Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3132312e302f32342d3234203d3e203330393637.roa
File: 3130392e3130362e3132312e302f32342d3234203d3e203330393637.roa (raw, json)
Hash identifier: 2EfZWSS/nyp5PScBKvWfxWJ705pLIgNi++C91gk/vvA=
Subject key identifier: B9:17:85:CC:79:FC:6E:45:27:FD:3F:B0:0C:F6:0F:A6:EC:C3:9A:03
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0271D4F988D8A301D41871C2E983F8A00E27C891
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3132312e302f32342d3234203d3e203330393637.roa
Signing time: Fri 22 Aug 2025 10:47:08 +0000
ROA not before: Fri 22 Aug 2025 10:42:08 +0000
ROA not after: Fri 21 Aug 2026 10:47:08 +0000
asID: 30967
IP address blocks: 109.106.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:71:d4:f9:88:d8:a3:01:d4:18:71:c2:e9:83:f8:a0:0e:27:c8:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 10:42:08 2025 GMT
Not After : Aug 21 10:47:08 2026 GMT
Subject: CN=B91785CC79FC6E4527FD3FB00CF60FA6ECC39A03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ac:8a:f2:ca:0c:82:8e:63:dc:80:f0:92:a7:
ba:8d:77:c7:93:b7:3d:98:77:97:73:15:5e:8b:a5:
21:6c:18:fc:de:5c:82:1a:8a:60:52:0e:69:69:15:
33:58:d4:eb:ed:15:65:84:57:10:fd:7c:0f:80:ad:
20:0f:6a:48:05:ec:6c:d1:74:22:46:2a:0e:21:ed:
e7:93:a1:86:63:4f:09:09:32:f9:ea:88:be:34:ff:
49:e4:92:cf:45:09:42:f7:8f:fd:6a:ae:e3:f7:76:
64:83:ef:cd:21:db:bf:fb:6f:ee:5a:36:9c:5a:3c:
e7:4f:d3:f4:6f:58:97:21:e6:19:f9:2a:a9:5c:bc:
aa:8d:76:c8:4d:20:89:83:88:20:f2:0f:4a:de:81:
15:bb:ce:fe:1a:a1:f1:41:5d:9a:ab:a4:d8:ba:d1:
6e:c0:c6:26:e6:d2:3c:5b:2a:ea:15:80:c8:25:e9:
45:4f:21:62:09:3e:fa:52:82:87:67:4a:b9:fc:f8:
38:1f:94:40:95:72:d4:34:35:ed:5a:5b:92:d0:3c:
f3:da:71:35:d3:05:db:5a:70:22:5b:5a:66:b1:85:
ef:36:0c:cf:2e:1d:73:fc:d0:c0:c2:66:bd:98:32:
33:aa:4e:56:5b:3b:04:23:a0:b1:d5:26:65:93:41:
ed:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:17:85:CC:79:FC:6E:45:27:FD:3F:B0:0C:F6:0F:A6:EC:C3:9A:03
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3132312e302f32342d3234203d3e203330393637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.121.0/24
Signature Algorithm: sha256WithRSAEncryption
32:b7:f9:50:53:0f:be:ba:26:d5:f8:41:c5:8d:82:34:2f:56:
4f:af:25:e8:17:db:99:7b:da:3e:3c:5f:70:92:94:ae:7d:ee:
b3:91:6b:38:e6:8a:32:80:ef:a8:76:a6:31:67:3c:57:32:5f:
45:a9:c3:ca:8e:cd:ba:52:a1:8a:13:81:5b:76:7b:d2:6d:eb:
be:43:80:4f:73:47:bf:b8:66:a0:a3:11:a2:8f:48:71:57:cd:
23:c9:55:3a:a0:b3:12:a8:45:03:9a:2e:f9:2a:06:27:d0:c0:
75:37:e0:a7:b0:a0:e3:73:ef:72:ed:31:af:05:14:52:c5:e8:
50:2a:df:5e:c8:89:a3:ef:89:91:fb:5a:65:40:24:e9:0b:3b:
fc:77:00:f4:32:fd:8d:d7:08:0e:13:da:b6:e6:8c:ac:dc:f1:
b2:00:57:1a:23:15:4c:31:e8:e4:80:6f:f7:a6:d8:e4:3d:0f:
f9:11:05:5d:61:f3:99:6c:b0:96:48:b5:3f:23:25:83:34:5b:
57:c1:53:40:b2:ab:f3:68:7c:4c:ef:d0:8e:e8:43:35:f3:7b:
38:9c:da:c0:c2:8a:5a:c3:c3:38:e5:da:0a:3d:17:5c:5b:db:
26:5e:72:f5:f6:28:d0:30:08:56:e0:46:07:68:d2:a6:c7:b8:
1e:1d:01:39
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAnHU+YjYowHUGHHC6YP4oA4nyJEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxMDQyMDhaFw0yNjA4MjExMDQ3MDhaMDMxMTAvBgNV
BAMTKEI5MTc4NUNDNzlGQzZFNDUyN0ZEM0ZCMDBDRjYwRkE2RUNDMzlBMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFrIryygyCjmPcgPCSp7qNd8eT
tz2Yd5dzFV6LpSFsGPzeXIIaimBSDmlpFTNY1OvtFWWEVxD9fA+ArSAPakgF7GzR
dCJGKg4h7eeToYZjTwkJMvnqiL40/0nkks9FCUL3j/1qruP3dmSD780h27/7b+5a
NpxaPOdP0/RvWJch5hn5KqlcvKqNdshNIImDiCDyD0regRW7zv4aofFBXZqrpNi6
0W7Axibm0jxbKuoVgMgl6UVPIWIJPvpSgodnSrn8+DgflECVctQ0Ne1aW5LQPPPa
cTXTBdtacCJbWmaxhe82DM8uHXP80MDCZr2YMjOqTlZbOwQjoLHVJmWTQe0rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuReFzHn8bkUn/T+wDPYPpuzDmgMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMwMzYyZTMx
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzAzOTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtankwDQYJKoZIhvcNAQELBQADggEBADK3+VBTD766JtX4QcWNgjQvVk+vJegX
25l72j48X3CSlK597rORazjmijKA76h2pjFnPFcyX0Wpw8qOzbpSoYoTgVt2e9Jt
675DgE9zR7+4ZqCjEaKPSHFXzSPJVTqgsxKoRQOaLvkqBifQwHU34KewoONz73Lt
Ma8FFFLF6FAq317IiaPviZH7WmVAJOkLO/x3APQy/Y3XCA4T2rbmjKzc8bIAVxoj
FUwx6OSAb/em2OQ9D/kRBV1h85lssJZItT8jJYM0W1fBU0Cyq/NofEzv0I7oQzXz
ezic2sDCilrDwzjl2go9F1xb2yZecvX2KNAwCFbgRgdo0qbHuB4dATk=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:42:39 2025 by rpki-client