Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132322e302f32342d3234203d3e20323132323338.roa
File: 38312e31372e3132322e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: t9CklLjG/jrNFY5yU4C6l8pxD8INLPhKEdt/DjA55ls=
Subject key identifier: D4:DB:0F:35:A9:7F:B5:F2:8C:B5:F2:AE:8B:DA:35:A4:66:CA:31:B9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A45A3BA54E1507D8C91731B8C6CE004DE37BB09
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132322e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 01 Jun 2026 22:24:47 +0000
ROA not before: Mon 01 Jun 2026 22:19:47 +0000
ROA not after: Mon 31 May 2027 22:24:47 +0000
asID: 212238
IP address blocks: 81.17.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:45:a3:ba:54:e1:50:7d:8c:91:73:1b:8c:6c:e0:04:de:37:bb:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 1 22:19:47 2026 GMT
Not After : May 31 22:24:47 2027 GMT
Subject: CN=D4DB0F35A97FB5F28CB5F2AE8BDA35A466CA31B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c2:1b:6b:0e:dc:59:7f:e5:70:ce:da:14:eb:
2a:bd:3a:62:93:aa:39:73:48:ef:be:63:43:76:e1:
78:9c:47:01:0d:fc:3e:62:ca:0a:37:c8:30:51:44:
19:32:21:82:fe:e9:93:72:22:90:9f:fb:0a:cb:1b:
f0:f1:66:3a:79:84:75:a4:ca:75:81:8f:56:53:7f:
94:a8:3c:d4:33:20:3d:9d:68:f8:e3:6c:f7:c0:ca:
3f:27:13:e5:c5:72:38:c1:b7:67:0b:13:11:30:25:
12:c0:3e:b2:f7:d4:91:bf:a8:75:45:95:8f:cb:37:
e9:01:2a:ac:5b:04:27:1e:08:11:7a:43:06:a4:51:
5e:d3:31:0a:71:9c:bd:b5:e6:a0:c8:ca:44:7f:a6:
e9:c8:eb:63:ba:ae:52:a8:30:6b:72:f9:20:63:31:
67:97:ea:32:ef:79:58:04:93:fc:bf:e2:22:ad:82:
7c:90:5d:2e:a4:a2:20:57:f6:b6:b4:4e:fa:66:b2:
6f:5b:e2:80:96:dc:d3:35:89:e6:20:ef:3b:83:66:
6f:b7:a3:82:c3:b5:0d:bb:d6:7a:16:dd:16:06:2f:
ac:60:39:f5:69:a6:8c:f0:29:8f:7c:d5:5c:e5:6c:
15:9a:7d:da:c1:93:65:5a:e1:62:fe:c6:09:2b:7f:
15:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DB:0F:35:A9:7F:B5:F2:8C:B5:F2:AE:8B:DA:35:A4:66:CA:31:B9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e31372e3132322e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.17.122.0/24
Signature Algorithm: sha256WithRSAEncryption
00:74:8a:f8:7a:7c:f8:4a:8a:63:60:cf:f7:c0:0f:d2:31:8b:
1c:1e:e5:c3:42:23:9e:49:3f:9f:9b:45:fc:f9:76:2e:d9:28:
c3:65:bf:c3:74:26:7d:3d:d7:92:bf:79:1d:30:d9:09:4c:d1:
db:cb:88:56:d7:7f:8f:12:ec:e6:dd:7f:b0:85:4a:21:29:ab:
9a:99:26:fd:8e:2b:a3:cf:16:83:2c:79:c0:4d:30:00:68:c0:
d4:6d:79:ae:c3:38:9f:a9:89:71:ca:ed:1f:2a:7f:d1:e2:d5:
7c:11:a1:7a:92:e1:1e:f8:33:6e:1d:cf:23:8e:8a:94:7b:48:
1b:51:b4:78:c0:1e:05:af:e6:a5:bf:a2:32:62:76:64:04:2c:
3a:de:25:7f:91:f3:e9:b9:3c:f0:83:39:bc:4b:9d:5a:a1:10:
f8:05:3e:20:b8:57:34:19:ae:6d:ca:4c:15:02:69:81:91:dd:
f2:67:53:d7:10:d0:d0:7e:01:8e:b8:a6:bd:bd:3a:37:7b:53:
df:db:69:f0:44:b2:4c:2c:76:b2:b3:5e:3c:a5:3c:13:dd:28:
8d:26:df:65:51:15:d9:18:89:3d:50:fb:0d:10:66:7d:cc:c7:
90:29:93:bd:43:11:7e:59:a4:2e:89:6f:e5:4d:4b:23:d9:ea:
43:8e:43:89
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCkWjulThUH2MkXMbjGzgBN43uwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA2MDEyMjE5NDdaFw0yNzA1MzEyMjI0NDdaMDMxMTAvBgNV
BAMTKEQ0REIwRjM1QTk3RkI1RjI4Q0I1RjJBRThCREEzNUE0NjZDQTMxQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTwhtrDtxZf+VwztoU6yq9OmKT
qjlzSO++Y0N24XicRwEN/D5iygo3yDBRRBkyIYL+6ZNyIpCf+wrLG/DxZjp5hHWk
ynWBj1ZTf5SoPNQzID2daPjjbPfAyj8nE+XFcjjBt2cLExEwJRLAPrL31JG/qHVF
lY/LN+kBKqxbBCceCBF6QwakUV7TMQpxnL215qDIykR/punI62O6rlKoMGty+SBj
MWeX6jLveVgEk/y/4iKtgnyQXS6koiBX9ra0Tvpmsm9b4oCW3NM1ieYg7zuDZm+3
o4LDtQ271noW3RYGL6xgOfVppozwKY981VzlbBWafdrBk2Va4WL+xgkrfxWvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1NsPNal/tfKMtfKui9o1pGbKMbkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMTJlMzEzNzJlMzEzMjMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
URF6MA0GCSqGSIb3DQEBCwUAA4IBAQAAdIr4enz4SopjYM/3wA/SMYscHuXDQiOe
ST+fm0X8+XYu2SjDZb/DdCZ9PdeSv3kdMNkJTNHby4hW13+PEuzm3X+whUohKaua
mSb9jiujzxaDLHnATTAAaMDUbXmuwzifqYlxyu0fKn/R4tV8EaF6kuEe+DNuHc8j
joqUe0gbUbR4wB4Fr+alv6IyYnZkBCw63iV/kfPpuTzwgzm8S51aoRD4BT4guFc0
Ga5tykwVAmmBkd3yZ1PXENDQfgGOuKa9vTo3e1Pf22nwRLJMLHays148pTwT3SiN
Jt9lURXZGIk9UPsNEGZ9zMeQKZO9QxF+WaQuiW/lTUsj2epDjkOJ
-----END CERTIFICATE-----
Generated at Thu Jun 4 05:19:39 2026 by rpki-client