Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3134342e302f32312d3234203d3e203437353833.roa
File: 3231372e36352e3134342e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: JEDquBtn+xvFCIXUyLgYsU5Y+YmXc8W0A+BVkn0/Md0=
Subject key identifier: E4:F0:A9:45:BF:E3:5C:45:09:44:F2:65:6E:73:2A:7A:F7:12:0F:25
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0BBDDE199A6953DECE821165B9F97E86BBA5B507
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3134342e302f32312d3234203d3e203437353833.roa
Signing time: Fri 27 Feb 2026 15:23:22 +0000
ROA not before: Fri 27 Feb 2026 15:18:22 +0000
ROA not after: Fri 26 Feb 2027 15:23:22 +0000
asID: 47583
IP address blocks: 217.65.144.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:bd:de:19:9a:69:53:de:ce:82:11:65:b9:f9:7e:86:bb:a5:b5:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 27 15:18:22 2026 GMT
Not After : Feb 26 15:23:22 2027 GMT
Subject: CN=E4F0A945BFE35C450944F2656E732A7AF7120F25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4d:ee:08:15:ec:40:26:6a:2e:4e:1d:f6:5e:
e7:ee:9e:71:bc:b7:d3:84:b1:2a:29:1c:3a:a0:4f:
13:85:b1:9a:a1:ad:af:da:18:18:54:80:14:3a:c5:
7e:30:2e:12:89:bd:26:f3:52:dd:55:8f:f5:e3:b1:
16:6e:fb:6f:96:b3:82:69:9f:4d:f8:1e:d4:7b:11:
8f:3c:2a:d8:3f:79:a1:a8:f9:8d:76:97:f8:fe:a0:
59:44:b9:ed:c1:60:04:9b:70:58:c9:6c:a8:1f:8a:
7b:4b:15:3a:55:6a:d9:16:00:73:9c:d3:d4:f0:f2:
1e:68:6b:9f:66:3b:64:9f:af:f8:1b:97:c6:61:bf:
83:d3:83:f7:e5:36:be:3a:55:02:e8:55:fb:5d:16:
38:db:eb:3f:6e:7b:f7:52:e1:27:bc:8e:06:1a:42:
ff:c2:19:d0:7a:cd:a6:2c:63:ed:a7:cb:c9:f7:f3:
43:45:cf:49:ac:b5:01:f2:27:3e:4d:5c:b4:55:ac:
52:f2:98:15:2a:4f:ac:e8:a1:0d:da:ed:0c:a4:32:
ba:e0:fd:24:f7:a2:10:00:36:0b:15:a1:64:e3:e0:
86:ee:a8:45:3a:fe:fe:d7:71:98:df:b0:6e:f0:53:
72:cd:4f:7f:74:ab:c4:cc:e7:1c:f7:b8:02:57:6a:
c1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F0:A9:45:BF:E3:5C:45:09:44:F2:65:6E:73:2A:7A:F7:12:0F:25
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3134342e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.65.144.0/21
Signature Algorithm: sha256WithRSAEncryption
57:f6:b3:58:78:28:aa:d5:c8:ae:18:2a:1d:4f:aa:86:d5:43:
e4:c5:4c:d5:c7:35:a9:43:9a:21:6f:64:c8:04:9e:e7:e8:fb:
c6:da:85:4f:6f:26:11:41:0c:be:ca:2c:57:51:27:b5:c3:a1:
cc:03:fd:b4:5e:ba:05:c5:0c:62:92:9f:eb:1d:8a:fe:9b:62:
d4:a3:5c:b9:3d:13:2b:94:d5:b3:c2:78:68:a1:9f:80:eb:6d:
b3:d8:4e:39:e2:d2:a3:67:74:db:79:c2:11:e0:af:b3:78:10:
85:ca:fc:49:d1:ed:bf:c9:c9:5a:79:bc:57:fa:9c:d5:53:6c:
0e:1a:9b:3c:eb:5f:ce:d6:4e:a8:38:1a:f4:fa:da:a7:bf:07:
ab:67:05:0a:47:44:38:73:98:79:02:b3:31:ef:df:ae:3e:31:
76:5a:7f:9d:2b:43:cb:ce:7c:27:8b:9a:d6:4a:f7:6c:bd:17:
13:22:ce:03:f1:2b:47:5d:e0:4c:99:cc:8e:3d:4f:e6:be:1b:
c2:1b:54:39:e7:f0:24:c3:18:3a:f0:f1:42:7e:55:4d:6a:fa:
0d:42:8c:2a:25:d5:64:f7:b5:cd:a4:50:8d:6c:23:7b:4d:5d:
1d:25:72:fa:3c:2d:ee:89:3f:c1:7a:2c:29:88:ed:ad:d4:d4:
12:73:d9:1d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUC73eGZppU97OghFlufl+hrultQcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAyMjcxNTE4MjJaFw0yNzAyMjYxNTIzMjJaMDMxMTAvBgNV
BAMTKEU0RjBBOTQ1QkZFMzVDNDUwOTQ0RjI2NTZFNzMyQTdBRjcxMjBGMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjTe4IFexAJmouTh32XufunnG8
t9OEsSopHDqgTxOFsZqhra/aGBhUgBQ6xX4wLhKJvSbzUt1Vj/XjsRZu+2+Ws4Jp
n034HtR7EY88Ktg/eaGo+Y12l/j+oFlEue3BYASbcFjJbKgfintLFTpVatkWAHOc
09Tw8h5oa59mO2Sfr/gbl8Zhv4PTg/flNr46VQLoVftdFjjb6z9ue/dS4Se8jgYa
Qv/CGdB6zaYsY+2ny8n380NFz0mstQHyJz5NXLRVrFLymBUqT6zooQ3a7QykMrrg
/ST3ohAANgsVoWTj4IbuqEU6/v7XcZjfsG7wU3LNT390q8TM5xz3uAJXasHHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU5PCpRb/jXEUJRPJlbnMqevcSDyUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzNjM1MmUzMTM0
MzQyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
2UGQMA0GCSqGSIb3DQEBCwUAA4IBAQBX9rNYeCiq1ciuGCodT6qG1UPkxUzVxzWp
Q5ohb2TIBJ7n6PvG2oVPbyYRQQy+yixXUSe1w6HMA/20XroFxQxikp/rHYr+m2LU
o1y5PRMrlNWzwnhooZ+A622z2E454tKjZ3TbecIR4K+zeBCFyvxJ0e2/yclaebxX
+pzVU2wOGps861/O1k6oOBr0+tqnvwerZwUKR0Q4c5h5ArMx79+uPjF2Wn+dK0PL
znwni5rWSvdsvRcTIs4D8StHXeBMmcyOPU/mvhvCG1Q55/Akwxg68PFCflVNavoN
QowqJdVk97XNpFCNbCN7TV0dJXL6PC3uiT/BeiwpiO2t1NQSc9kd
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:42:20 2026 by rpki-client