Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3230332e302f32342d3234203d3e20323134343332.roa
File: 3231372e3231362e3230332e302f32342d3234203d3e20323134343332.roa (raw, json)
Hash identifier: nnXhyad0ET2H341QzvgY/4L0JmvLD9NzLb5hHd4fGN8=
Subject key identifier: 4F:03:C5:BA:B8:84:EC:1E:A0:A7:14:B8:02:CF:FE:9A:F4:30:44:83
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7CB257E73A3C43F7AD6344FC05ECF665E1FC94A4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3230332e302f32342d3234203d3e20323134343332.roa
Signing time: Wed 04 Feb 2026 15:23:49 +0000
ROA not before: Wed 04 Feb 2026 15:18:49 +0000
ROA not after: Wed 03 Feb 2027 15:23:49 +0000
asID: 214432
IP address blocks: 217.216.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:b2:57:e7:3a:3c:43:f7:ad:63:44:fc:05:ec:f6:65:e1:fc:94:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 4 15:18:49 2026 GMT
Not After : Feb 3 15:23:49 2027 GMT
Subject: CN=4F03C5BAB884EC1EA0A714B802CFFE9AF4304483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3d:ca:7e:f0:be:d5:27:27:9e:9c:7b:5f:d3:
71:c5:4d:7b:c2:92:88:90:48:1a:26:d9:f2:10:42:
7f:85:00:8b:ef:df:54:02:00:c9:3f:c0:9c:ae:2f:
8a:da:47:b2:1d:7e:ca:a1:31:c5:27:bb:85:41:77:
e8:3e:96:74:2b:74:31:e1:1b:f5:c4:ed:03:65:8a:
43:6b:36:73:80:0f:d0:15:b9:84:61:89:74:d3:4c:
41:4f:79:57:69:c6:72:0f:a2:5d:f6:93:07:2c:94:
77:48:4b:6c:56:7e:40:07:35:c0:42:41:fb:e3:42:
08:18:be:a4:d6:0a:b6:aa:f6:ac:1c:bc:a6:58:b8:
14:85:3d:7b:ce:39:91:8c:55:79:28:20:96:5d:1a:
5f:d1:a0:e3:b9:47:fa:16:e2:92:db:13:3f:ba:57:
d3:8a:bb:c8:81:c5:e8:c6:a9:e7:4b:a7:12:53:bc:
00:36:e3:d0:27:49:c2:10:7d:47:b7:1b:ae:ab:95:
82:5c:bc:19:c5:95:31:3e:85:6a:55:e6:4d:d8:02:
d0:39:98:ec:4f:b6:d6:a4:48:57:d6:f7:26:54:8c:
84:78:5c:d8:81:87:d7:16:05:1e:9a:c9:3c:3f:30:
e9:25:6c:e7:13:bc:a8:4d:70:5a:ae:c6:c6:e3:7e:
1d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:03:C5:BA:B8:84:EC:1E:A0:A7:14:B8:02:CF:FE:9A:F4:30:44:83
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3230332e302f32342d3234203d3e20323134343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.203.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:8e:d1:ed:0f:60:35:7d:24:bf:19:d2:59:64:52:c6:ee:55:
9e:0c:90:71:36:e1:37:8c:73:51:b4:69:58:8e:08:5b:35:10:
95:22:63:b8:77:e8:9a:51:d9:e6:a6:3a:20:0f:20:99:39:15:
39:c5:18:c8:59:80:ba:2a:70:be:9a:06:07:16:2d:f4:5c:69:
5c:05:75:7f:3b:fd:73:c3:22:ca:94:c2:0d:2f:02:8c:36:79:
97:4a:b5:4b:e5:04:11:a6:da:1e:1e:48:40:cc:98:8b:70:a7:
c9:c3:d1:06:13:ac:2a:9f:39:5c:c0:16:62:2b:61:77:3e:d1:
b5:64:3e:2c:86:39:82:26:e0:e4:38:77:8f:9b:ee:15:a0:40:
e2:fe:dc:0d:98:67:11:3a:e8:f1:c7:e0:4f:2e:a3:1a:d4:b9:
a7:30:40:38:90:36:f3:b1:6f:7d:d9:ea:2a:cb:e7:11:9b:9a:
34:e2:8c:02:60:32:9f:29:e4:79:b1:bf:74:09:41:0f:6f:fa:
92:20:62:66:94:c2:18:7a:f8:38:7a:1d:74:b2:a5:26:72:00:
78:91:c1:28:94:54:b1:ff:4d:af:a9:87:34:dc:14:cd:42:54:
4c:26:a5:04:d2:d1:6d:a2:8a:22:92:a4:22:e0:1d:8d:32:33:
ce:95:c2:77
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfLJX5zo8Q/etY0T8Bez2ZeH8lKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAyMDQxNTE4NDlaFw0yNzAyMDMxNTIzNDlaMDMxMTAvBgNV
BAMTKDRGMDNDNUJBQjg4NEVDMUVBMEE3MTRCODAyQ0ZGRTlBRjQzMDQ0ODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Pcp+8L7VJyeenHtf03HFTXvC
koiQSBom2fIQQn+FAIvv31QCAMk/wJyuL4raR7IdfsqhMcUnu4VBd+g+lnQrdDHh
G/XE7QNlikNrNnOAD9AVuYRhiXTTTEFPeVdpxnIPol32kwcslHdIS2xWfkAHNcBC
QfvjQggYvqTWCraq9qwcvKZYuBSFPXvOOZGMVXkoIJZdGl/RoOO5R/oW4pLbEz+6
V9OKu8iBxejGqedLpxJTvAA249AnScIQfUe3G66rlYJcvBnFlTE+hWpV5k3YAtA5
mOxPttakSFfW9yZUjIR4XNiBh9cWBR6ayTw/MOklbOcTvKhNcFquxsbjfh0jAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUTwPFuriE7B6gpxS4As/+mvQwRIMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM0MzMzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYyzANBgkqhkiG9w0BAQsFAAOCAQEAno7R7Q9gNX0kvxnSWWRSxu5VngyQ
cTbhN4xzUbRpWI4IWzUQlSJjuHfomlHZ5qY6IA8gmTkVOcUYyFmAuipwvpoGBxYt
9FxpXAV1fzv9c8MiypTCDS8CjDZ5l0q1S+UEEabaHh5IQMyYi3CnycPRBhOsKp85
XMAWYithdz7RtWQ+LIY5gibg5Dh3j5vuFaBA4v7cDZhnETro8cfgTy6jGtS5pzBA
OJA287FvfdnqKsvnEZuaNOKMAmAynynkebG/dAlBD2/6kiBiZpTCGHr4OHoddLKl
JnIAeJHBKJRUsf9Nr6mHNNwUzUJUTCalBNLRbaKKIpKkIuAdjTIzzpXCdw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:25:55 2026 by rpki-client