Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39352e302f32342d3234203d3e20323132323338.roa
File: 3231322e33322e39352e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: ZNbmCYueRHZYn1wSXuOyIyjNXFX3bal7SKoOUMAhhMk=
Subject key identifier: B8:55:26:70:66:D4:84:71:F4:36:FB:1E:1F:61:00:9A:F8:B9:01:DD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0318794587B7A761F75F2C38F64A65891D5692AB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39352e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 07 Aug 2025 08:04:18 +0000
ROA not before: Thu 07 Aug 2025 07:59:18 +0000
ROA not after: Thu 06 Aug 2026 08:04:18 +0000
asID: 212238
IP address blocks: 212.32.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:18:79:45:87:b7:a7:61:f7:5f:2c:38:f6:4a:65:89:1d:56:92:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 7 07:59:18 2025 GMT
Not After : Aug 6 08:04:18 2026 GMT
Subject: CN=B855267066D48471F436FB1E1F61009AF8B901DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:60:ef:1b:a6:3b:bb:42:ab:73:b0:0e:79:03:
1e:89:c2:58:84:e3:40:4b:7b:65:d4:9a:5a:09:54:
49:35:9c:18:bf:6e:b9:5e:40:f7:b0:94:2a:93:aa:
cc:92:b5:23:8a:ae:ff:1b:7c:df:43:92:39:00:23:
f6:f9:6d:a7:d3:fa:60:82:20:d9:4f:9a:db:ea:d5:
0a:c0:38:17:bd:12:1b:9d:e3:b4:09:fd:8c:f8:42:
c2:ef:0c:f8:78:71:1f:ca:c1:33:f6:b4:f6:3f:5c:
37:5b:1d:db:ae:37:ee:3b:6d:90:5b:c9:5f:a5:11:
e4:e8:f8:6a:66:e4:28:69:3a:a9:a1:c0:51:6b:89:
bd:ed:fb:2c:4a:29:ad:45:ab:bb:fd:63:90:33:cd:
65:cb:fe:10:dc:60:00:3c:ee:b5:05:e1:cc:5a:ee:
c6:e8:bc:7f:21:bd:a5:fb:95:b8:d1:77:8f:80:a7:
9b:2e:2b:d2:b5:12:7c:e0:67:06:eb:3e:32:da:9c:
15:d5:13:74:06:e3:99:3d:0f:89:68:6d:5d:ba:ab:
f9:ac:dc:d0:8c:fe:72:5f:7c:69:9b:5c:5f:de:3e:
96:7e:49:89:9e:d1:34:e7:99:35:eb:d8:eb:90:a1:
4f:88:8d:47:46:41:61:d7:1d:65:a1:de:2b:5e:8e:
65:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:55:26:70:66:D4:84:71:F4:36:FB:1E:1F:61:00:9A:F8:B9:01:DD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39352e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.95.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:21:d5:df:98:69:67:be:0a:8c:af:b0:ea:70:d1:18:e0:11:
ba:e1:8d:6c:2d:e9:51:7e:88:67:d6:a4:24:b5:bc:b7:d2:61:
51:63:a2:af:4c:13:93:55:df:42:40:0c:32:0c:15:96:68:2c:
49:aa:84:7a:3f:b4:bc:4d:f9:96:0b:d2:8d:0c:a9:0b:2e:e6:
69:81:f8:ee:d1:30:d3:af:f1:ab:89:b4:5c:ea:f9:7d:bf:1c:
53:e3:5c:b6:86:61:f7:70:e9:42:c1:56:d2:b3:a2:00:b5:b7:
9e:fa:6a:d1:d1:59:05:1c:b4:3d:75:e5:66:ad:f7:d5:47:86:
84:6e:9a:b6:9b:9a:db:21:4b:bc:8b:a9:aa:40:2d:0f:29:8a:
e7:2b:ac:27:cd:3d:0b:c5:a4:dd:70:cd:a4:31:bb:54:27:ea:
a8:42:1a:a7:be:dc:69:90:b6:dd:bb:ad:8d:a6:13:c5:2e:3f:
66:22:f2:e8:2c:f0:74:f7:13:18:c1:cd:95:83:46:9a:b6:99:
9a:04:17:1e:b4:14:e8:74:55:3d:4f:1a:b3:20:ec:58:dd:bf:
e4:4b:0f:7f:71:40:e1:61:67:52:77:fa:0b:62:04:bd:7c:5c:
d4:2f:56:43:a7:14:94:9d:35:cb:d2:cb:13:4d:4a:2e:28:38:
a1:9a:81:3a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAxh5RYe3p2H3Xyw49kpliR1WkqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MDcwNzU5MThaFw0yNjA4MDYwODA0MThaMDMxMTAvBgNV
BAMTKEI4NTUyNjcwNjZENDg0NzFGNDM2RkIxRTFGNjEwMDlBRjhCOTAxREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCYO8bpju7QqtzsA55Ax6JwliE
40BLe2XUmloJVEk1nBi/brleQPewlCqTqsyStSOKrv8bfN9DkjkAI/b5bafT+mCC
INlPmtvq1QrAOBe9Ehud47QJ/Yz4QsLvDPh4cR/KwTP2tPY/XDdbHduuN+47bZBb
yV+lEeTo+Gpm5ChpOqmhwFFrib3t+yxKKa1Fq7v9Y5AzzWXL/hDcYAA87rUF4cxa
7sbovH8hvaX7lbjRd4+Ap5suK9K1EnzgZwbrPjLanBXVE3QG45k9D4lobV26q/ms
3NCM/nJffGmbXF/ePpZ+SYme0TTnmTXr2OuQoU+IjUdGQWHXHWWh3itejmX7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUuFUmcGbUhHH0NvseH2EAmvi5Ad0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzOTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBfMA0GCSqGSIb3DQEBCwUAA4IBAQBdIdXfmGlnvgqMr7DqcNEY4BG64Y1sLelR
fohn1qQktby30mFRY6KvTBOTVd9CQAwyDBWWaCxJqoR6P7S8TfmWC9KNDKkLLuZp
gfju0TDTr/GribRc6vl9vxxT41y2hmH3cOlCwVbSs6IAtbee+mrR0VkFHLQ9deVm
rffVR4aEbpq2m5rbIUu8i6mqQC0PKYrnK6wnzT0LxaTdcM2kMbtUJ+qoQhqnvtxp
kLbdu62NphPFLj9mIvLoLPB09xMYwc2Vg0aatpmaBBcetBTodFU9TxqzIOxY3b/k
Sw9/cUDhYWdSd/oLYgS9fFzUL1ZDpxSUnTXL0ssTTUouKDihmoE6
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:49:43 2025 by rpki-client