Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3131382e302f32342d3234203d3e20313336373837.roa
File: 3231372e3231362e3131382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: U9NVBIDnGqNUGqH/tyyAir7vEYakDRaia04dZkFVYDI=
Subject key identifier: 0D:32:0A:C4:88:E9:21:DD:38:9A:5F:36:D9:A5:F0:14:66:9F:E4:39
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4B332EDE873EBC7A134CAED9CE724AC7E47ACD2B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3131382e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 09 Oct 2025 13:13:49 +0000
ROA not before: Thu 09 Oct 2025 13:08:49 +0000
ROA not after: Thu 08 Oct 2026 13:13:49 +0000
asID: 136787
IP address blocks: 217.216.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:33:2e:de:87:3e:bc:7a:13:4c:ae:d9:ce:72:4a:c7:e4:7a:cd:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 13:08:49 2025 GMT
Not After : Oct 8 13:13:49 2026 GMT
Subject: CN=0D320AC488E921DD389A5F36D9A5F014669FE439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fe:f8:9c:3b:f6:86:0a:63:18:67:ec:54:8c:
e4:9b:a2:07:39:48:a0:75:ba:60:9d:f7:52:11:66:
a1:9f:09:7a:36:2d:6f:99:f8:95:8e:2c:cf:94:51:
af:6e:af:f1:11:25:c0:6d:49:6f:bf:9d:49:36:2a:
05:cd:67:db:f5:e9:e7:6e:86:47:28:62:39:b5:7a:
2e:39:82:98:be:12:7c:9b:16:22:4a:3c:06:a6:8e:
0c:3e:e1:09:13:c9:31:07:fb:29:50:1d:06:ef:8b:
bf:f5:0d:5f:a1:e7:c8:a5:d4:fa:21:a2:4a:19:fc:
4a:f8:73:81:a6:86:82:f7:9c:b3:2e:2e:8a:11:e6:
d7:18:61:20:0b:9d:f3:ef:24:52:3a:30:47:38:b5:
4d:9b:d4:cb:b4:3d:f2:9a:0a:3c:77:af:8e:c8:63:
ba:20:69:24:84:6c:9a:30:b5:94:56:16:90:94:11:
a4:65:d9:07:a6:06:0a:51:31:8c:8e:13:c6:fb:bf:
4e:fe:ee:c6:b0:12:7b:77:b6:11:3e:fa:00:4e:7d:
28:98:be:16:df:a5:72:e4:73:e3:34:22:e4:3b:de:
f8:fa:42:0b:99:10:46:79:37:a1:a4:84:57:f0:db:
75:79:7c:78:d3:64:2c:6a:5a:09:17:ba:28:26:a2:
c5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:32:0A:C4:88:E9:21:DD:38:9A:5F:36:D9:A5:F0:14:66:9F:E4:39
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3131382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.118.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:4a:fd:21:2f:0f:c8:04:ed:dc:a0:f1:46:15:7e:43:ee:5c:
db:3d:b9:fe:a4:32:fc:97:8f:2d:d3:a5:4f:3b:02:70:13:c4:
7f:e4:2a:35:a8:98:f8:5d:f3:87:7d:b8:af:b0:6a:4c:0f:86:
0c:18:e9:6b:22:af:14:fb:25:54:4a:34:1c:70:0c:0e:96:9a:
c7:c1:c8:c4:58:8b:5d:c1:cb:eb:cf:5d:fe:35:54:8e:af:fb:
1c:ad:dd:91:ec:25:9e:c1:5b:5c:d6:b1:1c:9b:a5:ef:ed:8e:
ad:b8:81:19:0a:98:b2:cb:e9:dc:00:e0:fe:53:df:e2:ad:f8:
9a:6b:14:e9:c5:32:d5:3c:19:ba:82:44:73:8d:5c:c7:11:f0:
20:f0:81:4b:d0:9c:42:84:25:fc:2b:77:ab:fb:31:f4:eb:cb:
7e:88:dd:74:a8:7a:29:8c:8b:df:3b:dd:11:04:e2:8b:dc:45:
db:bc:4a:a8:c7:ec:d7:e7:6c:24:b5:9a:d4:6c:10:07:ac:eb:
84:08:62:44:8e:eb:ff:ed:f1:66:34:4c:1a:40:38:f3:9e:b9:
69:30:4a:12:1d:f3:63:b5:8f:e3:14:49:ef:80:66:fb:61:41:
38:4f:e1:20:ee:ae:1a:b6:6f:14:45:05:45:6d:c5:31:5d:64:
ba:3d:b8:01
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUSzMu3oc+vHoTTK7ZznJKx+R6zSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDkxMzA4NDlaFw0yNjEwMDgxMzEzNDlaMDMxMTAvBgNV
BAMTKDBEMzIwQUM0ODhFOTIxREQzODlBNUYzNkQ5QTVGMDE0NjY5RkU0MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe/vicO/aGCmMYZ+xUjOSbogc5
SKB1umCd91IRZqGfCXo2LW+Z+JWOLM+UUa9ur/ERJcBtSW+/nUk2KgXNZ9v16edu
hkcoYjm1ei45gpi+EnybFiJKPAamjgw+4QkTyTEH+ylQHQbvi7/1DV+h58il1Poh
okoZ/Er4c4GmhoL3nLMuLooR5tcYYSALnfPvJFI6MEc4tU2b1Mu0PfKaCjx3r47I
Y7ogaSSEbJowtZRWFpCUEaRl2QemBgpRMYyOE8b7v07+7sawEnt3thE++gBOfSiY
vhbfpXLkc+M0IuQ73vj6QguZEEZ5N6GkhFfw23V5fHjTZCxqWgkXuigmosWtAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUDTIKxIjpId04ml822aXwFGaf5DkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzEzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYdjANBgkqhkiG9w0BAQsFAAOCAQEAD0r9IS8PyATt3KDxRhV+Q+5c2z25
/qQy/JePLdOlTzsCcBPEf+QqNaiY+F3zh324r7BqTA+GDBjpayKvFPslVEo0HHAM
Dpaax8HIxFiLXcHL689d/jVUjq/7HK3dkewlnsFbXNaxHJul7+2OrbiBGQqYssvp
3ADg/lPf4q34mmsU6cUy1TwZuoJEc41cxxHwIPCBS9CcQoQl/Ct3q/sx9OvLfojd
dKh6KYyL3zvdEQTii9xF27xKqMfs1+dsJLWa1GwQB6zrhAhiRI7r/+3xZjRMGkA4
8565aTBKEh3zY7WP4xRJ74Bm+2FBOE/hIO6uGrZvFEUFRW3FMV1kuj24AQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:46:42 2025 by rpki-client