Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e362e302f32342d3234203d3e203633373933.roa
File: 3231372e32352e362e302f32342d3234203d3e203633373933.roa (raw, json)
Hash identifier: INM60jl1cf01X8Dit6vIBFxI1U5BBx8k+1yHI+R5aYQ=
Subject key identifier: 1A:79:D0:24:B4:DA:EE:0D:B1:B2:46:23:E9:69:92:79:54:26:42:06
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 5BD5B302ED801BBE8D371620B88A88D33BA4455C
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e362e302f32342d3234203d3e203633373933.roa
Signing time: Thu 07 May 2026 15:03:47 +0000
ROA not before: Thu 07 May 2026 14:58:47 +0000
ROA not after: Thu 06 May 2027 15:03:47 +0000
asID: 63793
IP address blocks: 217.25.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:d5:b3:02:ed:80:1b:be:8d:37:16:20:b8:8a:88:d3:3b:a4:45:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: May 7 14:58:47 2026 GMT
Not After : May 6 15:03:47 2027 GMT
Subject: CN=1A79D024B4DAEE0DB1B24623E969927954264206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:a4:57:83:03:07:92:bf:f1:17:1d:76:dc:ac:
da:a5:f8:61:4b:8c:42:1c:c2:ff:b7:1a:c9:1f:b2:
19:f7:76:30:28:c1:d3:fb:87:ff:0f:ff:8a:4f:b2:
53:31:a2:50:03:25:8b:ca:c0:47:4c:c9:29:0e:da:
51:09:88:68:5d:f0:03:6f:e9:ba:af:d5:3b:19:02:
90:54:68:15:a2:1b:56:f0:f5:5a:c9:74:e1:77:c0:
cc:0f:63:1a:b5:7f:46:64:fe:bc:be:31:90:37:ec:
4b:1a:a5:4c:b3:7a:f4:7a:33:14:3f:48:20:3d:16:
96:0a:85:39:e6:95:13:a0:6e:7d:ab:ac:48:8f:ef:
d7:e2:aa:96:3f:f5:da:b8:f8:f2:a8:c0:f9:94:35:
32:e0:cb:11:ec:0d:5f:37:e0:3f:7e:0f:1c:00:64:
24:9f:5c:6a:3b:5f:0d:be:04:71:83:b5:67:9a:9f:
3f:d3:d5:76:13:a8:38:2d:d8:76:93:59:b3:0c:31:
d7:7b:89:09:62:7a:39:ef:5f:bd:b6:2f:2b:5b:be:
20:ca:c3:46:63:95:8d:46:23:aa:8a:5d:58:c1:29:
dc:72:11:43:d3:16:ef:b1:8b:93:7c:03:f6:61:83:
78:fc:4f:bb:c7:c7:fc:2a:a5:4b:0a:85:76:34:c0:
70:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:79:D0:24:B4:DA:EE:0D:B1:B2:46:23:E9:69:92:79:54:26:42:06
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e362e302f32342d3234203d3e203633373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.6.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:4c:c2:bb:25:4e:e6:a1:b0:4e:66:e1:52:f8:20:c0:dc:d0:
8c:c0:9f:cd:59:de:45:c7:8f:71:69:08:6c:3e:d0:39:d3:b4:
22:66:de:74:c7:eb:6a:fa:7e:33:b8:2c:49:d6:16:55:9a:ce:
21:05:89:ba:eb:3d:4b:a1:d4:2b:76:41:df:b9:32:9f:df:4e:
99:5f:fd:9f:35:36:2f:27:26:16:6a:88:1b:4f:ce:d6:59:41:
46:ad:0a:15:b7:4b:22:13:fa:a6:ab:a9:72:43:e8:cb:60:02:
4a:d3:f9:05:2a:e6:34:f0:c2:92:b0:83:6b:3d:52:ff:2d:af:
36:e1:d4:27:65:da:94:73:cc:fe:a2:a2:6d:d6:26:8b:29:34:
df:de:e3:5c:2e:77:1c:ea:32:c5:a3:89:a3:01:2b:a1:1f:bb:
4f:bf:c2:59:e8:aa:e7:12:e9:73:80:0e:a4:20:d2:ec:15:86:
bf:a7:c5:25:46:8d:ec:6e:97:c4:03:dd:b8:b0:34:e5:97:d0:
e7:f6:f8:cb:53:79:3d:95:dc:95:f5:fa:22:14:f7:95:86:b5:
b9:fb:e5:c4:4f:7d:8a:87:29:3b:77:6e:b9:68:da:2e:39:fa:
db:58:c0:ac:e6:22:dc:f9:a5:f7:dd:33:77:2b:16:53:d8:da:
e4:5a:19:1c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUW9WzAu2AG76NNxYguIqI0zukRVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjA1MDcxNDU4NDdaFw0yNzA1MDYxNTAzNDdaMDMxMTAvBgNV
BAMTKDFBNzlEMDI0QjREQUVFMERCMUIyNDYyM0U5Njk5Mjc5NTQyNjQyMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3pFeDAweSv/EXHXbcrNql+GFL
jEIcwv+3Gskfshn3djAowdP7h/8P/4pPslMxolADJYvKwEdMySkO2lEJiGhd8ANv
6bqv1TsZApBUaBWiG1bw9VrJdOF3wMwPYxq1f0Zk/ry+MZA37EsapUyzevR6MxQ/
SCA9FpYKhTnmlROgbn2rrEiP79fiqpY/9dq4+PKowPmUNTLgyxHsDV834D9+DxwA
ZCSfXGo7Xw2+BHGDtWeanz/T1XYTqDgt2HaTWbMMMdd7iQliejnvX722LytbviDK
w0ZjlY1GI6qKXVjBKdxyEUPTFu+xi5N8A/Zhg3j8T7vHx/wqpUsKhXY0wHC7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUGnnQJLTa7g2xskYj6WmSeVQmQgYwHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzIzMTM3MmUzMjM1MmUzNjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzNzM5MzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADZGQYw
DQYJKoZIhvcNAQELBQADggEBADtMwrslTuahsE5m4VL4IMDc0IzAn81Z3kXHj3Fp
CGw+0DnTtCJm3nTH62r6fjO4LEnWFlWaziEFibrrPUuh1Ct2Qd+5Mp/fTplf/Z81
Ni8nJhZqiBtPztZZQUatChW3SyIT+qarqXJD6MtgAkrT+QUq5jTwwpKwg2s9Uv8t
rzbh1Cdl2pRzzP6iom3WJospNN/e41wudxzqMsWjiaMBK6Efu0+/wlnoqucS6XOA
DqQg0uwVhr+nxSVGjexul8QD3biwNOWX0Of2+MtTeT2V3JX1+iIU95WGtbn75cRP
fYqHKTt3brlo2i45+ttYwKzmItz5pffdM3crFlPY2uRaGRw=
-----END CERTIFICATE-----
Generated at Wed May 13 06:26:17 2026 by rpki-client