Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3131322e302f32342d3234203d3e20313336373837.roa
File: 3231372e3231362e3131322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: /1fzXFc5yqD2vS6zBKLXHU9v9AS3GC8P7gQMDK2e8Cw=
Subject key identifier: BE:23:A6:C8:45:72:0D:6C:5E:C6:B3:52:34:B2:73:04:5E:68:1B:1A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 644D70FE04038316F0B5E89250CE78A60EC69068
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3131322e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 09 Oct 2025 13:13:43 +0000
ROA not before: Thu 09 Oct 2025 13:08:43 +0000
ROA not after: Thu 08 Oct 2026 13:13:43 +0000
asID: 136787
IP address blocks: 217.216.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:4d:70:fe:04:03:83:16:f0:b5:e8:92:50:ce:78:a6:0e:c6:90:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 13:08:43 2025 GMT
Not After : Oct 8 13:13:43 2026 GMT
Subject: CN=BE23A6C845720D6C5EC6B35234B273045E681B1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:de:43:2f:b8:43:d5:cc:21:ae:60:4a:11:f7:
a2:27:5c:5d:a1:b6:00:69:2f:3a:b2:dd:32:2a:e4:
16:42:34:42:01:e0:43:cd:34:ed:26:35:c0:2d:d8:
a1:65:d9:e2:c8:99:f5:b8:16:bc:03:f9:32:77:9b:
e8:03:11:ce:ef:86:79:4f:3e:5e:80:bc:b8:14:01:
f2:da:fb:00:bf:90:f0:89:fc:15:1c:9e:a1:c4:ba:
46:96:58:3d:a0:96:b9:2a:00:fe:68:df:6a:9c:91:
4e:6f:6b:97:e0:28:7e:26:a4:78:24:cc:8c:1a:31:
dc:a1:ab:18:d0:03:9f:cc:a9:5d:b1:84:a2:ac:09:
dc:85:fd:70:49:1b:70:2f:0d:35:63:51:b3:a2:dc:
de:13:5c:48:0f:28:63:cb:4f:ea:de:1b:f8:42:04:
b7:48:a8:72:ee:31:03:4c:20:eb:2d:1d:3c:dc:25:
48:0e:8a:ea:29:ae:4d:ce:56:79:d2:fb:cb:fe:a1:
71:79:b1:2c:79:fa:79:35:9e:a8:41:7a:0b:11:f7:
c4:fa:93:7a:ee:5f:0b:a0:bb:cd:d8:9b:27:46:6f:
4d:26:55:f3:6d:63:cd:84:d9:81:90:20:81:b8:d5:
30:2c:7e:23:44:e2:4e:08:ec:49:91:57:d9:30:fc:
60:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:23:A6:C8:45:72:0D:6C:5E:C6:B3:52:34:B2:73:04:5E:68:1B:1A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3131322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.112.0/24
Signature Algorithm: sha256WithRSAEncryption
78:fb:65:bc:9c:05:3d:00:28:4d:40:2f:8e:e0:c2:36:f5:bc:
ca:48:dd:bd:e3:e3:38:0f:a0:7b:36:34:7e:65:72:51:05:9f:
2e:bf:2a:52:5f:34:c0:6e:cd:7f:01:ec:2b:5a:97:d4:d9:ff:
a2:ea:01:61:89:6d:e6:f1:4e:c1:14:30:50:f6:67:24:d0:9a:
7f:4c:39:fe:05:62:00:7d:e8:13:d2:51:69:a8:dc:64:f9:28:
51:bc:d1:50:29:d7:95:86:30:0f:33:d5:a6:25:84:01:44:00:
82:5a:79:5c:5c:93:2c:55:30:d8:20:86:48:ee:9a:bd:62:91:
ad:17:f4:67:83:71:a6:a7:9b:07:7f:01:9c:ab:09:fe:9e:95:
3d:b7:c9:d7:a3:d3:de:23:33:f3:a5:d6:f0:5e:58:5d:b3:d3:
58:91:8c:f1:42:41:b2:82:29:5a:91:12:86:fb:62:7d:b2:5e:
a0:62:68:3f:cb:bc:21:58:b7:d7:28:af:89:e3:e6:ff:49:d6:
b6:c8:ba:67:05:dc:14:7d:75:bd:5a:e6:66:5a:c3:c9:80:a9:
bf:7d:97:bf:de:05:dc:ce:e8:b4:34:33:1f:81:6f:9c:3b:ca:
97:34:14:d6:e7:c5:c8:63:66:74:e4:59:2c:ab:37:ef:40:c4:
dd:97:38:5d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZE1w/gQDgxbwteiSUM54pg7GkGgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDkxMzA4NDNaFw0yNjEwMDgxMzEzNDNaMDMxMTAvBgNV
BAMTKEJFMjNBNkM4NDU3MjBENkM1RUM2QjM1MjM0QjI3MzA0NUU2ODFCMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo3kMvuEPVzCGuYEoR96InXF2h
tgBpLzqy3TIq5BZCNEIB4EPNNO0mNcAt2KFl2eLImfW4FrwD+TJ3m+gDEc7vhnlP
Pl6AvLgUAfLa+wC/kPCJ/BUcnqHEukaWWD2glrkqAP5o32qckU5va5fgKH4mpHgk
zIwaMdyhqxjQA5/MqV2xhKKsCdyF/XBJG3AvDTVjUbOi3N4TXEgPKGPLT+reG/hC
BLdIqHLuMQNMIOstHTzcJUgOiuoprk3OVnnS+8v+oXF5sSx5+nk1nqhBegsR98T6
k3ruXwugu83YmydGb00mVfNtY82E2YGQIIG41TAsfiNE4k4I7EmRV9kw/GA3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUviOmyEVyDWxexrNSNLJzBF5oGxowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYcDANBgkqhkiG9w0BAQsFAAOCAQEAePtlvJwFPQAoTUAvjuDCNvW8ykjd
vePjOA+gezY0fmVyUQWfLr8qUl80wG7NfwHsK1qX1Nn/ouoBYYlt5vFOwRQwUPZn
JNCaf0w5/gViAH3oE9JRaajcZPkoUbzRUCnXlYYwDzPVpiWEAUQAglp5XFyTLFUw
2CCGSO6avWKRrRf0Z4NxpqebB38BnKsJ/p6VPbfJ16PT3iMz86XW8F5YXbPTWJGM
8UJBsoIpWpEShvtifbJeoGJoP8u8IVi31yiviePm/0nWtsi6ZwXcFH11vVrmZlrD
yYCpv32Xv94F3M7otDQzH4FvnDvKlzQU1ufFyGNmdORZLKs370DE3Zc4XQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:46:45 2025 by rpki-client