Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3135322e302f32312d3234203d3e203437353833.roa
File: 3231372e36352e3135322e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: +QRi5+iRangvt92Br5PaNtiE3uYdWQpSo9u+1NhXGu4=
Subject key identifier: 60:06:8F:54:5F:5D:1E:F8:29:7B:D4:88:22:FE:D7:8F:75:B3:F5:9D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6B944E4167CEE27A3A25F01B373D8F59A513E8B7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3135322e302f32312d3234203d3e203437353833.roa
Signing time: Fri 27 Feb 2026 15:23:22 +0000
ROA not before: Fri 27 Feb 2026 15:18:22 +0000
ROA not after: Fri 26 Feb 2027 15:23:22 +0000
asID: 47583
IP address blocks: 217.65.152.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:94:4e:41:67:ce:e2:7a:3a:25:f0:1b:37:3d:8f:59:a5:13:e8:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 27 15:18:22 2026 GMT
Not After : Feb 26 15:23:22 2027 GMT
Subject: CN=60068F545F5D1EF8297BD48822FED78F75B3F59D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:02:ca:23:a9:ed:b0:4f:60:a0:30:ba:b1:d1:
39:63:17:7c:8f:12:c2:e2:06:55:ed:84:4b:7b:77:
a1:f0:af:ea:eb:0e:be:70:cc:d2:9a:30:10:03:49:
25:b0:31:b0:8e:33:b9:7d:83:b9:e0:c9:19:39:32:
00:dd:24:6d:0f:0b:3f:ac:c2:3f:3a:ac:c4:00:39:
a3:46:51:f5:0f:44:fb:c1:65:10:f8:3b:2f:2f:8e:
f5:dd:aa:a6:b7:2c:2e:ef:eb:98:be:27:6b:11:d7:
f6:ca:eb:d1:40:f3:68:9c:83:44:02:09:c5:aa:40:
c6:e5:3d:8b:40:ff:cd:39:35:43:a9:36:4c:b6:c3:
e8:fd:19:1b:87:57:6f:45:bb:78:8d:08:b6:d6:65:
1a:74:5e:76:98:0c:a9:bd:3e:e8:49:6e:23:d1:53:
0c:e8:57:f2:3a:ab:19:3c:ef:39:14:23:a1:8a:46:
b4:66:c0:cb:88:bb:a6:fc:3d:31:6b:f4:cd:50:e8:
0a:66:fd:b5:2e:f5:ab:ef:cf:b9:95:81:b0:f5:18:
27:5e:a8:09:e7:a0:7a:38:9e:3d:4b:87:d6:03:1b:
18:13:eb:3f:eb:b7:76:6d:d9:9c:bc:c6:2e:9b:92:
c7:78:b7:d9:96:89:68:4c:cd:4b:63:0d:07:ce:4d:
34:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:06:8F:54:5F:5D:1E:F8:29:7B:D4:88:22:FE:D7:8F:75:B3:F5:9D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3135322e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.65.152.0/21
Signature Algorithm: sha256WithRSAEncryption
98:8d:a7:bb:ac:0d:31:a6:38:63:09:7c:4d:d7:5e:c1:4c:92:
32:ca:8c:00:0f:a3:99:1b:3b:4d:24:3c:31:8e:d7:69:c0:fc:
9c:60:9d:6f:70:96:21:a1:33:0c:22:c9:66:75:28:ac:56:d0:
e2:fb:ae:9a:9c:28:30:91:b2:34:29:30:6a:2e:c0:79:d4:2d:
1e:a1:5c:cc:0c:d6:e5:7b:b5:e0:ef:da:74:28:f0:5b:bf:99:
19:61:99:3a:9f:3e:dd:91:a7:e3:7b:f7:ac:a4:ca:10:da:c6:
9d:02:e5:1f:1a:a8:82:b2:bd:52:6d:d2:9e:b5:77:02:3e:82:
1e:60:e8:06:b5:f1:c1:ab:f1:88:aa:47:37:12:e7:8f:ce:cc:
c1:09:5a:92:04:d0:11:92:0f:68:47:80:19:a7:9b:9d:bd:b7:
c3:52:ea:b7:46:b3:6d:9e:51:43:8f:51:60:a1:12:3e:43:f4:
38:33:20:a7:c7:6d:ef:ee:b9:bd:95:92:99:86:0c:1b:a7:10:
7b:73:a8:01:22:55:30:99:ae:29:f8:47:62:5a:e1:e1:65:65:
24:b0:50:82:94:8b:52:9c:af:ea:6f:b9:e8:57:8b:0f:33:d7:
5e:58:d9:71:ab:27:e6:38:43:b2:a9:ae:6b:07:0d:59:34:6a:
34:f0:91:f0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUa5ROQWfO4no6JfAbNz2PWaUT6LcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNjAyMjcxNTE4MjJaFw0yNzAyMjYxNTIzMjJaMDMxMTAvBgNV
BAMTKDYwMDY4RjU0NUY1RDFFRjgyOTdCRDQ4ODIyRkVENzhGNzVCM0Y1OUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvAsojqe2wT2CgMLqx0TljF3yP
EsLiBlXthEt7d6Hwr+rrDr5wzNKaMBADSSWwMbCOM7l9g7ngyRk5MgDdJG0PCz+s
wj86rMQAOaNGUfUPRPvBZRD4Oy8vjvXdqqa3LC7v65i+J2sR1/bK69FA82icg0QC
CcWqQMblPYtA/805NUOpNky2w+j9GRuHV29Fu3iNCLbWZRp0XnaYDKm9PuhJbiPR
UwzoV/I6qxk87zkUI6GKRrRmwMuIu6b8PTFr9M1Q6Apm/bUu9avvz7mVgbD1GCde
qAnnoHo4nj1Lh9YDGxgT6z/rt3Zt2Zy8xi6bksd4t9mWiWhMzUtjDQfOTTRzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUYAaPVF9dHvgpe9SIIv7Xj3Wz9Z0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzNjM1MmUzMTM1
MzIyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
2UGYMA0GCSqGSIb3DQEBCwUAA4IBAQCYjae7rA0xpjhjCXxN117BTJIyyowAD6OZ
GztNJDwxjtdpwPycYJ1vcJYhoTMMIslmdSisVtDi+66anCgwkbI0KTBqLsB51C0e
oVzMDNble7Xg79p0KPBbv5kZYZk6nz7dkafje/espMoQ2sadAuUfGqiCsr1SbdKe
tXcCPoIeYOgGtfHBq/GIqkc3EuePzszBCVqSBNARkg9oR4AZp5udvbfDUuq3RrNt
nlFDj1FgoRI+Q/Q4MyCnx23v7rm9lZKZhgwbpxB7c6gBIlUwma4p+EdiWuHhZWUk
sFCClItSnK/qb7noV4sPM9deWNlxqyfmOEOyqa5rBw1ZNGo08JHw
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:30:46 2026 by rpki-client