Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e31352e3136382e302f32312d3234203d3e203437353833.roa
File: 3231372e31352e3136382e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: ibBuAnrYvA+zUDqVWkUx9VS4KA8o0QWL7hS/zg/z+MI=
Subject key identifier: 3C:48:D6:D0:DE:83:DC:F4:DB:ED:D6:4E:78:76:AB:F9:36:C2:1F:F0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 661E71C7EB4E4D6019126AA719847D5EC1A63045
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e31352e3136382e302f32312d3234203d3e203437353833.roa
Signing time: Thu 16 Apr 2026 11:23:42 +0000
ROA not before: Thu 16 Apr 2026 11:18:42 +0000
ROA not after: Thu 15 Apr 2027 11:23:42 +0000
asID: 47583
IP address blocks: 217.15.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:1e:71:c7:eb:4e:4d:60:19:12:6a:a7:19:84:7d:5e:c1:a6:30:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 16 11:18:42 2026 GMT
Not After : Apr 15 11:23:42 2027 GMT
Subject: CN=3C48D6D0DE83DCF4DBEDD64E7876ABF936C21FF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:68:3b:c3:c2:c6:e8:a6:29:17:3f:3c:15:3b:
3d:b3:2b:aa:a4:b7:c5:b3:46:1b:1f:b3:bd:b2:61:
b4:ea:c9:4d:19:7b:71:ff:ad:9f:5a:3f:e5:bc:f8:
e2:60:5e:5b:0a:c4:b3:3e:70:ee:0d:20:62:68:97:
d0:10:45:67:04:e1:6a:eb:9e:79:b1:9e:19:10:2d:
c8:6a:be:4c:7d:69:b4:a7:82:c3:8c:23:4d:21:6a:
a0:04:c7:f3:41:4b:e1:b8:f3:36:38:3e:f0:54:29:
2e:ef:62:83:36:4e:f1:cd:a1:32:5b:e3:ef:50:95:
de:2b:70:7f:f7:07:72:7d:67:0d:43:cc:fc:b1:8c:
d9:d4:4f:bf:5f:f7:40:26:9c:3c:2d:e9:1b:61:9b:
0a:60:d7:1c:7c:e7:ec:4b:f3:00:dc:74:cf:41:d2:
18:f9:e5:9b:ce:3d:b7:ba:32:22:5b:73:7b:ae:82:
24:b1:b5:a8:84:30:82:7b:d3:5a:06:7c:5d:46:6e:
6a:dc:1f:a9:be:c6:63:09:ed:cf:ae:2d:75:d5:be:
8c:a3:9a:87:87:51:00:27:81:64:62:92:bd:b1:b1:
c4:56:9d:e5:47:bf:98:e0:8c:69:54:d8:65:fa:ff:
9a:6a:75:1b:ea:50:6e:22:7d:40:02:a6:31:aa:df:
8a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:48:D6:D0:DE:83:DC:F4:DB:ED:D6:4E:78:76:AB:F9:36:C2:1F:F0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e31352e3136382e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.15.168.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:cf:40:ff:c2:2c:9c:1e:b2:6d:f6:aa:54:c3:fd:8b:e8:c8:
a7:9c:ef:5e:87:58:a7:cb:23:29:37:85:cf:cb:b1:d0:eb:87:
be:e6:8e:97:c4:8f:81:dc:e3:ef:2d:0c:f6:18:5a:73:f1:44:
3c:dd:48:d8:23:86:b3:67:28:4d:90:60:4a:97:59:53:15:ff:
2e:00:43:fc:af:0a:e5:8d:94:79:ca:9a:86:64:c1:c6:03:a0:
85:ed:5a:e1:3a:2e:87:ec:b8:65:f4:ae:58:f2:18:85:d3:86:
c5:f7:38:8c:91:5f:95:b9:4e:61:a7:56:02:c4:a1:df:5a:2c:
bc:e1:86:30:01:9d:56:a9:f6:26:c6:4b:e1:70:e4:ce:0b:0a:
dd:ce:0f:66:bf:98:a1:7f:9e:e4:4d:42:05:36:da:e6:68:fd:
a1:58:02:31:7c:d3:72:3b:a7:4e:a4:3c:4c:cd:6c:f8:12:38:
f0:94:1b:73:1f:95:13:b4:ac:fe:f6:41:7c:31:de:27:dd:74:
d5:be:aa:24:0d:25:55:a1:5b:3c:15:bc:89:1d:d8:24:83:f9:
57:2a:a3:23:b9:ae:e0:df:8e:cd:9c:27:33:89:f0:54:d5:35:
30:b4:23:71:4f:6c:64:d6:86:b2:37:ad:41:7d:82:1f:45:1d:
3a:c5:a4:4d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZh5xx+tOTWAZEmqnGYR9XsGmMEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTYxMTE4NDJaFw0yNzA0MTUxMTIzNDJaMDMxMTAvBgNV
BAMTKDNDNDhENkQwREU4M0RDRjREQkVERDY0RTc4NzZBQkY5MzZDMjFGRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6aDvDwsbopikXPzwVOz2zK6qk
t8WzRhsfs72yYbTqyU0Ze3H/rZ9aP+W8+OJgXlsKxLM+cO4NIGJol9AQRWcE4Wrr
nnmxnhkQLchqvkx9abSngsOMI00haqAEx/NBS+G48zY4PvBUKS7vYoM2TvHNoTJb
4+9Qld4rcH/3B3J9Zw1DzPyxjNnUT79f90AmnDwt6Rthmwpg1xx85+xL8wDcdM9B
0hj55ZvOPbe6MiJbc3uugiSxtaiEMIJ701oGfF1GbmrcH6m+xmMJ7c+uLXXVvoyj
moeHUQAngWRikr2xscRWneVHv5jgjGlU2GX6/5pqdRvqUG4ifUACpjGq34opAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUPEjW0N6D3PTb7dZOeHar+TbCH/AwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMTM1MmUzMTM2
MzgyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
2Q+oMA0GCSqGSIb3DQEBCwUAA4IBAQArz0D/wiycHrJt9qpUw/2L6MinnO9eh1in
yyMpN4XPy7HQ64e+5o6XxI+B3OPvLQz2GFpz8UQ83UjYI4azZyhNkGBKl1lTFf8u
AEP8rwrljZR5ypqGZMHGA6CF7VrhOi6H7Lhl9K5Y8hiF04bF9ziMkV+VuU5hp1YC
xKHfWiy84YYwAZ1WqfYmxkvhcOTOCwrdzg9mv5ihf57kTUIFNtrmaP2hWAIxfNNy
O6dOpDxMzWz4EjjwlBtzH5UTtKz+9kF8Md4n3XTVvqokDSVVoVs8FbyJHdgkg/lX
KqMjua7g347NnCczifBU1TUwtCNxT2xk1oayN61BfYIfRR06xaRN
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:16:17 2026 by rpki-client