Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3234332e3137372e302f32342d3234203d3e20323033333830.roa
File: 39312e3234332e3137372e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: 1fCxt8Lyx2W+PGcO5CBzabHSAsDRkGBDt+0iIdejIh8=
Subject key identifier: 63:3E:A3:F9:9D:78:8A:13:B5:7A:E4:3F:2D:4A:81:CB:31:80:A3:C3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 76C0F213F023B98E194C485992F13596FB881A3E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3234332e3137372e302f32342d3234203d3e20323033333830.roa
Signing time: Fri 22 May 2026 10:24:27 +0000
ROA not before: Fri 22 May 2026 10:19:27 +0000
ROA not after: Fri 21 May 2027 10:24:27 +0000
asID: 203380
IP address blocks: 91.243.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 May 2026 17:41:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c0:f2:13:f0:23:b9:8e:19:4c:48:59:92:f1:35:96:fb:88:1a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 22 10:19:27 2026 GMT
Not After : May 21 10:24:27 2027 GMT
Subject: CN=633EA3F99D788A13B57AE43F2D4A81CB3180A3C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:95:3a:10:a8:81:f9:ed:40:1d:32:14:a0:ab:
9c:05:1b:85:5b:82:84:aa:dd:18:84:28:b7:c0:cb:
45:2d:3f:8a:f4:1f:3b:cc:60:75:2a:a0:a2:41:4a:
5c:42:4e:f7:c5:e7:97:b5:95:d8:da:f8:0d:35:e1:
7e:69:22:e8:81:7b:2c:e8:b0:a7:92:1f:36:07:21:
3b:0e:9b:3c:6d:ff:89:74:29:43:f7:be:a6:6a:dc:
66:98:26:55:c9:07:65:c5:b3:22:49:92:34:3b:b3:
db:e5:10:09:92:7a:56:b9:08:93:ee:31:83:69:a6:
84:9d:eb:1b:2c:28:c1:6c:2f:9d:16:dd:a8:5a:48:
42:28:bc:38:0e:5a:c1:1f:54:79:dd:d2:ee:fe:bd:
21:22:34:9d:0c:d6:04:f2:29:de:bf:b3:4b:08:4d:
3b:ef:2d:dc:29:11:26:2c:64:84:9c:2d:8f:2f:cd:
05:30:5f:25:6b:8f:75:7a:05:aa:49:f3:b1:8a:82:
d6:06:37:53:d3:42:19:6b:07:74:6d:e9:bb:03:9d:
0e:39:c1:b5:93:1d:73:20:e9:61:6c:bf:ba:da:b3:
14:86:a3:78:90:d1:29:0f:d9:a4:18:41:7c:bc:cc:
4c:70:10:f3:61:3f:5c:a7:99:86:9c:31:3b:fc:69:
ed:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:3E:A3:F9:9D:78:8A:13:B5:7A:E4:3F:2D:4A:81:CB:31:80:A3:C3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39312e3234332e3137372e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.177.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:52:df:53:ed:d1:bd:c0:6d:d0:0d:03:c4:42:0a:5d:e2:73:
1b:17:98:52:06:78:89:2c:fd:03:80:d0:8f:fa:3d:ee:ef:3b:
64:95:42:ac:b5:3a:1d:d8:8c:95:d1:8d:8c:68:55:13:f8:eb:
ca:3e:5a:61:e5:1b:57:69:83:60:47:ce:56:c5:a0:87:a1:0f:
0e:7e:d7:91:7b:ee:24:05:11:c1:f7:fe:9f:d1:64:c2:d5:96:
c2:a7:e8:01:23:11:c2:dc:9d:20:3f:64:58:3e:9c:39:b3:ef:
d3:9b:6f:07:dd:52:89:72:39:2e:63:3a:0a:ae:ab:53:02:b5:
c5:89:34:2a:17:52:90:55:2b:cd:5c:3e:68:17:15:e6:f0:7c:
81:ac:27:db:5e:9a:28:20:6b:b7:b7:cb:e0:9d:e3:1f:ab:1d:
33:53:8c:4c:e4:f9:9a:b9:7e:41:60:89:41:3c:5c:28:ae:6b:
24:57:4b:01:ce:b3:c0:a5:c1:a6:77:74:4e:d5:38:fd:5a:88:
0e:b2:72:3c:77:a5:89:53:f9:31:6b:65:35:63:78:7b:6c:56:
b7:43:f5:8b:51:fe:10:bc:c0:ec:f8:5d:72:9d:42:5a:b0:fe:
49:07:78:8d:42:dd:38:1b:d9:46:8c:6b:b2:06:5a:bc:3d:84:
e8:07:8d:be
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdsDyE/AjuY4ZTEhZkvE1lvuIGj4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA1MjIxMDE5MjdaFw0yNzA1MjExMDI0MjdaMDMxMTAvBgNV
BAMTKDYzM0VBM0Y5OUQ3ODhBMTNCNTdBRTQzRjJENEE4MUNCMzE4MEEzQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDClToQqIH57UAdMhSgq5wFG4Vb
goSq3RiEKLfAy0UtP4r0HzvMYHUqoKJBSlxCTvfF55e1ldja+A014X5pIuiBeyzo
sKeSHzYHITsOmzxt/4l0KUP3vqZq3GaYJlXJB2XFsyJJkjQ7s9vlEAmSela5CJPu
MYNppoSd6xssKMFsL50W3ahaSEIovDgOWsEfVHnd0u7+vSEiNJ0M1gTyKd6/s0sI
TTvvLdwpESYsZIScLY8vzQUwXyVrj3V6BapJ87GKgtYGN1PTQhlrB3Rt6bsDnQ45
wbWTHXMg6WFsv7rasxSGo3iQ0SkP2aQYQXy8zExwEPNhP1ynmYacMTv8ae2HAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYz6j+Z14ihO1euQ/LUqByzGAo8MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzMTJlMzIzNDMzMmUzMTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzMzM4MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABb87EwDQYJKoZIhvcNAQELBQADggEBACxS31Pt0b3AbdANA8RCCl3icxsXmFIG
eIks/QOA0I/6Pe7vO2SVQqy1Oh3YjJXRjYxoVRP468o+WmHlG1dpg2BHzlbFoIeh
Dw5+15F77iQFEcH3/p/RZMLVlsKn6AEjEcLcnSA/ZFg+nDmz79ObbwfdUolyOS5j
Ogquq1MCtcWJNCoXUpBVK81cPmgXFebwfIGsJ9temigga7e3y+Cd4x+rHTNTjEzk
+Zq5fkFgiUE8XCiuayRXSwHOs8ClwaZ3dE7VOP1aiA6ycjx3pYlT+TFrZTVjeHts
VrdD9YtR/hC8wOz4XXKdQlqw/kkHeI1C3Tgb2UaMa7IGWrw9hOgHjb4=
-----END CERTIFICATE-----
Generated at Wed May 27 02:34:36 2026 by rpki-client