Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3139362e35362e302f32312d3234203d3e203437353833.roa
File: 3231372e3139362e35362e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: v0kUWyqJIgbY+AXqhztDpxaeTZcST+5Lm4rE8stbpLk=
Subject key identifier: 89:9F:CF:FC:FA:19:AC:90:AA:AC:EB:6A:B4:5C:71:29:4E:E7:7A:25
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 338B7A9CEDD6BDDDA37EB362D3E047AC958A289E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3139362e35362e302f32312d3234203d3e203437353833.roa
Signing time: Thu 16 Apr 2026 11:23:43 +0000
ROA not before: Thu 16 Apr 2026 11:18:43 +0000
ROA not after: Thu 15 Apr 2027 11:23:43 +0000
asID: 47583
IP address blocks: 217.196.56.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:8b:7a:9c:ed:d6:bd:dd:a3:7e:b3:62:d3:e0:47:ac:95:8a:28:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 16 11:18:43 2026 GMT
Not After : Apr 15 11:23:43 2027 GMT
Subject: CN=899FCFFCFA19AC90AAACEB6AB45C71294EE77A25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:28:0e:c1:b4:ed:46:f1:c4:31:93:c9:12:b7:
4a:7a:8b:55:f8:33:2f:39:63:32:64:d9:14:64:f6:
47:b6:e6:61:e4:f4:4b:b4:c1:5d:b8:90:91:0b:53:
c9:3b:7c:ee:82:9e:b9:36:ff:d1:dd:02:a6:d8:bf:
8a:c0:a0:97:d6:c1:09:3b:5c:ee:c3:67:48:c4:65:
c7:91:e2:d5:d9:a1:fa:ba:9c:cf:f9:d9:d3:58:b2:
42:72:fa:5e:71:3e:60:8a:bd:73:f8:ad:52:c7:9f:
fd:fd:2f:84:81:b6:67:23:3c:84:e1:94:30:ad:4c:
69:f8:6e:bc:45:24:ee:a8:2d:15:85:4f:a3:27:ab:
9d:61:b5:6c:56:50:77:d1:cb:93:0b:84:ba:fb:6c:
ba:d9:3f:47:16:13:eb:4d:f5:46:8f:c7:38:d9:ea:
6c:c7:bc:b0:4d:63:c1:58:b7:88:87:79:a3:24:60:
fd:6d:a5:fa:92:f3:1d:29:5b:fb:fe:d6:3c:2a:55:
5b:1d:9b:19:23:c5:c7:e2:21:33:00:b6:73:0c:f5:
85:7e:e2:21:72:07:c0:e1:44:5e:35:1e:76:27:67:
02:3e:5b:d8:cd:b0:60:ba:ae:e7:31:cd:98:f8:0a:
03:86:4a:36:ea:40:2c:eb:0a:f5:61:5c:17:6d:5c:
7a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9F:CF:FC:FA:19:AC:90:AA:AC:EB:6A:B4:5C:71:29:4E:E7:7A:25
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3139362e35362e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.196.56.0/21
Signature Algorithm: sha256WithRSAEncryption
49:a4:2e:08:47:9c:0e:e0:b7:e8:0a:9a:e8:32:3d:69:68:16:
db:3a:da:a6:50:6e:e4:87:52:2c:9c:03:a8:ae:91:ee:a8:0b:
f6:a7:95:ab:ec:9b:4a:33:be:ad:ae:a0:5f:0d:a3:87:3e:5a:
01:92:22:28:7a:27:ba:47:83:07:62:2b:01:bf:20:7d:a4:54:
47:5e:fb:4a:f5:7e:75:1f:c5:18:ba:54:83:1f:f3:f3:39:f2:
eb:08:f0:5a:1a:60:a4:de:83:d2:c4:19:b5:ef:b3:ad:38:1c:
88:88:7e:5b:2f:44:32:03:29:fb:0b:a5:39:25:f8:01:53:84:
6d:37:59:6f:3a:c6:52:cb:b4:5f:0d:1b:0d:fb:e0:bd:07:4a:
0b:d2:7d:44:11:14:9c:81:ef:dc:56:ca:24:65:66:25:a9:33:
5b:dc:12:b4:8a:47:b4:c3:37:46:d7:e7:5b:ee:d0:40:07:a9:
92:4d:7e:be:80:c2:f4:b2:30:7f:67:e3:e7:d4:10:7b:ad:50:
8b:65:c6:97:8c:e5:3b:8a:9f:aa:98:86:56:a1:68:ba:ac:6b:
a1:d2:c6:ff:e5:64:a1:5e:f9:19:b6:78:b2:4a:4f:1f:4a:f2:
32:9d:4c:71:7e:20:8d:57:f1:2e:cb:ed:5e:51:9f:b9:52:40:
83:26:a8:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUM4t6nO3Wvd2jfrNi0+BHrJWKKJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTYxMTE4NDNaFw0yNzA0MTUxMTIzNDNaMDMxMTAvBgNV
BAMTKDg5OUZDRkZDRkExOUFDOTBBQUFDRUI2QUI0NUM3MTI5NEVFNzdBMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAKA7BtO1G8cQxk8kSt0p6i1X4
My85YzJk2RRk9ke25mHk9Eu0wV24kJELU8k7fO6Cnrk2/9HdAqbYv4rAoJfWwQk7
XO7DZ0jEZceR4tXZofq6nM/52dNYskJy+l5xPmCKvXP4rVLHn/39L4SBtmcjPITh
lDCtTGn4brxFJO6oLRWFT6Mnq51htWxWUHfRy5MLhLr7bLrZP0cWE+tN9UaPxzjZ
6mzHvLBNY8FYt4iHeaMkYP1tpfqS8x0pW/v+1jwqVVsdmxkjxcfiITMAtnMM9YV+
4iFyB8DhRF41HnYnZwI+W9jNsGC6rucxzZj4CgOGSjbqQCzrCvVhXBdtXHpnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUiZ/P/PoZrJCqrOtqtFxxKU7neiUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMTM5MzYyZTM1
MzYyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
2cQ4MA0GCSqGSIb3DQEBCwUAA4IBAQBJpC4IR5wO4LfoCproMj1paBbbOtqmUG7k
h1IsnAOorpHuqAv2p5Wr7JtKM76trqBfDaOHPloBkiIoeie6R4MHYisBvyB9pFRH
XvtK9X51H8UYulSDH/PzOfLrCPBaGmCk3oPSxBm177OtOByIiH5bL0QyAyn7C6U5
JfgBU4RtN1lvOsZSy7RfDRsN++C9B0oL0n1EERScge/cVsokZWYlqTNb3BK0ike0
wzdG1+db7tBAB6mSTX6+gML0sjB/Z+Pn1BB7rVCLZcaXjOU7ip+qmIZWoWi6rGuh
0sb/5WShXvkZtniySk8fSvIynUxxfiCNV/Euy+1eUZ+5UkCDJqh0
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:58:15 2026 by rpki-client