Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139352e302f32342d3234203d3e20313938323530.roa
File: 3231372e3231362e3139352e302f32342d3234203d3e20313938323530.roa (raw, json)
Hash identifier: jn1Gu6YFbegr/wqIBRFehTHNXWxbIvRJR2Uw4cCY2Mc=
Subject key identifier: 5A:15:BC:57:6A:39:8C:2F:A1:18:A1:90:4A:48:3B:18:FE:BC:8F:6F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7402B7D2A2D0571EE9207C8E8BC24DF611B04000
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139352e302f32342d3234203d3e20313938323530.roa
Signing time: Fri 10 Apr 2026 10:52:32 +0000
ROA not before: Fri 10 Apr 2026 10:47:32 +0000
ROA not after: Fri 09 Apr 2027 10:52:32 +0000
asID: 198250
IP address blocks: 217.216.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:02:b7:d2:a2:d0:57:1e:e9:20:7c:8e:8b:c2:4d:f6:11:b0:40:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 10 10:47:32 2026 GMT
Not After : Apr 9 10:52:32 2027 GMT
Subject: CN=5A15BC576A398C2FA118A1904A483B18FEBC8F6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2e:de:1e:a0:29:e0:d5:02:9f:2c:44:a0:ec:
62:a5:17:25:99:0c:44:12:3f:32:d0:1d:5f:36:79:
1c:08:d2:7b:43:2b:21:35:b7:7a:b3:49:1c:0b:d5:
c8:d5:e9:90:8b:11:cb:fb:5a:11:2c:29:9b:e4:5d:
47:4a:55:e8:04:8d:f6:b4:31:2a:d5:e0:0f:07:5d:
09:00:ef:ac:fe:29:bc:9e:bc:ae:8a:2a:d1:14:e9:
22:04:15:e9:21:d9:d7:70:bd:d6:04:b2:69:da:64:
3b:9b:d7:06:fb:a7:4f:17:fb:81:59:6a:9a:66:af:
1f:1c:ac:aa:bc:a5:62:10:9d:4b:c7:88:e4:fe:28:
8b:e9:9d:51:5d:39:3e:a1:1e:83:bd:11:2d:ca:ec:
12:bc:0a:6f:b0:1e:b0:f0:6e:35:20:31:cf:9d:54:
10:1c:58:49:d7:38:88:36:13:04:0f:ec:a7:75:35:
4b:4d:55:89:ad:86:cb:a9:67:42:0b:27:eb:df:fe:
28:80:a4:f1:a7:3d:f2:bb:c1:2f:11:1e:a7:15:6a:
c1:fd:28:18:ce:47:21:ef:ef:31:ce:28:70:8d:c2:
0b:74:ad:d8:9b:03:e1:58:5d:44:c3:46:5e:1f:1a:
92:1e:24:8a:1a:6e:33:25:0b:9d:9b:dd:cd:4d:f8:
fb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:15:BC:57:6A:39:8C:2F:A1:18:A1:90:4A:48:3B:18:FE:BC:8F:6F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139352e302f32342d3234203d3e20313938323530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.195.0/24
Signature Algorithm: sha256WithRSAEncryption
98:54:fd:63:6e:b3:cd:ea:40:4a:90:96:bb:c9:d1:d9:ce:6d:
66:37:3c:79:d8:d2:6e:cb:a4:2d:26:ce:4d:8f:1b:4d:1b:5e:
be:5f:81:ff:ef:0c:49:41:1c:17:87:b5:60:94:ed:e9:d1:ce:
f1:00:97:4c:e2:88:67:b7:34:60:e1:e2:9a:b7:b4:0e:33:f0:
d0:91:2d:d6:35:b5:7d:e9:dc:2f:96:2c:7c:5d:60:93:24:23:
91:38:1c:63:07:cb:c1:62:76:6c:6a:7f:5f:73:dc:01:02:13:
8f:44:e9:25:c4:03:3b:7a:80:c6:e5:31:99:78:bd:c2:69:c6:
c3:e1:21:72:7b:17:42:15:1c:51:5b:10:26:58:d4:72:bf:48:
51:ea:20:d8:a9:43:d4:66:bb:3f:33:12:f7:de:36:5f:13:63:
b4:2b:60:a6:d3:ef:4f:92:84:58:1c:4f:f7:4e:6a:4b:28:2d:
01:5e:67:3b:4d:75:f9:2e:cf:b0:15:5c:04:ca:18:d5:0e:fe:
a4:30:d4:1f:24:0f:8e:48:61:c0:93:7c:95:07:2b:82:3e:15:
c2:28:5a:e5:e7:8c:a4:f5:f0:27:ad:7a:a5:c5:15:04:39:b8:
ff:17:6e:57:fb:fa:07:89:62:48:d8:e1:e7:f8:9e:7e:b3:cc:
ba:1c:02:2a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdAK30qLQVx7pIHyOi8JN9hGwQAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA0MTAxMDQ3MzJaFw0yNzA0MDkxMDUyMzJaMDMxMTAvBgNV
BAMTKDVBMTVCQzU3NkEzOThDMkZBMTE4QTE5MDRBNDgzQjE4RkVCQzhGNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMLt4eoCng1QKfLESg7GKlFyWZ
DEQSPzLQHV82eRwI0ntDKyE1t3qzSRwL1cjV6ZCLEcv7WhEsKZvkXUdKVegEjfa0
MSrV4A8HXQkA76z+KbyevK6KKtEU6SIEFekh2ddwvdYEsmnaZDub1wb7p08X+4FZ
appmrx8crKq8pWIQnUvHiOT+KIvpnVFdOT6hHoO9ES3K7BK8Cm+wHrDwbjUgMc+d
VBAcWEnXOIg2EwQP7Kd1NUtNVYmthsupZ0ILJ+vf/iiApPGnPfK7wS8RHqcVasH9
KBjORyHv7zHOKHCNwgt0rdibA+FYXUTDRl4fGpIeJIoabjMlC52b3c1N+PsRAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUWhW8V2o5jC+hGKGQSkg7GP68j28wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzkzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzODMyMzUzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYwzANBgkqhkiG9w0BAQsFAAOCAQEAmFT9Y26zzepASpCWu8nR2c5tZjc8
edjSbsukLSbOTY8bTRtevl+B/+8MSUEcF4e1YJTt6dHO8QCXTOKIZ7c0YOHimre0
DjPw0JEt1jW1fencL5YsfF1gkyQjkTgcYwfLwWJ2bGp/X3PcAQITj0TpJcQDO3qA
xuUxmXi9wmnGw+EhcnsXQhUcUVsQJljUcr9IUeog2KlD1Ga7PzMS9942XxNjtCtg
ptPvT5KEWBxP905qSygtAV5nO011+S7PsBVcBMoY1Q7+pDDUHyQPjkhhwJN8lQcr
gj4Vwiha5eeMpPXwJ616pcUVBDm4/xduV/v6B4liSNjh5/iefrPMuhwCKg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:28:51 2026 by rpki-client