Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e31362e302f32322d3234203d3e203230313135.roa
File: 3231372e3231372e31362e302f32322d3234203d3e203230313135.roa (raw, json)
Hash identifier: kJcKI8CQhRDjoW8tEPI7QqTIS/yKzkTYBkBOiZN4Kmc=
Subject key identifier: FC:14:47:E1:13:BB:4F:09:F6:E3:85:38:38:D3:49:AC:66:A4:FF:2A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2F4165D19F0A1E550F230C879E0C2F8627A4B8C7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e31362e302f32322d3234203d3e203230313135.roa
Signing time: Wed 24 Jun 2026 18:25:41 +0000
ROA not before: Wed 24 Jun 2026 18:20:41 +0000
ROA not after: Wed 23 Jun 2027 18:25:41 +0000
asID: 20115
IP address blocks: 217.217.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 19:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:41:65:d1:9f:0a:1e:55:0f:23:0c:87:9e:0c:2f:86:27:a4:b8:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 24 18:20:41 2026 GMT
Not After : Jun 23 18:25:41 2027 GMT
Subject: CN=FC1447E113BB4F09F6E3853838D349AC66A4FF2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ab:51:24:c3:87:38:b6:00:54:70:d6:2a:c9:
cf:f7:43:d0:45:a4:57:de:44:88:6d:d4:d4:2e:63:
d2:28:dc:43:d9:b7:d1:91:4f:5a:a2:f6:3e:fd:36:
21:41:ee:78:4c:c8:ed:2f:75:30:0c:13:d9:38:d9:
bd:72:75:10:a7:96:6a:a8:d1:13:91:48:39:12:a9:
da:95:17:53:f0:9c:cf:96:a8:08:dc:33:cb:03:0a:
6b:1a:b1:6c:b1:a5:4b:22:a5:61:0e:68:b2:b7:39:
0d:fd:2f:fc:ae:f8:92:b4:f8:60:7b:4b:18:84:69:
1d:e0:6f:4b:2c:d8:c4:ab:09:d6:9e:58:8b:95:a0:
f4:22:41:90:8b:8b:d0:14:09:e9:b7:3d:7c:05:8d:
f9:f6:99:29:04:f1:d4:bc:bf:8c:b1:7f:66:0d:54:
c3:c4:4c:db:3f:3c:d9:91:0f:ae:d6:fa:42:13:29:
74:2a:e9:51:11:19:db:d5:1d:c2:d3:ac:8f:30:2b:
09:7f:c1:20:e9:2a:e7:25:55:7d:ba:58:35:bc:b1:
72:4e:f7:71:d5:8c:55:0a:ce:dc:b9:63:87:ef:3e:
27:fb:0e:6b:24:3b:ae:e0:eb:bf:d2:3c:ec:95:4c:
69:78:14:a4:24:8c:a6:f8:b9:07:7f:93:3e:c4:c3:
34:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:14:47:E1:13:BB:4F:09:F6:E3:85:38:38:D3:49:AC:66:A4:FF:2A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e31362e302f32322d3234203d3e203230313135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.16.0/22
Signature Algorithm: sha256WithRSAEncryption
40:60:98:d9:61:92:1c:16:ba:02:ba:e6:ff:f4:a2:90:10:06:
aa:03:21:df:36:df:18:2f:a7:af:a4:27:f3:2f:1a:70:d0:e1:
98:9f:23:db:e1:90:df:d1:3c:0e:2e:c8:41:3c:34:0a:77:2a:
10:fa:d8:41:75:d9:9e:5b:77:a8:ad:01:d3:8f:2f:2a:ba:bf:
72:a6:6b:af:c4:a6:98:b5:20:5a:0d:97:05:93:d6:40:cb:5f:
31:3f:7d:5c:e0:55:3e:8b:98:a4:3d:51:ed:8a:47:0f:15:bf:
43:f4:27:b5:dd:42:97:7c:b6:38:53:bb:9e:56:e1:d0:4e:48:
96:57:5c:71:c4:ef:93:c7:ea:3a:55:06:96:d3:da:6c:f4:a4:
84:ba:dd:3f:fd:55:7e:34:2a:9e:a7:a5:fe:13:07:54:a2:3e:
1b:8f:bf:15:eb:fa:63:ec:3d:8d:d2:7d:54:58:7b:2b:e0:99:
de:cb:12:92:de:35:16:a2:03:4f:85:45:af:80:28:13:28:c6:
6b:22:90:f5:f3:35:87:95:0f:86:cc:ee:62:6d:0f:e1:38:77:
9c:a7:77:d1:46:2c:6a:6b:5e:1c:87:4d:d6:60:9a:9b:2c:f0:
66:bb:a1:33:5e:bb:03:3d:c5:31:c6:fe:ca:27:f0:5b:2e:0f:
0d:27:33:e0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL0Fl0Z8KHlUPIwyHngwvhiekuMcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA2MjQxODIwNDFaFw0yNzA2MjMxODI1NDFaMDMxMTAvBgNV
BAMTKEZDMTQ0N0UxMTNCQjRGMDlGNkUzODUzODM4RDM0OUFDNjZBNEZGMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNq1Ekw4c4tgBUcNYqyc/3Q9BF
pFfeRIht1NQuY9Io3EPZt9GRT1qi9j79NiFB7nhMyO0vdTAME9k42b1ydRCnlmqo
0RORSDkSqdqVF1PwnM+WqAjcM8sDCmsasWyxpUsipWEOaLK3OQ39L/yu+JK0+GB7
SxiEaR3gb0ss2MSrCdaeWIuVoPQiQZCLi9AUCem3PXwFjfn2mSkE8dS8v4yxf2YN
VMPETNs/PNmRD67W+kITKXQq6VERGdvVHcLTrI8wKwl/wSDpKuclVX26WDW8sXJO
93HVjFUKzty5Y4fvPif7DmskO67g67/SPOyVTGl4FKQkjKb4uQd/kz7EwzQpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/BRH4RO7Twn244U4ONNJrGak/yowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzEzMTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
2dkQMA0GCSqGSIb3DQEBCwUAA4IBAQBAYJjZYZIcFroCuub/9KKQEAaqAyHfNt8Y
L6evpCfzLxpw0OGYnyPb4ZDf0TwOLshBPDQKdyoQ+thBddmeW3eorQHTjy8qur9y
pmuvxKaYtSBaDZcFk9ZAy18xP31c4FU+i5ikPVHtikcPFb9D9Ce13UKXfLY4U7ue
VuHQTkiWV1xxxO+Tx+o6VQaW09ps9KSEut0//VV+NCqep6X+EwdUoj4bj78V6/pj
7D2N0n1UWHsr4JneyxKS3jUWogNPhUWvgCgTKMZrIpD18zWHlQ+GzO5ibQ/hOHec
p3fRRixqa14ch03WYJqbLPBmu6EzXrsDPcUxxv7KJ/BbLg8NJzPg
-----END CERTIFICATE-----
Generated at Thu Jun 25 05:08:56 2026 by rpki-client