Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3230382e302f32342d3234203d3e20323136313338.roa
File: 3231372e3231362e3230382e302f32342d3234203d3e20323136313338.roa (raw, json)
Hash identifier: d0tE57UbBqVZqDlrTdAZJTh5QoqO6zEvhNniAzNftcQ=
Subject key identifier: BB:E5:C1:B7:AC:98:A1:3B:3E:75:20:20:33:CD:44:46:35:62:EA:64
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 73841B88FA9083DAA1AEAF5AC23E67954773DCB1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3230382e302f32342d3234203d3e20323136313338.roa
Signing time: Sun 15 Feb 2026 08:26:32 +0000
ROA not before: Sun 15 Feb 2026 08:21:32 +0000
ROA not after: Sun 14 Feb 2027 08:26:32 +0000
asID: 216138
IP address blocks: 217.216.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:84:1b:88:fa:90:83:da:a1:ae:af:5a:c2:3e:67:95:47:73:dc:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 15 08:21:32 2026 GMT
Not After : Feb 14 08:26:32 2027 GMT
Subject: CN=BBE5C1B7AC98A13B3E75202033CD44463562EA64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:f5:e7:e5:b7:59:f4:18:27:dc:59:5b:77:
6b:55:03:ba:70:59:04:37:1b:ad:68:38:ac:1e:3a:
bf:bd:f8:f3:a8:b8:3e:4f:ad:6d:05:13:6a:2d:0f:
c7:12:e4:ed:eb:27:cc:e0:0a:eb:f2:d6:7e:c0:95:
3a:73:56:a8:6e:d4:fe:6b:30:59:18:eb:55:67:7c:
fa:bd:7a:27:56:fc:74:09:0d:b1:21:c7:be:52:cd:
09:da:a4:2d:be:8b:93:17:90:52:d4:4a:56:0a:58:
32:fe:d9:53:65:cd:7a:52:2f:1f:b9:cc:69:34:eb:
52:7f:d5:09:3d:44:4f:2c:4b:03:bc:e3:a2:1a:b0:
f3:f4:29:82:74:ea:9f:2f:3b:55:91:c2:6d:a9:35:
fa:f7:48:62:55:7b:0e:47:07:b0:64:8e:43:13:cd:
9d:f8:55:54:28:5e:6d:3e:b4:68:ca:a4:33:54:e9:
55:fc:96:e2:f2:09:84:c2:7f:f6:56:cd:c5:07:27:
4c:ba:eb:d3:1b:e3:24:21:18:37:80:6c:c6:9e:2b:
fb:05:78:93:4b:e7:3d:7f:8a:ef:35:3c:bb:4d:f3:
85:9b:0d:1d:e9:2e:fe:65:f0:d4:7e:fe:f5:43:48:
e0:cb:f1:90:02:25:f9:3d:f6:c1:3e:39:d8:bc:0f:
fd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E5:C1:B7:AC:98:A1:3B:3E:75:20:20:33:CD:44:46:35:62:EA:64
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3230382e302f32342d3234203d3e20323136313338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:9a:23:24:f1:25:da:a8:46:c2:f2:e1:c6:03:21:02:a6:76:
23:63:cd:23:55:62:01:d9:7f:e1:6f:79:21:f7:ad:33:08:e8:
d7:6b:93:99:6b:7f:83:02:9b:51:cb:ea:a9:a8:aa:8a:93:6d:
43:e1:2f:0c:a6:ed:8b:10:13:2c:83:d2:31:93:8b:db:fc:ba:
32:61:b7:32:09:05:b5:e9:30:ca:f2:8f:09:61:fe:e8:57:bc:
88:52:a7:41:9a:80:c2:d5:5a:05:a4:90:99:64:a4:c8:f6:86:
a1:01:4b:89:22:16:0c:5f:7e:6f:21:fa:4f:10:cc:f5:5a:eb:
88:ab:af:79:a5:87:dc:a6:f3:38:6d:b1:7b:9e:3a:0d:52:69:
e3:2f:6a:93:e4:46:25:d3:6d:4c:f6:22:2c:fd:c3:d9:ac:85:
5d:fa:0e:21:37:5b:23:02:f0:5e:a5:27:82:d6:7b:9f:20:03:
70:5a:62:0e:e2:50:02:3b:2b:92:e0:fb:d6:7b:06:9f:12:ba:
30:a1:ff:b5:46:e9:3a:0d:3a:35:6d:70:66:db:88:6b:50:4b:
71:8e:b1:5d:72:4c:d5:4c:e3:a1:f2:82:7a:e3:ce:11:75:09:
92:d4:8f:a9:31:1c:9d:38:97:af:e3:00:b1:6b:6d:86:c0:ad:
58:70:2a:f2
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUc4QbiPqQg9qhrq9awj5nlUdz3LEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAyMTUwODIxMzJaFw0yNzAyMTQwODI2MzJaMDMxMTAvBgNV
BAMTKEJCRTVDMUI3QUM5OEExM0IzRTc1MjAyMDMzQ0Q0NDQ2MzU2MkVBNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqUfXn5bdZ9Bgn3Flbd2tVA7pw
WQQ3G61oOKweOr+9+POouD5PrW0FE2otD8cS5O3rJ8zgCuvy1n7AlTpzVqhu1P5r
MFkY61VnfPq9eidW/HQJDbEhx75SzQnapC2+i5MXkFLUSlYKWDL+2VNlzXpSLx+5
zGk061J/1Qk9RE8sSwO846IasPP0KYJ06p8vO1WRwm2pNfr3SGJVew5HB7BkjkMT
zZ34VVQoXm0+tGjKpDNU6VX8luLyCYTCf/ZWzcUHJ0y669Mb4yQhGDeAbMaeK/sF
eJNL5z1/iu81PLtN84WbDR3pLv5l8NR+/vVDSODL8ZACJfk99sE+Odi8D/2ZAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUu+XBt6yYoTs+dSAgM81ERjVi6mQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMy
MzAzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNjMxMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnY0DANBgkqhkiG9w0BAQsFAAOCAQEAbZojJPEl2qhGwvLhxgMhAqZ2I2PN
I1ViAdl/4W95IfetMwjo12uTmWt/gwKbUcvqqaiqipNtQ+EvDKbtixATLIPSMZOL
2/y6MmG3MgkFtekwyvKPCWH+6Fe8iFKnQZqAwtVaBaSQmWSkyPaGoQFLiSIWDF9+
byH6TxDM9VrriKuveaWH3KbzOG2xe546DVJp4y9qk+RGJdNtTPYiLP3D2ayFXfoO
ITdbIwLwXqUngtZ7nyADcFpiDuJQAjsrkuD71nsGnxK6MKH/tUbpOg06NW1wZtuI
a1BLcY6xXXJM1UzjofKCeuPOEXUJktSPqTEcnTiXr+MAsWtthsCtWHAq8g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:14 2026 by rpki-client