Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e35322e302f32322d3234203d3e203232373733.roa
File: 3231372e3231372e35322e302f32322d3234203d3e203232373733.roa (raw, json)
Hash identifier: vczQA6cVqWXpRoQebshCROmQjc8MqLeHq57anDXxD/o=
Subject key identifier: F0:22:8F:7D:2F:67:A8:36:B7:6F:1D:8A:78:6B:2C:48:2B:D6:11:18
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6DC3C0334124478F1CCD3AB970D7F7466A974DDB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e35322e302f32322d3234203d3e203232373733.roa
Signing time: Fri 27 Mar 2026 13:50:39 +0000
ROA not before: Fri 27 Mar 2026 13:45:39 +0000
ROA not after: Fri 26 Mar 2027 13:50:39 +0000
asID: 22773
IP address blocks: 217.217.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 Apr 2026 02:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:c3:c0:33:41:24:47:8f:1c:cd:3a:b9:70:d7:f7:46:6a:97:4d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 13:45:39 2026 GMT
Not After : Mar 26 13:50:39 2027 GMT
Subject: CN=F0228F7D2F67A836B76F1D8A786B2C482BD61118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ed:60:f5:d5:3e:8d:69:bd:c1:76:09:37:4b:
61:14:04:48:c9:d9:24:6c:96:14:8c:d2:a2:22:e6:
06:1b:b4:8f:ec:47:7a:da:53:c8:40:48:50:4f:2c:
61:08:2e:8e:6b:7f:21:35:cb:4b:aa:18:cf:b9:bb:
92:d5:c3:c0:41:5f:bc:79:43:94:f5:5c:57:6d:3d:
cf:d7:bb:92:53:47:3a:00:26:bb:8f:f1:be:da:1d:
82:e1:23:c0:96:97:f6:0c:0d:74:63:9c:35:a7:88:
91:2f:31:c5:fe:36:97:8f:94:58:77:af:60:d5:e9:
30:29:2b:c7:4f:d0:34:98:57:78:5c:68:63:96:16:
d3:eb:f3:69:9b:f6:80:11:05:93:f4:99:b7:d4:cf:
76:94:49:da:b9:7b:1f:9d:4a:f1:75:95:19:8d:59:
b9:5f:5f:83:f8:61:be:fe:b1:fd:49:5b:c0:47:9e:
f6:ff:9a:7d:a6:c6:5b:9d:e1:c3:ea:01:22:be:59:
d9:bb:c7:f8:2e:91:c4:e7:1e:41:6a:d4:49:b9:4a:
02:42:ac:bf:c5:33:56:70:90:56:ca:80:2f:60:15:
70:12:1d:b4:64:40:a5:3c:f3:81:55:eb:13:f1:57:
b3:26:be:3b:40:05:f5:a1:d3:9f:48:9e:35:41:c1:
92:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:22:8F:7D:2F:67:A8:36:B7:6F:1D:8A:78:6B:2C:48:2B:D6:11:18
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e35322e302f32322d3234203d3e203232373733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.52.0/22
Signature Algorithm: sha256WithRSAEncryption
45:f7:87:5c:53:06:4e:d3:43:cd:82:0a:19:b7:cd:a2:f6:dc:
d5:04:40:16:fe:cc:0b:df:d3:98:e8:ae:07:0c:bb:b9:22:3b:
a6:4e:20:bd:10:b0:3f:a4:84:fd:1c:34:fe:d3:c9:17:bf:d9:
70:70:42:2e:59:35:ae:0c:cf:e2:34:08:5b:f5:eb:44:ac:bb:
d1:f1:bb:f5:97:4a:c6:6c:35:94:c7:14:80:2c:9b:5f:ce:12:
d4:03:55:77:14:97:4e:84:f4:ec:3f:4a:b8:c9:b3:a0:ad:7b:
e6:ad:9a:1a:91:85:c1:23:4f:9a:d9:b4:32:c0:32:9e:67:87:
99:64:2e:c1:7e:29:b3:a1:1d:13:fb:a3:6b:a7:6e:7b:7c:2e:
20:6e:0c:f4:34:cc:93:77:43:92:d7:b2:00:af:26:68:eb:11:
01:67:86:38:dd:d6:a9:ba:83:c6:a0:f7:0f:92:22:24:d1:b0:
4b:8d:9c:8e:15:08:a2:41:d5:b5:d0:90:7a:3e:4c:59:5c:cf:
86:d7:30:21:57:e5:81:9d:4d:0a:26:9b:34:1f:e8:39:2e:ed:
88:7e:04:85:21:97:48:11:dd:73:cb:a0:fb:27:b9:79:b9:07:
f2:f7:ad:5e:f0:5c:7b:fd:22:36:19:ac:56:95:ac:d4:b9:24:
d4:69:2b:97
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbcPAM0EkR48czTq5cNf3RmqXTdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMjcxMzQ1MzlaFw0yNzAzMjYxMzUwMzlaMDMxMTAvBgNV
BAMTKEYwMjI4RjdEMkY2N0E4MzZCNzZGMUQ4QTc4NkIyQzQ4MkJENjExMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV7WD11T6Nab3Bdgk3S2EUBEjJ
2SRslhSM0qIi5gYbtI/sR3raU8hASFBPLGEILo5rfyE1y0uqGM+5u5LVw8BBX7x5
Q5T1XFdtPc/Xu5JTRzoAJruP8b7aHYLhI8CWl/YMDXRjnDWniJEvMcX+NpePlFh3
r2DV6TApK8dP0DSYV3hcaGOWFtPr82mb9oARBZP0mbfUz3aUSdq5ex+dSvF1lRmN
WblfX4P4Yb7+sf1JW8BHnvb/mn2mxlud4cPqASK+Wdm7x/gukcTnHkFq1Em5SgJC
rL/FM1ZwkFbKgC9gFXASHbRkQKU884FV6xPxV7MmvjtABfWh059InjVBwZIxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU8CKPfS9nqDa3bx2KeGssSCvWERgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTM1
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMyMzczNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
2dk0MA0GCSqGSIb3DQEBCwUAA4IBAQBF94dcUwZO00PNggoZt82i9tzVBEAW/swL
39OY6K4HDLu5IjumTiC9ELA/pIT9HDT+08kXv9lwcEIuWTWuDM/iNAhb9etErLvR
8bv1l0rGbDWUxxSALJtfzhLUA1V3FJdOhPTsP0q4ybOgrXvmrZoakYXBI0+a2bQy
wDKeZ4eZZC7BfimzoR0T+6Nrp257fC4gbgz0NMyTd0OS17IAryZo6xEBZ4Y43dap
uoPGoPcPkiIk0bBLjZyOFQiiQdW10JB6PkxZXM+G1zAhV+WBnU0KJps0H+g5Lu2I
fgSFIZdIEd1zy6D7J7l5uQfy961e8Fx7/SI2GaxWlazUuSTUaSuX
-----END CERTIFICATE-----
Generated at Sun Apr 5 15:21:39 2026 by rpki-client