Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32302e302f32322d3234203d3e203230313135.roa
File: 3231372e3231372e32302e302f32322d3234203d3e203230313135.roa (raw, json)
Hash identifier: V/IhOz99U2hMzVVAqnO20eUqYUkiwpQdb499S1aWFNE=
Subject key identifier: 4C:8E:A1:72:9C:67:98:3C:CF:D7:F7:7A:CC:CA:CB:F8:63:F3:71:EF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3BDA230CD1D0715773393F5100C76CAB939CE54F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32302e302f32322d3234203d3e203230313135.roa
Signing time: Wed 24 Jun 2026 18:25:42 +0000
ROA not before: Wed 24 Jun 2026 18:20:42 +0000
ROA not after: Wed 23 Jun 2027 18:25:42 +0000
asID: 20115
IP address blocks: 217.217.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 19:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:da:23:0c:d1:d0:71:57:73:39:3f:51:00:c7:6c:ab:93:9c:e5:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 24 18:20:42 2026 GMT
Not After : Jun 23 18:25:42 2027 GMT
Subject: CN=4C8EA1729C67983CCFD7F77ACCCACBF863F371EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:63:a2:39:03:b9:ee:45:f7:d1:da:61:52:15:
c8:7e:70:43:93:5b:f4:f8:e2:09:9d:56:82:cb:b6:
51:11:81:1f:6d:82:ff:b3:12:6d:02:ac:2f:42:5d:
54:ec:98:3e:f3:39:0f:9b:7d:e3:19:f4:55:62:7f:
a5:25:06:ff:28:46:99:36:2a:af:02:32:48:53:56:
4d:e2:97:4b:b6:e2:92:3a:62:b6:b4:82:47:37:dc:
5d:1c:92:5e:4e:35:96:24:41:24:66:b9:3b:b8:66:
bc:9c:bd:23:e3:c7:d4:94:30:6d:f0:31:72:ed:0b:
a9:f2:79:17:07:43:6a:30:62:aa:86:69:25:37:d0:
35:de:ed:31:a6:39:7a:52:22:59:c8:26:86:4c:d3:
42:c7:5f:5b:0f:5b:84:0a:02:fc:7a:94:d7:f8:36:
12:35:27:aa:6f:1b:44:3e:9d:ad:01:b5:a1:5c:e1:
40:f0:8e:f1:80:34:7f:10:da:59:26:43:aa:f7:de:
0d:c1:e5:70:42:aa:86:41:51:31:32:b1:8e:f7:1f:
02:83:71:f1:2a:3d:fb:7b:6b:17:ad:94:1a:89:8e:
4b:b2:d4:0f:23:8c:fa:fd:47:89:9c:e5:9f:d9:fd:
e0:47:13:b3:14:1c:6d:ef:73:66:2a:33:6f:3d:a0:
90:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8E:A1:72:9C:67:98:3C:CF:D7:F7:7A:CC:CA:CB:F8:63:F3:71:EF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32302e302f32322d3234203d3e203230313135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.20.0/22
Signature Algorithm: sha256WithRSAEncryption
18:dd:24:e5:f8:cd:30:09:4e:59:e4:b4:9f:85:78:5c:f5:a0:
bf:c9:cc:e7:ac:72:ca:c6:67:55:ad:b4:f6:6e:33:7b:70:5f:
7a:eb:48:4a:be:27:91:ca:e1:05:29:90:58:1d:4f:61:ed:ff:
83:72:4a:a0:b0:27:cf:2f:38:55:56:84:fc:9c:de:cb:fb:3f:
da:b5:92:fd:b8:fd:01:63:00:a4:b3:66:e8:09:0f:b2:21:e0:
51:aa:6e:9b:df:e6:ff:52:ac:8b:3c:de:07:37:20:a4:c3:63:
be:d9:b8:fa:48:d8:6c:25:ef:a4:ee:81:d5:5a:99:4d:a4:93:
67:12:d3:44:ae:ab:96:d5:4d:2d:e7:8d:90:fa:ff:75:45:27:
9e:da:f3:01:ba:e7:9a:33:ac:12:9f:26:55:a5:18:c9:c5:06:
a7:7d:75:f3:51:88:a2:93:f9:90:da:49:3a:b4:1a:73:32:9a:
fa:b5:eb:51:68:66:e4:59:9f:3e:84:8a:01:6f:03:ab:22:df:
41:94:01:05:3a:d2:20:f0:2b:32:e2:05:7e:7c:1d:82:1d:80:
f8:d8:41:71:f8:99:11:b0:fb:55:0e:2e:42:a9:de:82:63:7e:
1f:ac:67:af:e3:10:29:6f:7a:d8:72:52:40:81:f6:28:65:86:
a4:30:d0:9b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUO9ojDNHQcVdzOT9RAMdsq5Oc5U8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA2MjQxODIwNDJaFw0yNzA2MjMxODI1NDJaMDMxMTAvBgNV
BAMTKDRDOEVBMTcyOUM2Nzk4M0NDRkQ3Rjc3QUNDQ0FDQkY4NjNGMzcxRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Y6I5A7nuRffR2mFSFch+cEOT
W/T44gmdVoLLtlERgR9tgv+zEm0CrC9CXVTsmD7zOQ+bfeMZ9FVif6UlBv8oRpk2
Kq8CMkhTVk3il0u24pI6Yra0gkc33F0ckl5ONZYkQSRmuTu4ZrycvSPjx9SUMG3w
MXLtC6nyeRcHQ2owYqqGaSU30DXe7TGmOXpSIlnIJoZM00LHX1sPW4QKAvx6lNf4
NhI1J6pvG0Q+na0BtaFc4UDwjvGANH8Q2lkmQ6r33g3B5XBCqoZBUTEysY73HwKD
cfEqPft7axetlBqJjkuy1A8jjPr9R4mc5Z/Z/eBHE7MUHG3vc2YqM289oJD/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTI6hcpxnmDzP1/d6zMrL+GPzce8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzEzMTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
2dkUMA0GCSqGSIb3DQEBCwUAA4IBAQAY3STl+M0wCU5Z5LSfhXhc9aC/ycznrHLK
xmdVrbT2bjN7cF9660hKvieRyuEFKZBYHU9h7f+DckqgsCfPLzhVVoT8nN7L+z/a
tZL9uP0BYwCks2boCQ+yIeBRqm6b3+b/UqyLPN4HNyCkw2O+2bj6SNhsJe+k7oHV
WplNpJNnEtNErquW1U0t542Q+v91RSee2vMBuueaM6wSnyZVpRjJxQanfXXzUYii
k/mQ2kk6tBpzMpr6tetRaGbkWZ8+hIoBbwOrIt9BlAEFOtIg8Csy4gV+fB2CHYD4
2EFx+JkRsPtVDi5Cqd6CY34frGev4xApb3rYclJAgfYoZYakMNCb
-----END CERTIFICATE-----
Generated at Thu Jun 25 05:08:44 2026 by rpki-client