Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e35372e302f32342d3234203d3e20323136313531.roa
File: 3231372e3231362e35372e302f32342d3234203d3e20323136313531.roa (raw, json)
Hash identifier: kbPjA27rPVSet4j3O7donUXPZWLfLRqCZkzWgh2IBkk=
Subject key identifier: 40:D5:DA:CC:F5:A9:9C:2F:26:00:6C:82:C5:FE:B0:C7:1D:DD:F1:17
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2E838E83B9084B37EBE04CA241FBFEB32DC56C76
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e35372e302f32342d3234203d3e20323136313531.roa
Signing time: Tue 31 Mar 2026 09:04:43 +0000
ROA not before: Tue 31 Mar 2026 08:59:43 +0000
ROA not after: Tue 30 Mar 2027 09:04:43 +0000
asID: 216151
IP address blocks: 217.216.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:83:8e:83:b9:08:4b:37:eb:e0:4c:a2:41:fb:fe:b3:2d:c5:6c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 31 08:59:43 2026 GMT
Not After : Mar 30 09:04:43 2027 GMT
Subject: CN=40D5DACCF5A99C2F26006C82C5FEB0C71DDDF117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:96:35:53:ec:d2:7d:04:51:db:0a:ca:32:fc:
22:23:8d:77:10:51:7d:5c:a5:4b:6c:84:3b:9e:8a:
5f:be:8f:1a:f1:d5:03:44:b1:37:af:7f:ca:79:f9:
2c:0a:05:d4:74:9e:c1:4d:11:ba:26:0e:ea:fb:47:
db:97:8f:a1:fa:52:ba:7d:dd:f1:62:6d:b6:fc:7e:
c4:e4:9f:a6:db:35:cf:cc:42:4b:f3:aa:cb:c6:81:
d5:62:f4:f0:b1:19:3d:38:de:30:11:32:82:76:be:
19:f4:d5:b3:50:1a:1f:c1:7b:71:bf:0d:7f:52:d1:
27:d4:6f:cd:b6:06:5a:2d:b6:a6:de:56:e0:66:e3:
e5:70:3e:dd:8e:de:87:52:ea:7c:d3:39:22:a6:ef:
e3:f7:b5:7a:a6:eb:19:24:7d:12:63:6b:0f:b2:cd:
84:91:2f:2e:ec:27:7e:a4:61:27:f5:f3:df:8e:08:
77:f6:12:3e:2f:cd:01:6e:6f:b4:86:5d:cd:fc:83:
8c:7f:3d:82:2f:b3:5a:bf:5d:e6:dd:e3:fa:ee:d7:
59:4d:7e:6e:da:4b:0a:50:84:5e:08:5c:d9:53:a0:
0c:8e:77:7e:30:01:26:c5:3b:b3:d6:70:ab:cf:0b:
f5:7e:b0:8d:31:2e:99:4c:b3:75:8d:c6:4b:cf:c2:
0e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D5:DA:CC:F5:A9:9C:2F:26:00:6C:82:C5:FE:B0:C7:1D:DD:F1:17
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e35372e302f32342d3234203d3e20323136313531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.57.0/24
Signature Algorithm: sha256WithRSAEncryption
26:7b:bc:60:c3:0a:46:ef:e4:ea:27:40:be:b4:2e:9b:d9:ae:
75:7f:5c:64:09:b7:74:fc:21:67:8d:8b:d7:6d:20:9b:0e:24:
82:8c:08:2f:8d:78:4d:ee:95:aa:fa:51:d9:00:65:26:15:79:
67:2c:85:d8:ba:40:9f:43:38:99:d2:a9:45:54:82:59:bd:11:
cf:d5:6c:35:75:0d:72:31:94:14:62:b9:11:ae:fb:fb:57:e6:
67:19:d2:c9:f8:a2:4b:b6:76:ac:7b:8d:01:a7:96:b4:c5:a2:
e4:74:f4:48:db:ee:a1:e1:b1:f6:7a:86:d8:8b:01:cf:c1:0e:
56:fa:c4:0c:01:a0:33:66:15:40:c1:51:fa:e4:17:1d:a5:a9:
72:f7:77:f8:d3:d2:53:e2:c7:94:f9:65:52:67:f3:62:62:b0:
3f:30:bf:6b:98:99:fb:31:5b:28:02:6c:ed:27:57:a6:ad:ca:
e1:56:d7:1f:c0:8d:e3:b4:3e:8e:6d:20:45:83:63:a4:b7:48:
e8:a9:68:42:3a:73:7d:f9:c0:68:36:ce:6f:9b:67:34:ed:25:
28:4c:43:9d:4e:12:c3:cf:db:11:1b:50:15:0b:ad:c2:58:46:
b5:1d:fe:af:84:ac:f2:f8:25:3a:f5:8d:55:70:9b:01:62:d9:
21:0e:af:f8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULoOOg7kISzfr4EyiQfv+sy3FbHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAzMzEwODU5NDNaFw0yNzAzMzAwOTA0NDNaMDMxMTAvBgNV
BAMTKDQwRDVEQUNDRjVBOTlDMkYyNjAwNkM4MkM1RkVCMEM3MUREREYxMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ljVT7NJ9BFHbCsoy/CIjjXcQ
UX1cpUtshDueil++jxrx1QNEsTevf8p5+SwKBdR0nsFNEbomDur7R9uXj6H6Urp9
3fFibbb8fsTkn6bbNc/MQkvzqsvGgdVi9PCxGT043jARMoJ2vhn01bNQGh/Be3G/
DX9S0SfUb822BlottqbeVuBm4+VwPt2O3odS6nzTOSKm7+P3tXqm6xkkfRJjaw+y
zYSRLy7sJ36kYSf189+OCHf2Ej4vzQFub7SGXc38g4x/PYIvs1q/Xebd4/ru11lN
fm7aSwpQhF4IXNlToAyOd34wASbFO7PWcKvPC/V+sI0xLplMs3WNxkvPwg49AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQNXazPWpnC8mAGyCxf6wxx3d8RcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTM1
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM1MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2DkwDQYJKoZIhvcNAQELBQADggEBACZ7vGDDCkbv5OonQL60LpvZrnV/XGQJ
t3T8IWeNi9dtIJsOJIKMCC+NeE3ular6UdkAZSYVeWcshdi6QJ9DOJnSqUVUglm9
Ec/VbDV1DXIxlBRiuRGu+/tX5mcZ0sn4oku2dqx7jQGnlrTFouR09Ejb7qHhsfZ6
htiLAc/BDlb6xAwBoDNmFUDBUfrkFx2lqXL3d/jT0lPix5T5ZVJn82JisD8wv2uY
mfsxWygCbO0nV6atyuFW1x/AjeO0Po5tIEWDY6S3SOipaEI6c335wGg2zm+bZzTt
JShMQ51OEsPP2xEbUBULrcJYRrUd/q+ErPL4JTr1jVVwmwFi2SEOr/g=
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:01:11 2026 by rpki-client