Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3235332e3232372e302f32342d3234203d3e20323035363539.roa
File: 352e3235332e3232372e302f32342d3234203d3e20323035363539.roa (raw, json)
Hash identifier: ktSBnapqsZGSWY5Z4y4nCTkPT3sYX4gQuAC3lWatDSU=
Subject key identifier: AB:BC:FA:D6:FE:73:28:4A:47:37:90:2A:F5:3C:AB:B0:01:23:3D:41
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 60D9FAF1D4DAFB4504BE22EAB32564F64AA8FA17
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3235332e3232372e302f32342d3234203d3e20323035363539.roa
Signing time: Wed 04 Mar 2026 13:23:22 +0000
ROA not before: Wed 04 Mar 2026 13:18:22 +0000
ROA not after: Wed 03 Mar 2027 13:23:22 +0000
asID: 205659
IP address blocks: 5.253.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 15:02:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:d9:fa:f1:d4:da:fb:45:04:be:22:ea:b3:25:64:f6:4a:a8:fa:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 4 13:18:22 2026 GMT
Not After : Mar 3 13:23:22 2027 GMT
Subject: CN=ABBCFAD6FE73284A4737902AF53CABB001233D41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:09:e9:29:b6:c8:85:2f:af:58:48:26:82:bf:
5c:0e:0a:34:42:15:35:f3:4f:6a:7f:ce:e0:ab:bd:
92:99:1a:e3:fd:d0:96:9e:8b:fe:f5:25:ad:de:5a:
ee:f5:af:b7:dd:57:e6:60:30:88:34:de:97:d8:1e:
83:3c:0e:be:07:b3:d1:92:16:64:31:cc:ef:c7:ff:
b0:87:fc:1f:2c:77:35:68:58:a8:27:05:f3:00:cc:
09:46:cc:16:53:2f:4f:54:79:eb:26:27:ec:70:a3:
7c:9c:12:84:2b:59:06:04:12:71:dc:ff:0b:5a:58:
08:5c:f4:5d:a4:bf:40:9b:41:95:ee:a2:05:f7:0b:
bf:e5:cb:30:32:08:7b:92:57:ed:70:6b:44:e6:7d:
d3:f9:9c:b0:a5:5c:9d:61:41:73:fe:5c:fb:27:79:
27:a4:b2:a6:7f:ed:4f:45:89:66:c6:8e:2d:ec:c6:
35:8f:28:48:68:1b:7e:06:97:fa:44:99:5e:42:5b:
71:6b:aa:ad:2c:d0:46:7f:ba:ca:62:75:03:f4:3b:
4d:ee:d4:d9:5f:9d:4f:3e:00:26:b8:a1:f6:50:ed:
78:c1:ef:8f:61:b8:86:63:73:4d:6a:80:4d:86:eb:
e9:84:59:c6:a0:87:6c:3d:07:76:8d:81:10:3d:c7:
06:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:BC:FA:D6:FE:73:28:4A:47:37:90:2A:F5:3C:AB:B0:01:23:3D:41
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/352e3235332e3232372e302f32342d3234203d3e20323035363539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.227.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:dc:95:2b:89:29:98:48:82:21:f4:56:5f:74:0d:fa:af:8f:
00:6b:24:95:ac:08:59:1b:5d:bb:04:43:93:94:02:d7:2f:20:
ce:34:e1:c2:18:50:0b:58:93:b9:29:4f:ba:1e:3c:71:f7:45:
60:5d:98:68:09:45:d5:40:ec:c3:c6:61:f1:d6:82:88:64:62:
a2:a1:fc:c4:57:71:30:73:88:0d:91:f2:2b:91:04:49:e9:62:
2f:f1:e3:27:a6:20:ea:ba:92:26:ce:27:52:12:e5:85:c1:1a:
ab:dc:83:75:5f:0d:f6:31:c9:89:e4:b5:9d:96:56:db:6a:80:
76:17:d3:41:6e:c2:64:35:13:49:56:42:20:8e:70:88:77:41:
3b:3f:db:9b:bb:5d:7d:a1:d0:c7:e0:99:85:6e:00:6b:45:e1:
89:f9:49:bb:eb:ee:ec:69:ce:de:4a:6f:44:4b:25:68:b8:9a:
c3:9c:d6:9f:ab:05:06:9d:2f:6c:da:55:27:12:ad:cd:a6:f5:
f8:ca:0c:7b:b6:44:81:a3:d7:62:6e:5a:6d:67:cd:1d:e8:4c:
d7:3e:6c:e7:6c:bd:7b:a7:24:89:b9:bc:8b:bb:2d:de:2b:fa:
b0:dd:f4:04:9d:ac:fb:b2:bb:cb:35:6c:d7:b5:03:8a:92:7d:
16:a1:b6:2e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYNn68dTa+0UEviLqsyVk9kqo+hcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMDQxMzE4MjJaFw0yNzAzMDMxMzIzMjJaMDMxMTAvBgNV
BAMTKEFCQkNGQUQ2RkU3MzI4NEE0NzM3OTAyQUY1M0NBQkIwMDEyMzNENDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaCekptsiFL69YSCaCv1wOCjRC
FTXzT2p/zuCrvZKZGuP90Jaei/71Ja3eWu71r7fdV+ZgMIg03pfYHoM8Dr4Hs9GS
FmQxzO/H/7CH/B8sdzVoWKgnBfMAzAlGzBZTL09UeesmJ+xwo3ycEoQrWQYEEnHc
/wtaWAhc9F2kv0CbQZXuogX3C7/lyzAyCHuSV+1wa0TmfdP5nLClXJ1hQXP+XPsn
eSeksqZ/7U9FiWbGji3sxjWPKEhoG34Gl/pEmV5CW3Frqq0s0EZ/uspidQP0O03u
1NlfnU8+ACa4ofZQ7XjB749huIZjc01qgE2G6+mEWcagh2w9B3aNgRA9xwadAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUq7z61v5zKEpHN5Aq9TyrsAEjPUEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzUyZTMyMzUzMzJlMzIzMjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM1MzYzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Bf3jMA0GCSqGSIb3DQEBCwUAA4IBAQBq3JUriSmYSIIh9FZfdA36r48AaySVrAhZ
G127BEOTlALXLyDONOHCGFALWJO5KU+6Hjxx90VgXZhoCUXVQOzDxmHx1oKIZGKi
ofzEV3Ewc4gNkfIrkQRJ6WIv8eMnpiDqupImzidSEuWFwRqr3IN1Xw32McmJ5LWd
llbbaoB2F9NBbsJkNRNJVkIgjnCId0E7P9ubu119odDH4JmFbgBrReGJ+Um76+7s
ac7eSm9ESyVouJrDnNafqwUGnS9s2lUnEq3NpvX4ygx7tkSBo9diblptZ80d6EzX
PmznbL17pySJubyLuy3eK/qw3fQEnaz7srvLNWzXtQOKkn0WobYu
-----END CERTIFICATE-----
Generated at Wed Mar 11 04:24:19 2026 by rpki-client