Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3132332e302f32342d3234203d3e20313336373837.roa
File: 3231372e3231362e3132332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: zldPjG4/72+rzpFs1s2mjEpElfNiLxhCQqVapKPLlYw=
Subject key identifier: 0F:BB:D4:7D:D8:7E:AE:79:33:F0:A2:8B:56:A8:DA:EF:57:62:0E:3F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4DD90DB3688872257E4DC7324076561D390F7952
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3132332e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 09 Oct 2025 13:13:53 +0000
ROA not before: Thu 09 Oct 2025 13:08:53 +0000
ROA not after: Thu 08 Oct 2026 13:13:53 +0000
asID: 136787
IP address blocks: 217.216.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:d9:0d:b3:68:88:72:25:7e:4d:c7:32:40:76:56:1d:39:0f:79:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 13:08:53 2025 GMT
Not After : Oct 8 13:13:53 2026 GMT
Subject: CN=0FBBD47DD87EAE7933F0A28B56A8DAEF57620E3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a3:43:3d:d0:39:a3:73:a4:64:72:e3:01:a3:
36:4b:86:6d:43:11:16:64:9a:09:36:ec:04:d2:df:
bb:90:03:cd:75:14:f3:6e:e8:65:98:4f:c2:c7:fa:
43:ff:45:18:45:78:e2:17:67:4d:a7:1b:a4:2f:92:
b2:ef:df:49:04:9d:16:11:bb:6d:d8:07:ad:84:b4:
e5:7b:1d:de:39:04:a9:25:ef:f6:01:7a:a8:10:96:
3c:44:4d:b7:b6:30:76:25:de:f7:64:56:03:d2:4d:
fe:af:5e:19:d1:40:ec:97:47:be:82:7b:b9:93:b7:
d4:fc:39:06:22:66:6e:44:4e:8d:f6:21:f8:38:b9:
ea:13:5a:24:a0:3c:3b:00:8b:dc:2b:f8:eb:a9:f0:
6d:ce:14:5e:98:bf:ca:c3:bb:d6:b2:f8:36:f6:b5:
f8:30:a7:c3:2e:95:e7:74:54:9d:9e:a4:4f:43:b8:
9e:e7:49:fb:26:ae:a8:c3:80:83:6f:89:b3:18:15:
56:8d:1c:fa:2e:c8:32:50:30:27:ac:ef:fe:09:35:
ef:04:ee:ec:82:a5:42:9b:9a:0a:d3:be:6d:6d:ea:
7a:9c:16:cf:e0:54:05:04:f9:55:d9:5f:23:44:f1:
85:6e:92:ab:65:96:ff:65:0f:e5:18:e8:ef:77:46:
bf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BB:D4:7D:D8:7E:AE:79:33:F0:A2:8B:56:A8:DA:EF:57:62:0E:3F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3132332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.123.0/24
Signature Algorithm: sha256WithRSAEncryption
77:5f:f9:8d:fc:8c:9e:0f:fd:72:bd:3c:86:06:25:89:3e:9c:
f6:a1:bd:ed:eb:f9:31:bb:ea:ad:f3:0d:e8:21:b5:19:cc:c3:
f7:fa:b6:4e:62:b2:35:40:ed:e5:67:fc:77:49:92:16:74:a9:
0f:8a:c4:92:e1:e5:24:49:14:d3:1f:42:eb:61:e3:c7:ef:49:
53:7f:d4:b3:ea:9c:76:37:a1:61:70:e7:c5:ee:40:2c:3a:0c:
0b:0d:bc:3e:26:0a:27:31:a2:f1:7c:d4:c0:9d:4b:5a:2d:cc:
f9:f8:41:29:6d:55:d8:5a:27:d3:e6:dc:c2:91:50:f0:de:79:
06:47:e1:29:2c:9c:b7:54:04:87:f0:a2:81:63:a2:b5:b5:29:
98:6a:4d:1a:27:b2:5a:ad:24:dd:c8:66:d1:fb:e0:bb:64:92:
e0:db:b1:1e:1f:6a:e9:1c:10:fa:83:53:1b:ca:b1:0e:75:80:
20:1d:16:f8:72:bb:ab:82:fd:26:82:73:8b:3f:1a:13:4a:1a:
5f:7e:9f:72:dd:5a:65:17:97:66:b7:7a:8b:ff:16:0c:2d:df:
c5:5d:4f:15:ea:56:b2:1e:a2:95:0d:e1:f2:32:82:1a:50:2e:
d9:39:8b:75:eb:ee:78:23:9a:49:d3:0b:d7:5a:af:f0:fd:42:
88:4a:95:c1
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTdkNs2iIciV+TccyQHZWHTkPeVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDkxMzA4NTNaFw0yNjEwMDgxMzEzNTNaMDMxMTAvBgNV
BAMTKDBGQkJENDdERDg3RUFFNzkzM0YwQTI4QjU2QThEQUVGNTc2MjBFM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQo0M90Dmjc6RkcuMBozZLhm1D
ERZkmgk27ATS37uQA811FPNu6GWYT8LH+kP/RRhFeOIXZ02nG6QvkrLv30kEnRYR
u23YB62EtOV7Hd45BKkl7/YBeqgQljxETbe2MHYl3vdkVgPSTf6vXhnRQOyXR76C
e7mTt9T8OQYiZm5ETo32Ifg4ueoTWiSgPDsAi9wr+Oup8G3OFF6Yv8rDu9ay+Db2
tfgwp8Muled0VJ2epE9DuJ7nSfsmrqjDgINvibMYFVaNHPouyDJQMCes7/4JNe8E
7uyCpUKbmgrTvm1t6nqcFs/gVAUE+VXZXyNE8YVukqtllv9lD+UY6O93Rr/DAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUD7vUfdh+rnkz8KKLVqja71diDj8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzIzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYezANBgkqhkiG9w0BAQsFAAOCAQEAd1/5jfyMng/9cr08hgYliT6c9qG9
7ev5MbvqrfMN6CG1GczD9/q2TmKyNUDt5Wf8d0mSFnSpD4rEkuHlJEkU0x9C62Hj
x+9JU3/Us+qcdjehYXDnxe5ALDoMCw28PiYKJzGi8XzUwJ1LWi3M+fhBKW1V2Fon
0+bcwpFQ8N55BkfhKSyct1QEh/CigWOitbUpmGpNGieyWq0k3chm0fvgu2SS4Nux
Hh9q6RwQ+oNTG8qxDnWAIB0W+HK7q4L9JoJziz8aE0oaX36fct1aZReXZrd6i/8W
DC3fxV1PFepWsh6ilQ3h8jKCGlAu2TmLdevueCOaSdML11qv8P1CiEqVwQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:01 2025 by rpki-client