Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3138302e302f32322d3232203d3e20323133363037.roa
File: 3231372e3231362e3138302e302f32322d3232203d3e20323133363037.roa (raw, json)
Hash identifier: XSUS0MGKawgGj0dvZxWCYK1udYceRaesOLV4jVUpWIk=
Subject key identifier: 91:77:B7:6F:6B:E8:99:67:2C:17:10:85:5C:29:2B:A9:11:D3:DE:17
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 64005502C816EC79BCAD611921669B02D242D0CF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3138302e302f32322d3232203d3e20323133363037.roa
Signing time: Sat 11 Oct 2025 09:30:27 +0000
ROA not before: Sat 11 Oct 2025 09:25:27 +0000
ROA not after: Sat 10 Oct 2026 09:30:27 +0000
asID: 213607
IP address blocks: 217.216.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:00:55:02:c8:16:ec:79:bc:ad:61:19:21:66:9b:02:d2:42:d0:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 11 09:25:27 2025 GMT
Not After : Oct 10 09:30:27 2026 GMT
Subject: CN=9177B76F6BE899672C1710855C292BA911D3DE17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c3:44:e5:de:4f:ea:ba:03:60:df:35:e2:06:
e5:6b:70:8d:82:07:1b:79:6f:f2:1c:b0:ae:21:f5:
ed:13:9a:76:77:86:df:7a:8b:ad:66:17:ad:1d:0d:
9d:6b:98:27:01:7f:a0:c4:3f:4d:44:f7:01:b6:b8:
50:23:3a:43:88:f9:6b:a5:75:c4:a2:39:54:42:79:
b2:cb:e9:bb:5c:6f:a3:ed:7c:96:31:dd:f3:cb:22:
d5:61:25:15:95:6b:4c:ab:02:66:d5:06:39:29:de:
b5:16:fb:05:b1:cf:82:ed:89:d3:0c:49:22:7e:07:
73:f1:64:f4:e0:16:eb:48:a5:32:ef:f5:37:46:e4:
78:91:49:a1:60:72:3b:bf:f1:50:8f:fe:00:df:ea:
c7:64:45:58:52:88:f5:26:f6:d6:01:0e:c1:d0:44:
4d:fb:7d:82:bc:2c:4e:9c:1f:74:f6:b3:06:ed:02:
47:09:1d:ed:19:01:3a:60:22:e4:d9:72:1f:1c:98:
cc:f6:9d:6c:98:51:69:aa:ed:07:92:26:89:c6:26:
ba:e1:f2:9d:ef:12:18:34:d1:74:c8:f5:d5:4a:3b:
c2:24:07:97:dd:1e:51:48:2c:56:09:38:b1:f3:5b:
17:74:72:03:3d:25:43:d6:56:77:03:70:e5:8b:1c:
3b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:77:B7:6F:6B:E8:99:67:2C:17:10:85:5C:29:2B:A9:11:D3:DE:17
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3138302e302f32322d3232203d3e20323133363037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.180.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:9d:de:fe:6e:a2:57:69:0d:34:81:88:1a:fb:4b:56:cd:25:
b3:87:f9:ea:56:e0:dd:ea:01:d6:18:96:e0:6e:94:d2:76:9f:
8d:03:24:bc:12:4a:b8:68:43:b0:c2:68:1a:d3:0a:41:da:b3:
ae:60:ed:e3:76:b1:2d:8e:2c:89:6f:8c:98:21:0e:a6:ca:a6:
20:b1:6c:f3:fe:cd:b6:bc:e9:a5:06:11:16:6d:3a:4d:f9:02:
d8:25:85:ec:d5:38:ec:79:7c:01:9f:dc:1e:a0:fe:bd:ef:2b:
71:57:34:1d:a8:b1:f6:40:bc:6a:a1:bc:8f:0a:e4:35:fe:91:
02:f4:8f:21:94:75:b0:e6:17:6a:78:a3:3b:bd:6e:09:08:45:
9c:44:e3:8d:2d:ce:a0:bb:b6:80:59:af:c2:75:a6:9f:17:ec:
49:8d:25:57:7e:e2:31:4b:54:39:6c:23:5b:10:36:38:59:12:
9e:44:90:0a:82:5b:44:37:33:21:c6:d7:36:a5:f5:82:53:60:
4f:8f:50:bd:8f:d5:b7:44:82:7a:4a:72:b5:d5:96:ee:4e:8c:
4e:63:9c:84:47:2b:8d:3d:e3:28:db:8a:fd:3e:e5:91:91:10:
5b:84:5f:fe:9c:09:e7:bc:61:1c:27:3d:9f:ac:47:93:3d:ee:
2d:3e:12:cd
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZABVAsgW7Hm8rWEZIWabAtJC0M8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMTEwOTI1MjdaFw0yNjEwMTAwOTMwMjdaMDMxMTAvBgNV
BAMTKDkxNzdCNzZGNkJFODk5NjcyQzE3MTA4NTVDMjkyQkE5MTFEM0RFMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYw0Tl3k/qugNg3zXiBuVrcI2C
Bxt5b/IcsK4h9e0TmnZ3ht96i61mF60dDZ1rmCcBf6DEP01E9wG2uFAjOkOI+Wul
dcSiOVRCebLL6btcb6PtfJYx3fPLItVhJRWVa0yrAmbVBjkp3rUW+wWxz4LtidMM
SSJ+B3PxZPTgFutIpTLv9TdG5HiRSaFgcju/8VCP/gDf6sdkRVhSiPUm9tYBDsHQ
RE37fYK8LE6cH3T2swbtAkcJHe0ZATpgIuTZch8cmMz2nWyYUWmq7QeSJonGJrrh
8p3vEhg00XTI9dVKO8IkB5fdHlFILFYJOLHzWxd0cgM9JUPWVncDcOWLHDu9AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUkXe3b2vomWcsFxCFXCkrqRHT3hcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzgzMDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzEzMzM2MzAzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAtnYtDANBgkqhkiG9w0BAQsFAAOCAQEAj53e/m6iV2kNNIGIGvtLVs0ls4f5
6lbg3eoB1hiW4G6U0nafjQMkvBJKuGhDsMJoGtMKQdqzrmDt43axLY4siW+MmCEO
psqmILFs8/7NtrzppQYRFm06TfkC2CWF7NU47Hl8AZ/cHqD+ve8rcVc0Haix9kC8
aqG8jwrkNf6RAvSPIZR1sOYXanijO71uCQhFnETjjS3OoLu2gFmvwnWmnxfsSY0l
V37iMUtUOWwjWxA2OFkSnkSQCoJbRDczIcbXNqX1glNgT49QvY/Vt0SCekpytdWW
7k6MTmOchEcrjT3jKNuK/T7lkZEQW4Rf/pwJ57xhHCc9n6xHkz3uLT4SzQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:52 2025 by rpki-client