Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/3231372e3131342e3230382e302f32302d3234203d3e203331313033.roa
File: 3231372e3131342e3230382e302f32302d3234203d3e203331313033.roa (raw, json)
Hash identifier: fB+lTapaDCd316Pm1QSRTZR22RzB9G7gqgM7bMcaZtU=
Subject key identifier: 9B:DF:4F:5E:27:25:69:D3:F3:21:3D:BD:61:80:7B:EA:A8:21:14:66
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 155BD444EFBCD37235B79CDB888167A16EC021A0
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/3231372e3131342e3230382e302f32302d3234203d3e203331313033.roa
Signing time: Fri 03 Apr 2026 14:46:59 +0000
ROA not before: Fri 03 Apr 2026 14:41:59 +0000
ROA not after: Fri 02 Apr 2027 14:46:59 +0000
asID: 31103
IP address blocks: 217.114.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:5b:d4:44:ef:bc:d3:72:35:b7:9c:db:88:81:67:a1:6e:c0:21:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Apr 3 14:41:59 2026 GMT
Not After : Apr 2 14:46:59 2027 GMT
Subject: CN=9BDF4F5E272569D3F3213DBD61807BEAA8211466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a8:31:cd:84:e1:f2:c7:e0:b0:ff:6a:77:ac:
4e:df:4d:c2:ff:40:a7:a8:ec:ba:1f:9e:58:ee:4a:
d4:91:21:f7:a0:cc:ec:da:23:56:eb:65:59:d8:04:
29:67:e8:ae:11:c6:4e:17:7b:bc:44:6c:17:93:76:
5b:f4:16:1d:1d:25:ea:4c:21:81:5b:61:49:9d:25:
5b:3e:15:31:71:d6:d7:37:f7:4a:d1:7a:6b:28:12:
e4:e0:91:61:eb:93:d8:82:b5:17:5b:3e:ce:b2:9f:
b7:5c:46:b6:d0:7e:ec:d2:f7:1d:fb:c6:0f:c3:0a:
a6:2b:77:a1:f5:6b:ca:1a:a0:df:b6:32:98:b9:ed:
97:36:b5:b4:fb:47:b2:22:54:29:29:d9:83:f2:ed:
fb:64:3c:7f:d4:cf:23:67:3e:b0:a8:ed:ca:08:e2:
52:47:a1:23:a7:06:46:bc:12:3b:aa:2b:ee:9d:bd:
15:03:09:ac:a0:fb:9b:34:0d:fa:0f:81:be:c6:ca:
78:25:dd:21:1b:f3:19:f5:56:e4:e9:95:49:71:43:
38:71:28:a1:ec:74:b4:34:c3:41:b3:73:20:0f:0e:
12:51:a0:0f:d5:22:04:d0:45:14:2b:99:d6:17:17:
f8:cf:f0:cf:a1:92:4c:e8:e4:46:ff:88:3a:5a:6c:
b0:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:DF:4F:5E:27:25:69:D3:F3:21:3D:BD:61:80:7B:EA:A8:21:14:66
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/3231372e3131342e3230382e302f32302d3234203d3e203331313033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.114.208.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:23:76:e0:9d:db:6f:66:9e:05:d8:e8:76:14:f4:58:aa:a6:
22:3c:c2:de:a5:82:a0:30:3a:0a:80:9c:34:40:e3:25:f4:aa:
57:4a:9a:25:ea:91:d6:31:1c:06:a2:f3:c2:1a:58:67:be:f5:
95:03:50:be:6f:32:2c:0a:2b:eb:9b:8c:4e:40:75:b2:71:c9:
92:b5:96:42:88:78:92:b1:37:61:25:35:75:ad:f5:e9:15:5d:
75:6a:68:65:25:5e:b2:2d:1c:d8:6f:8b:e1:38:a1:94:21:74:
69:f0:5d:59:96:d1:11:26:36:fc:cb:cc:17:c5:0e:7c:39:58:
b1:ba:bf:92:fc:7b:dc:47:7a:35:e5:a3:1d:a3:c1:d0:e6:35:
b2:96:79:87:d1:17:22:e4:6a:5b:e4:23:de:f4:fc:78:e5:29:
86:dc:2e:b2:c4:29:86:bc:d0:7e:cd:18:09:ab:c0:cb:d7:bc:
3a:2e:56:7c:c7:09:20:45:28:8a:90:65:f6:29:5f:11:ea:67:
b7:d5:e1:af:1f:1f:4a:c8:f3:58:22:8a:76:3a:c5:94:8c:db:
a6:6d:b4:77:35:52:87:52:6a:71:84:12:cb:ca:e5:5d:d1:3b:
c4:06:6b:ee:6a:09:7c:f4:f2:06:90:10:bf:88:c0:b6:cf:88:
51:d6:5a:da
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFVvURO+803I1t5zbiIFnoW7AIaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNjA0MDMxNDQxNTlaFw0yNzA0MDIxNDQ2NTlaMDMxMTAvBgNV
BAMTKDlCREY0RjVFMjcyNTY5RDNGMzIxM0RCRDYxODA3QkVBQTgyMTE0NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPqDHNhOHyx+Cw/2p3rE7fTcL/
QKeo7LofnljuStSRIfegzOzaI1brZVnYBCln6K4Rxk4Xe7xEbBeTdlv0Fh0dJepM
IYFbYUmdJVs+FTFx1tc390rRemsoEuTgkWHrk9iCtRdbPs6yn7dcRrbQfuzS9x37
xg/DCqYrd6H1a8oaoN+2Mpi57Zc2tbT7R7IiVCkp2YPy7ftkPH/UzyNnPrCo7coI
4lJHoSOnBka8EjuqK+6dvRUDCayg+5s0DfoPgb7Gyngl3SEb8xn1VuTplUlxQzhx
KKHsdLQ0w0GzcyAPDhJRoA/VIgTQRRQrmdYXF/jP8M+hkkzo5Eb/iDpabLDJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUm99PXicladPzIT29YYB76qghFGYwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzIzMTM3MmUzMTMxMzQyZTMy
MzAzODJlMzAyZjMyMzAyZDMyMzQyMDNkM2UyMDMzMzEzMTMwMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BATZctAwDQYJKoZIhvcNAQELBQADggEBACsjduCd229mngXY6HYU9FiqpiI8wt6l
gqAwOgqAnDRA4yX0qldKmiXqkdYxHAai88IaWGe+9ZUDUL5vMiwKK+ubjE5AdbJx
yZK1lkKIeJKxN2ElNXWt9ekVXXVqaGUlXrItHNhvi+E4oZQhdGnwXVmW0REmNvzL
zBfFDnw5WLG6v5L8e9xHejXlox2jwdDmNbKWeYfRFyLkalvkI970/HjlKYbcLrLE
KYa80H7NGAmrwMvXvDouVnzHCSBFKIqQZfYpXxHqZ7fV4a8fH0rI81giinY6xZSM
26ZttHc1UodSanGEEsvK5V3RO8QGa+5qCXz08gaQEL+IwLbPiFHWWto=
-----END CERTIFICATE-----
Generated at Sat Apr 18 01:34:49 2026 by rpki-client