Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3132322e302f32342d3234203d3e20313336373837.roa
File: 3231372e3231362e3132322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: jhGt7KDrADUASey3a3l7rlYl4apzt7JtE8gV2aZI9tY=
Subject key identifier: 6D:08:32:C0:EA:E9:7F:49:EF:04:F0:B7:78:8E:CA:B0:C6:99:39:A0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 663E2C9CB9A348729008298023D06AF93B85C01A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3132322e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 09 Oct 2025 13:13:52 +0000
ROA not before: Thu 09 Oct 2025 13:08:52 +0000
ROA not after: Thu 08 Oct 2026 13:13:52 +0000
asID: 136787
IP address blocks: 217.216.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:3e:2c:9c:b9:a3:48:72:90:08:29:80:23:d0:6a:f9:3b:85:c0:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 13:08:52 2025 GMT
Not After : Oct 8 13:13:52 2026 GMT
Subject: CN=6D0832C0EAE97F49EF04F0B7788ECAB0C69939A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0b:82:b3:43:d2:d8:60:e8:f3:66:c8:2f:24:
6d:49:f7:27:a4:42:a5:1a:33:3c:59:da:2e:b5:2e:
98:be:87:7e:9d:f8:ce:2b:c2:8c:bc:ad:b0:4b:a8:
71:37:ac:cb:dd:07:29:0e:69:e6:c4:8b:19:0a:ed:
bd:5d:56:58:0d:2a:b6:aa:e2:3b:20:d0:55:cc:6d:
b9:12:cf:2c:3f:e0:57:8f:99:05:df:34:ca:dd:a3:
27:02:aa:c9:6c:14:7c:1c:7f:d0:ff:12:fb:bc:49:
ce:0a:b6:82:8b:cd:fd:79:01:bc:eb:05:fe:1a:b0:
65:07:91:4e:30:b8:ad:5f:35:5e:a0:80:b2:34:28:
3f:b9:d1:35:52:93:e2:34:36:94:57:a9:46:88:9a:
5d:9f:9c:e6:af:b5:ec:84:d6:7e:89:01:33:65:54:
23:54:f6:ed:47:b2:7a:93:5c:5c:28:88:81:47:fc:
13:5d:b4:00:d6:8b:a2:93:2a:2e:07:60:8b:b5:b5:
40:71:1f:41:ae:83:4e:24:24:50:21:72:d9:a3:6c:
71:4e:5e:73:b0:b0:a8:6c:90:89:ce:db:c5:68:bb:
5c:e8:07:ae:f5:52:9d:ca:d0:96:c9:4e:05:9e:35:
0e:88:3d:73:d9:7e:b4:7c:1b:5c:c4:e8:0e:80:8c:
bb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:08:32:C0:EA:E9:7F:49:EF:04:F0:B7:78:8E:CA:B0:C6:99:39:A0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3132322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.122.0/24
Signature Algorithm: sha256WithRSAEncryption
68:b1:a6:2e:7f:eb:62:73:f6:b6:33:97:63:1c:3d:15:24:f8:
c2:9d:e9:fc:65:f0:b3:d0:20:15:b3:bf:9a:66:6b:9d:2e:f9:
9b:76:15:1a:76:07:28:6a:e5:51:c7:1f:66:80:c7:ec:75:9e:
a1:e1:31:f8:d8:ac:59:e2:35:56:77:35:26:f9:4e:91:1a:a6:
f8:69:f9:e2:63:49:1a:e0:24:4c:a1:34:6f:51:67:c3:df:6b:
1d:57:aa:6f:b8:42:21:fa:1b:88:e3:f0:3f:21:a5:62:a7:73:
b3:5d:c9:91:77:54:bc:5a:9f:09:86:84:e5:5c:9b:89:e6:45:
6b:fa:ea:b9:41:a4:a8:f0:54:cb:6b:42:29:fb:fb:ee:b9:a9:
c8:d8:e3:0c:64:42:88:95:43:7d:99:7b:f3:a3:be:e2:ed:52:
f6:93:eb:56:1b:ef:e2:87:f8:6d:c8:08:ba:a1:7d:51:c1:87:
0d:9f:04:ad:6c:f0:52:33:4a:6e:5a:d9:db:d8:a1:1e:94:f8:
71:a8:fe:29:ca:28:cf:6a:d3:53:b0:eb:e9:a9:31:88:b9:c7:
2c:d9:39:d8:0e:ae:8e:46:06:35:19:0d:4a:54:7f:64:98:db:
83:f4:3b:88:99:03:63:2e:33:bb:c2:72:f1:a6:11:15:fe:96:
82:5f:9e:22
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZj4snLmjSHKQCCmAI9Bq+TuFwBowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDkxMzA4NTJaFw0yNjEwMDgxMzEzNTJaMDMxMTAvBgNV
BAMTKDZEMDgzMkMwRUFFOTdGNDlFRjA0RjBCNzc4OEVDQUIwQzY5OTM5QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfC4KzQ9LYYOjzZsgvJG1J9yek
QqUaMzxZ2i61Lpi+h36d+M4rwoy8rbBLqHE3rMvdBykOaebEixkK7b1dVlgNKraq
4jsg0FXMbbkSzyw/4FePmQXfNMrdoycCqslsFHwcf9D/Evu8Sc4KtoKLzf15Abzr
Bf4asGUHkU4wuK1fNV6ggLI0KD+50TVSk+I0NpRXqUaIml2fnOavteyE1n6JATNl
VCNU9u1HsnqTXFwoiIFH/BNdtADWi6KTKi4HYIu1tUBxH0Gug04kJFAhctmjbHFO
XnOwsKhskInO28Vou1zoB671Up3K0JbJTgWeNQ6IPXPZfrR8G1zE6A6AjLu9AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUbQgywOrpf0nvBPC3eI7KsMaZOaAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYejANBgkqhkiG9w0BAQsFAAOCAQEAaLGmLn/rYnP2tjOXYxw9FST4wp3p
/GXws9AgFbO/mmZrnS75m3YVGnYHKGrlUccfZoDH7HWeoeEx+NisWeI1Vnc1JvlO
kRqm+Gn54mNJGuAkTKE0b1Fnw99rHVeqb7hCIfobiOPwPyGlYqdzs13JkXdUvFqf
CYaE5VybieZFa/rquUGkqPBUy2tCKfv77rmpyNjjDGRCiJVDfZl786O+4u1S9pPr
Vhvv4of4bcgIuqF9UcGHDZ8ErWzwUjNKblrZ29ihHpT4caj+Kcooz2rTU7Dr6akx
iLnHLNk52A6ujkYGNRkNSlR/ZJjbg/Q7iJkDYy4zu8Jy8aYRFf6Wgl+eIg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:03 2025 by rpki-client