:71:20:08:5b:d7:b8:53:3c:d4:72:03:ab:a9:
85:98:47:2d:e2:f8:45:c5:9c:5f:cb:85:69:c2:24:97:f1:af:
58:4e:2a:04:2b:ab:19:1a:4e:39:ad:c9:03:19:06:1e:66:3e:
b5:5e:9a:48:e5:ac:ed:a7:39:6f:fd:98:61:74:25:be:04:7f:
89:86:3f:46:f1:e5:1b:d0:85:17:95:92:01:41:4b:ea:04:61:
cb:09:78:57:ed:91:03:cb:9e:58:90:42:fc:54:28:9f:d9:d8:
f8:06:bc:91
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQecjroW/+7LYIA6PPHY542PD1g4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA2MjMxMTUyNTVaFw0yNzA2MjIxMTU3NTVaMDMxMTAvBgNV
BAMTKDExQUFENDJBNTlGMDUzMEREMTJFMzI1NEJDNkUwRTUzRjNCRERGNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCilvpu/llPpLZCNBnlpk9gGNDc
o7im9i36n8hrAEOuVhcwOzu11UnfKN7vo9o8gaqzXLIFtaoKrw7gJlmLiJ06RKzo
qeh1E8lSqU+O34p1qRYZkkZQ/fqegVpyT8rHsPZ6ODv1AwfGYf+epShjWmJkpAqX
V7zH1rWgdmi/wXYf7VLs+IDRb+Z2nQs+KnKBW+DWD606lNAw2r+Sdxah8jYAlI9Y
bTex02H9XGzaOTkern2MMRe52rf4esebccbdCdxy2rQP3Bf0Mt0FkcjdYpdCGRA1
JlumkTjPiRcHiZ5FzecTe4a+5fjEZ8ws74gMlQhB6hl1PMF+BbCJC0WAqyR/AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUEarUKlnwUw3RLjJUvG4OU/O933EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMy
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDM3MzczMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnY1zANBgkqhkiG9w0BAQsFAAOCAQEAEvYvVoZTE7Hnvl+qfPh6RQiPXjor
2eZ1nOPfk3SxPUTmHctP3HGKpk8iaG3flVa7+y1i3AAI2w4gCkDRsjhdaC8SV5bE
OelEV2Fi0QHY/mUMpf7xZv3Lwj2cIfXAm7/cPeS/M0mx6H38mu3XLFZyjiS9aucT
wZi5muGvYTky1N4oKgfIrQdfDkPpN+++jXZcW2m7itRxIAhb17hTPNRyA6uphZhH
LeL4RcWcX8uFacIkl/GvWE4qBCurGRpOOa3JAxkGHmY+tV6aSOWs7ac5b/2YYXQl
vgR/iYY/RvHlG9CFF5WSAUFL6gRhywl4V+2RA8ueWJBC/FQon9nY+Aa8kQ==
-----END CERTIFICATE-----
Generated at Wed Jun 24 00:03:25 2026 by rpki-client