Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3131352e302f32342d3234203d3e20313337343039.roa
File: 3231372e3231372e3131352e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier: F6Q31Zgpl23+s2nFrEQ7gMHp92T7A1I5ZXdCs8l2sCk=
Subject key identifier: F7:56:C4:93:A4:42:32:C1:56:56:79:B3:FF:9C:91:AC:50:E9:55:7C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4ADC600A8F2838631F1A500FA147171735DF3BB2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3131352e302f32342d3234203d3e20313337343039.roa
Signing time: Fri 12 Jun 2026 20:25:15 +0000
ROA not before: Fri 12 Jun 2026 20:20:15 +0000
ROA not after: Fri 11 Jun 2027 20:25:15 +0000
asID: 137409
IP address blocks: 217.217.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:42:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:dc:60:0a:8f:28:38:63:1f:1a:50:0f:a1:47:17:17:35:df:3b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 12 20:20:15 2026 GMT
Not After : Jun 11 20:25:15 2027 GMT
Subject: CN=F756C493A44232C1565679B3FF9C91AC50E9557C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b9:ce:eb:0e:e4:86:f7:8a:c2:2f:d8:f7:02:
2e:d9:25:a3:8e:b8:21:80:a1:a1:f4:83:6b:cc:58:
87:e3:c3:a3:40:26:00:e3:16:d3:17:98:77:3c:72:
0a:f9:96:2c:35:29:c2:ac:7a:da:47:92:3e:cd:92:
a7:6d:bc:64:51:7f:68:71:5b:e9:12:35:fc:57:80:
92:a1:0a:3d:18:ca:be:fc:2c:a5:80:64:28:07:67:
99:a9:f8:90:74:07:1a:b5:d1:80:da:5a:70:c3:b1:
bc:09:f2:43:ba:ed:52:29:3d:f9:8a:a9:e2:f5:1a:
06:07:8a:cc:17:6e:c8:41:72:9b:08:31:d0:e2:d1:
fe:97:9b:76:a7:2d:c9:a5:3e:40:71:7d:d2:ee:08:
21:23:b7:fe:a9:91:b3:2c:67:9b:d7:b8:71:33:2a:
c6:43:f0:8a:d3:32:5a:4d:8c:0b:42:5b:56:3b:c4:
60:2b:ae:f6:83:ef:61:24:d0:e4:ea:05:4f:8e:6f:
66:17:30:20:14:b9:c6:d7:18:74:ed:71:46:62:b1:
e4:af:4f:65:0a:19:27:30:06:b2:e6:0d:e9:ce:fd:
d0:16:2a:81:0a:ab:96:39:3c:d6:13:10:50:bc:3f:
8e:d8:26:09:f2:ce:d1:fd:89:3d:a9:90:ab:d3:b7:
e7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:56:C4:93:A4:42:32:C1:56:56:79:B3:FF:9C:91:AC:50:E9:55:7C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3131352e302f32342d3234203d3e20313337343039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.115.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:51:b4:5a:3f:22:18:10:99:97:04:c8:9a:69:c6:9b:b4:21:
af:b7:91:a4:a9:0d:05:18:9f:1b:78:d3:0c:d6:61:12:59:65:
30:42:09:cf:8f:95:67:d2:aa:79:aa:9c:d3:2e:ef:15:6b:4c:
f4:91:b8:5a:83:aa:1f:71:de:f1:94:fc:95:4a:01:57:aa:e5:
3d:7f:1a:88:93:5e:be:e2:46:94:fa:e3:e1:07:ba:80:88:2a:
54:3f:62:40:99:49:90:54:6a:b3:ba:28:88:16:21:41:66:fc:
b1:09:2f:ed:05:59:e1:bc:d8:85:00:c3:1f:a8:4b:de:0d:a0:
8c:86:69:52:fa:32:e4:fd:d6:7f:d0:79:90:0e:fb:db:36:a5:
ae:9c:de:92:26:0d:0e:0f:ad:43:b0:7f:fd:41:dc:10:94:db:
8d:3c:7b:88:02:22:8e:ed:1a:88:62:b7:24:12:9e:b7:e8:5d:
ea:61:8e:0a:6c:93:ed:de:a9:2d:87:9e:b9:13:80:1a:3a:b4:
33:5d:36:cd:67:e9:14:11:4c:e2:7b:54:ff:11:e7:04:aa:d6:
ba:4e:c4:6d:b4:a3:b7:9d:10:69:60:2d:47:ed:c1:38:ed:93:
30:c3:28:49:bb:e2:d3:29:de:db:82:3c:a5:bc:68:4b:76:7a:
c1:8b:64:f9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUStxgCo8oOGMfGlAPoUcXFzXfO7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjA2MTIyMDIwMTVaFw0yNzA2MTEyMDI1MTVaMDMxMTAvBgNV
BAMTKEY3NTZDNDkzQTQ0MjMyQzE1NjU2NzlCM0ZGOUM5MUFDNTBFOTU1N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4uc7rDuSG94rCL9j3Ai7ZJaOO
uCGAoaH0g2vMWIfjw6NAJgDjFtMXmHc8cgr5liw1KcKsetpHkj7NkqdtvGRRf2hx
W+kSNfxXgJKhCj0Yyr78LKWAZCgHZ5mp+JB0Bxq10YDaWnDDsbwJ8kO67VIpPfmK
qeL1GgYHiswXbshBcpsIMdDi0f6Xm3anLcmlPkBxfdLuCCEjt/6pkbMsZ5vXuHEz
KsZD8IrTMlpNjAtCW1Y7xGArrvaD72Ek0OTqBU+Ob2YXMCAUucbXGHTtcUZiseSv
T2UKGScwBrLmDenO/dAWKoEKq5Y5PNYTEFC8P47YJgnyztH9iT2pkKvTt+eHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU91bEk6RCMsFWVnmz/5yRrFDpVXwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNzM0MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZczANBgkqhkiG9w0BAQsFAAOCAQEAoVG0Wj8iGBCZlwTImmnGm7Qhr7eR
pKkNBRifG3jTDNZhElllMEIJz4+VZ9Kqeaqc0y7vFWtM9JG4WoOqH3He8ZT8lUoB
V6rlPX8aiJNevuJGlPrj4Qe6gIgqVD9iQJlJkFRqs7ooiBYhQWb8sQkv7QVZ4bzY
hQDDH6hL3g2gjIZpUvoy5P3Wf9B5kA772zalrpzekiYNDg+tQ7B//UHcEJTbjTx7
iAIiju0aiGK3JBKet+hd6mGOCmyT7d6pLYeeuROAGjq0M102zWfpFBFM4ntU/xHn
BKrWuk7EbbSjt50QaWAtR+3BOO2TMMMoSbvi0yne24I8pbxoS3Z6wYtk+Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:04:59 2026 by rpki-client