Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39332e302f32342d3234203d3e20313336373837.roa
File: 3231322e33322e39332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: vjk9LDcIDg0Dzen73e+qjyvgIdeot15eWE5x/z9TLAA=
Subject key identifier: D7:41:8A:6F:20:42:42:2F:17:DB:7F:CF:8D:CB:D2:03:E5:B4:87:D6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2E64926EA6F922F621D8A066C7009E7BFE747B83
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39332e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 16 Oct 2025 15:47:55 +0000
ROA not before: Thu 16 Oct 2025 15:42:55 +0000
ROA not after: Thu 15 Oct 2026 15:47:55 +0000
asID: 136787
IP address blocks: 212.32.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:64:92:6e:a6:f9:22:f6:21:d8:a0:66:c7:00:9e:7b:fe:74:7b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 16 15:42:55 2025 GMT
Not After : Oct 15 15:47:55 2026 GMT
Subject: CN=D7418A6F2042422F17DB7FCF8DCBD203E5B487D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a6:83:9a:47:13:e9:5e:a7:0a:30:4f:24:3a:
a5:31:5b:93:71:93:48:9d:f2:47:8b:8f:c8:18:46:
50:7c:36:5f:11:a2:3e:f6:06:3e:cf:fc:2d:e9:87:
9b:3d:00:4a:ee:4a:af:8f:c8:fa:f0:00:7b:21:5e:
ef:08:3f:39:9f:14:e9:59:84:e6:ce:0a:0f:ef:a7:
5c:9a:3f:5d:cc:b0:07:d5:a9:d1:59:43:21:8c:6d:
94:54:17:dc:42:2f:3f:98:ba:d5:47:74:78:1c:71:
b3:79:c9:7b:13:b5:fb:71:0d:5c:67:93:36:bb:71:
96:17:f7:d2:9c:3c:5f:c3:36:c9:36:07:6a:a4:56:
3a:8a:7a:62:ad:d3:d5:98:a8:4f:b1:54:68:86:29:
c7:4a:61:84:ce:b3:dd:99:68:2c:8e:c6:c1:a8:27:
7d:07:b7:9a:66:27:2c:f9:aa:4e:86:a0:1a:4e:a7:
c9:39:ac:c4:ee:74:12:21:96:2c:d8:3f:e8:dc:2e:
09:50:97:46:61:f8:8a:e2:59:3e:d2:30:18:83:d3:
36:73:66:7b:18:73:3a:34:ff:49:c0:04:8e:98:c5:
82:0a:1c:01:7d:52:d6:3d:62:48:c1:03:42:35:56:
bb:2e:8f:9e:ec:e2:2f:b3:7b:83:ab:dd:23:81:d5:
ce:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:41:8A:6F:20:42:42:2F:17:DB:7F:CF:8D:CB:D2:03:E5:B4:87:D6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.93.0/24
Signature Algorithm: sha256WithRSAEncryption
32:97:e4:af:d5:0e:02:9e:1b:4d:0b:cc:e2:90:6c:64:1f:96:
d1:58:6d:b2:a0:52:fc:35:b3:76:86:f9:f3:b7:7e:c7:ef:c5:
58:83:52:63:42:a8:ad:27:d2:18:86:ab:8c:cc:8e:e9:55:ee:
ff:03:7e:80:e2:15:f8:5e:e6:f3:26:38:ff:43:c4:00:f3:46:
5b:e9:e7:8f:32:b4:1c:57:2a:35:00:32:45:0b:20:7d:bc:61:
8b:7f:2a:24:8b:d1:01:0b:62:00:c9:b0:b4:39:39:68:2c:f8:
41:a3:0b:63:ab:f6:69:f9:93:ae:8a:83:6b:99:99:f8:47:c2:
6a:c3:0b:dc:f9:a0:74:54:d6:2c:b2:bf:d8:b4:81:24:c0:3f:
4f:fa:39:bb:2c:24:58:05:1b:37:3c:72:f1:b6:23:98:f0:5d:
45:10:84:b3:83:ff:e1:bc:80:5b:ed:67:a4:bb:83:0a:52:4f:
27:8b:66:5a:9e:c6:30:c6:07:f1:37:f6:0e:96:11:4d:0e:44:
f6:53:88:f8:84:bc:a3:97:22:31:ee:d5:8f:6a:0f:37:14:47:
e2:4f:44:70:dc:ca:c5:b2:77:fd:5a:40:23:48:bb:4f:4c:1a:
d4:6a:04:fd:50:40:1c:4a:be:18:7b:64:05:64:d7:16:9a:f1:
02:bf:bc:19
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULmSSbqb5IvYh2KBmxwCee/50e4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMTYxNTQyNTVaFw0yNjEwMTUxNTQ3NTVaMDMxMTAvBgNV
BAMTKEQ3NDE4QTZGMjA0MjQyMkYxN0RCN0ZDRjhEQ0JEMjAzRTVCNDg3RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtpoOaRxPpXqcKME8kOqUxW5Nx
k0id8keLj8gYRlB8Nl8Roj72Bj7P/C3ph5s9AEruSq+PyPrwAHshXu8IPzmfFOlZ
hObOCg/vp1yaP13MsAfVqdFZQyGMbZRUF9xCLz+YutVHdHgccbN5yXsTtftxDVxn
kza7cZYX99KcPF/DNsk2B2qkVjqKemKt09WYqE+xVGiGKcdKYYTOs92ZaCyOxsGo
J30Ht5pmJyz5qk6GoBpOp8k5rMTudBIhlizYP+jcLglQl0Zh+IriWT7SMBiD0zZz
ZnsYczo0/0nABI6YxYIKHAF9UtY9YkjBA0I1Vrsuj57s4i+ze4Or3SOB1c5xAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU10GKbyBCQi8X23/PjcvSA+W0h9YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzOTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBdMA0GCSqGSIb3DQEBCwUAA4IBAQAyl+Sv1Q4CnhtNC8zikGxkH5bRWG2yoFL8
NbN2hvnzt37H78VYg1JjQqitJ9IYhquMzI7pVe7/A36A4hX4XubzJjj/Q8QA80Zb
6eePMrQcVyo1ADJFCyB9vGGLfyoki9EBC2IAybC0OTloLPhBowtjq/Zp+ZOuioNr
mZn4R8Jqwwvc+aB0VNYssr/YtIEkwD9P+jm7LCRYBRs3PHLxtiOY8F1FEISzg//h
vIBb7Weku4MKUk8ni2ZansYwxgfxN/YOlhFNDkT2U4j4hLyjlyIx7tWPag83FEfi
T0Rw3MrFsnf9WkAjSLtPTBrUagT9UEAcSr4Ye2QFZNcWmvECv7wZ
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:31:51 2025 by rpki-client