Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e372e302f32342d3234203d3e20323033313439.roa
File: 3231372e32352e372e302f32342d3234203d3e20323033313439.roa (raw, json)
Hash identifier: ORaaFsuJfbCQ5gK+iP6X7HGTL9jsKreKKdMqaXidIEY=
Subject key identifier: FD:65:4B:79:B8:2B:40:D9:BD:C5:65:9F:30:4C:47:ED:9F:5C:39:09
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 5C1ADF9166F5EE473E499890B939A51BDEA779B7
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e372e302f32342d3234203d3e20323033313439.roa
Signing time: Fri 08 May 2026 12:33:56 +0000
ROA not before: Fri 08 May 2026 12:28:56 +0000
ROA not after: Fri 07 May 2027 12:33:56 +0000
asID: 203149
IP address blocks: 217.25.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:14:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:1a:df:91:66:f5:ee:47:3e:49:98:90:b9:39:a5:1b:de:a7:79:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: May 8 12:28:56 2026 GMT
Not After : May 7 12:33:56 2027 GMT
Subject: CN=FD654B79B82B40D9BDC5659F304C47ED9F5C3909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b7:37:69:59:1d:5f:5a:4f:2e:c4:7e:44:3a:
69:77:9a:3d:43:3f:28:9e:f8:d0:c0:3f:5c:8a:93:
0f:8b:57:cc:56:91:f3:f9:14:09:87:6b:54:8d:a1:
a8:b2:b4:84:15:4c:b4:1b:fb:1b:68:f0:1b:cf:d5:
cf:90:ad:3b:2b:df:7e:51:db:c0:55:51:69:d8:e0:
eb:d2:6e:65:d2:c9:5f:db:4d:75:1a:3a:37:48:2c:
be:2f:7a:1f:95:63:0e:db:4a:cd:18:ae:d8:bb:5c:
f7:79:08:66:7c:8d:ea:a1:bf:9d:1f:01:aa:5e:57:
19:e9:e2:1c:c1:1d:8b:ae:67:0d:a0:62:ff:9d:c3:
6c:ce:1d:65:3f:a4:1c:18:bd:f5:b5:90:eb:a5:eb:
cc:d5:f0:49:71:6c:47:92:28:fb:7d:07:ba:95:25:
e9:76:00:c6:94:9e:65:15:77:8a:22:04:0b:d5:a6:
ea:28:f8:9b:1f:73:db:fa:84:b3:19:93:0d:b1:b1:
56:25:88:70:54:ea:3d:1b:8b:dc:d6:9d:b1:d1:53:
84:cd:bd:5e:7b:44:43:ee:60:fd:fa:58:e7:ec:e1:
0a:85:79:dd:bb:a4:79:4d:92:ae:25:0e:24:92:6e:
b4:7f:bf:c1:bf:41:42:9b:a6:d7:b7:85:e2:d3:c4:
47:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:65:4B:79:B8:2B:40:D9:BD:C5:65:9F:30:4C:47:ED:9F:5C:39:09
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e372e302f32342d3234203d3e20323033313439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.7.0/24
Signature Algorithm: sha256WithRSAEncryption
75:cf:64:37:d6:a6:6e:13:76:87:dc:2c:58:c0:ea:a5:53:dd:
82:7d:d0:06:b3:0c:22:18:c1:c3:d3:5e:83:50:19:93:47:67:
c8:3c:df:f1:6f:d4:94:76:91:3e:3f:f8:fc:82:3c:bf:fd:8c:
aa:b6:f7:ad:41:d2:51:80:bd:5f:cd:fc:24:68:bc:e2:ce:f0:
75:84:e1:4f:bf:1d:ff:73:a2:5a:c5:5e:7c:88:8e:e3:d2:e0:
d2:01:30:88:d3:17:30:7b:79:7a:a1:89:75:72:ac:79:ea:58:
64:ba:88:f2:a6:25:c2:e7:92:2f:cc:d4:db:f6:df:ed:0c:33:
7e:05:d3:d9:3b:96:c4:45:3f:f5:90:3f:3b:1f:8b:05:26:30:
e2:af:f3:7e:88:9f:36:b0:90:81:71:47:d9:f9:19:35:24:a6:
ea:99:15:6c:eb:07:36:ed:0a:08:3a:a4:f7:4e:7b:43:9d:c1:
6e:02:a2:77:3f:ab:73:a5:63:a0:36:c4:a9:3b:0e:f2:13:4d:
f1:52:d0:99:c9:9f:70:f2:13:79:78:87:7b:a6:b5:b6:f5:ea:
b6:01:15:bb:47:25:8c:8a:06:89:87:6e:2a:c1:1f:d2:4a:bf:
0f:c2:ab:97:c1:90:cb:89:f4:ba:11:3a:35:1c:c4:53:c5:0a:
82:db:0c:64
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUXBrfkWb17kc+SZiQuTmlG96nebcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjA1MDgxMjI4NTZaFw0yNzA1MDcxMjMzNTZaMDMxMTAvBgNV
BAMTKEZENjU0Qjc5QjgyQjQwRDlCREM1NjU5RjMwNEM0N0VEOUY1QzM5MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvtzdpWR1fWk8uxH5EOml3mj1D
Pyie+NDAP1yKkw+LV8xWkfP5FAmHa1SNoaiytIQVTLQb+xto8BvP1c+QrTsr335R
28BVUWnY4OvSbmXSyV/bTXUaOjdILL4veh+VYw7bSs0Yrti7XPd5CGZ8jeqhv50f
AapeVxnp4hzBHYuuZw2gYv+dw2zOHWU/pBwYvfW1kOul68zV8ElxbEeSKPt9B7qV
Jel2AMaUnmUVd4oiBAvVpuoo+Jsfc9v6hLMZkw2xsVYliHBU6j0bi9zWnbHRU4TN
vV57REPuYP36WOfs4QqFed27pHlNkq4lDiSSbrR/v8G/QUKbpte3heLTxEeHAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU/WVLebgrQNm9xWWfMExH7Z9cOQkwHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzIzMTM3MmUzMjM1MmUzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMxMzQzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkZ
BzANBgkqhkiG9w0BAQsFAAOCAQEAdc9kN9ambhN2h9wsWMDqpVPdgn3QBrMMIhjB
w9Neg1AZk0dnyDzf8W/UlHaRPj/4/II8v/2Mqrb3rUHSUYC9X838JGi84s7wdYTh
T78d/3OiWsVefIiO49Lg0gEwiNMXMHt5eqGJdXKseepYZLqI8qYlwueSL8zU2/bf
7QwzfgXT2TuWxEU/9ZA/Ox+LBSYw4q/zfoifNrCQgXFH2fkZNSSm6pkVbOsHNu0K
CDqk9057Q53BbgKidz+rc6VjoDbEqTsO8hNN8VLQmcmfcPITeXiHe6a1tvXqtgEV
u0cljIoGiYduKsEf0kq/D8Krl8GQy4n0uhE6NRzEU8UKgtsMZA==
-----END CERTIFICATE-----
Generated at Wed May 13 09:55:09 2026 by rpki-client