Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3132312e302f32342d3234203d3e20313336373837.roa
File: 3231372e3231362e3132312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: BREn0xPdXHp4KqlbHfK05evBZ0m2xq0dEHbEMuDZZ3Y=
Subject key identifier: EB:BE:27:EB:98:13:18:47:5F:0D:59:45:44:DD:E3:CF:41:2A:87:BC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0860BFE17BAA9B7F26C2BB6393F1711E3E1CBEA6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3132312e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 09 Oct 2025 13:13:51 +0000
ROA not before: Thu 09 Oct 2025 13:08:51 +0000
ROA not after: Thu 08 Oct 2026 13:13:51 +0000
asID: 136787
IP address blocks: 217.216.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:60:bf:e1:7b:aa:9b:7f:26:c2:bb:63:93:f1:71:1e:3e:1c:be:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 13:08:51 2025 GMT
Not After : Oct 8 13:13:51 2026 GMT
Subject: CN=EBBE27EB981318475F0D594544DDE3CF412A87BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6d:63:ce:c4:e2:31:27:05:63:c2:e0:70:38:
a9:5c:64:a8:d8:aa:d1:6b:7c:1b:60:27:b4:01:06:
f7:90:45:c2:72:a4:60:79:e8:7a:52:28:40:39:87:
45:85:d6:a0:da:81:db:5d:1c:4a:c1:2f:84:8f:46:
27:0f:18:92:03:ad:5e:87:58:11:51:fa:ac:0c:68:
d2:7d:95:54:24:c9:ef:1d:aa:26:95:75:6c:d4:55:
6e:51:5b:eb:bf:8d:bc:22:d6:d7:84:72:ed:bc:7c:
dc:13:a1:94:fd:25:51:a5:eb:6e:e6:99:23:c4:1b:
02:03:53:06:a6:60:b5:82:4f:41:af:0b:7c:21:dd:
08:74:af:1a:45:b4:59:57:dc:3c:53:40:0d:2a:c2:
f5:6d:da:d2:57:f6:bf:c4:43:46:18:ef:60:c4:f2:
87:56:60:d6:8c:dc:1d:a8:d5:fc:02:1a:1a:f1:e3:
5d:3c:cb:13:23:4f:e5:7c:a1:5a:98:ef:92:75:d3:
4b:da:51:aa:a6:67:76:0e:3a:96:7b:7b:27:95:52:
36:93:fd:7e:bc:a0:6d:38:ca:d1:24:fc:93:52:0c:
43:a6:85:58:46:ab:f6:01:31:2e:2d:7e:12:f1:ed:
ec:47:20:bf:6e:41:44:c2:43:fe:07:aa:0a:38:d4:
31:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BE:27:EB:98:13:18:47:5F:0D:59:45:44:DD:E3:CF:41:2A:87:BC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3132312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.121.0/24
Signature Algorithm: sha256WithRSAEncryption
57:8f:04:05:c4:dd:69:ca:cc:63:f9:dc:13:14:5b:d4:b7:fa:
02:67:6d:3b:df:ef:54:a4:ff:80:5d:d1:54:d7:0d:49:99:80:
17:4c:ed:a9:22:48:35:cb:07:25:83:70:0b:1e:e7:eb:e9:99:
a6:b7:73:3c:bb:a0:14:de:71:3b:62:fd:f9:40:39:d2:bb:4d:
31:c0:c8:75:44:40:cc:a6:a5:c0:f6:45:1d:86:d7:05:4f:22:
84:4e:a2:e6:8a:88:77:3d:6d:4c:ab:6a:0c:01:40:11:99:6c:
d0:e4:73:97:e0:1d:c0:4c:30:ad:72:67:e2:c7:9f:c5:ff:3d:
f3:e8:9a:39:05:91:c9:86:90:75:be:8a:03:34:2a:e7:aa:2a:
cd:00:2b:8d:f3:76:61:dc:1f:d9:8b:55:83:4e:77:0e:fa:4a:
b0:9e:e8:55:cc:df:53:54:42:10:9d:cd:22:23:0e:65:45:5c:
ea:9a:8c:ef:c6:1a:b1:d3:fb:78:90:f4:6b:ab:6d:1b:ea:37:
2b:5a:3d:b7:fe:5b:ea:91:3e:91:75:7e:96:12:d7:68:69:fd:
ae:29:d0:14:f9:26:d9:91:53:b5:bd:9d:33:11:3e:1c:b7:d9:
d9:aa:04:7e:6b:50:81:f7:ae:8b:0c:72:34:41:4f:61:fb:12:
c5:72:7c:b0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCGC/4Xuqm38mwrtjk/FxHj4cvqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDkxMzA4NTFaFw0yNjEwMDgxMzEzNTFaMDMxMTAvBgNV
BAMTKEVCQkUyN0VCOTgxMzE4NDc1RjBENTk0NTQ0RERFM0NGNDEyQTg3QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5bWPOxOIxJwVjwuBwOKlcZKjY
qtFrfBtgJ7QBBveQRcJypGB56HpSKEA5h0WF1qDagdtdHErBL4SPRicPGJIDrV6H
WBFR+qwMaNJ9lVQkye8dqiaVdWzUVW5RW+u/jbwi1teEcu28fNwToZT9JVGl627m
mSPEGwIDUwamYLWCT0GvC3wh3Qh0rxpFtFlX3DxTQA0qwvVt2tJX9r/EQ0YY72DE
8odWYNaM3B2o1fwCGhrx4108yxMjT+V8oVqY75J100vaUaqmZ3YOOpZ7eyeVUjaT
/X68oG04ytEk/JNSDEOmhVhGq/YBMS4tfhLx7exHIL9uQUTCQ/4Hqgo41DFjAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU674n65gTGEdfDVlFRN3jz0Eqh7wwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYeTANBgkqhkiG9w0BAQsFAAOCAQEAV48EBcTdacrMY/ncExRb1Lf6Amdt
O9/vVKT/gF3RVNcNSZmAF0ztqSJINcsHJYNwCx7n6+mZprdzPLugFN5xO2L9+UA5
0rtNMcDIdURAzKalwPZFHYbXBU8ihE6i5oqIdz1tTKtqDAFAEZls0ORzl+AdwEww
rXJn4sefxf898+iaOQWRyYaQdb6KAzQq56oqzQArjfN2Ydwf2YtVg053DvpKsJ7o
VczfU1RCEJ3NIiMOZUVc6pqM78YasdP7eJD0a6ttG+o3K1o9t/5b6pE+kXV+lhLX
aGn9rinQFPkm2ZFTtb2dMxE+HLfZ2aoEfmtQgfeuiwxyNEFPYfsSxXJ8sA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:46:47 2025 by rpki-client