Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e39392e302f32342d3234203d3e20313337343039.roa
File: 3231372e3231362e39392e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier: G9aMQjVm7MAwXj6n+Ob+ET8tNV7jvSzcy+P5MwhL7k8=
Subject key identifier: 82:DC:35:FF:94:6E:09:F6:54:36:57:40:86:C5:46:C5:54:3F:B6:42
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 470998F50A8E90CB9C6BAF5F713807C28285FE89
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e39392e302f32342d3234203d3e20313337343039.roa
Signing time: Mon 29 Sep 2025 13:40:33 +0000
ROA not before: Mon 29 Sep 2025 13:35:33 +0000
ROA not after: Mon 28 Sep 2026 13:40:33 +0000
asID: 137409
IP address blocks: 217.216.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:09:98:f5:0a:8e:90:cb:9c:6b:af:5f:71:38:07:c2:82:85:fe:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 29 13:35:33 2025 GMT
Not After : Sep 28 13:40:33 2026 GMT
Subject: CN=82DC35FF946E09F65436574086C546C5543FB642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:32:6c:1c:e1:c3:e6:b4:57:ad:b9:63:5c:05:
96:bf:95:ef:43:33:e6:12:15:0b:65:8a:95:a7:fc:
f0:f3:79:03:ff:8b:62:b2:30:1e:54:53:55:94:ab:
bf:15:e3:e6:af:b9:22:df:0c:a6:5b:17:25:65:87:
c8:04:d2:d3:3f:de:e6:a2:8a:49:b3:12:dc:e8:93:
33:fc:ec:c9:7c:58:0a:ea:cc:13:4f:5d:68:ed:43:
ab:61:f7:55:22:61:14:cc:9f:d5:28:b9:c1:e8:1b:
03:9a:8a:d4:2a:1b:db:ef:8e:09:5f:d8:0a:d8:16:
08:2e:83:d1:e8:3f:30:92:86:d0:f5:c1:d5:50:0f:
67:c3:9a:28:95:65:05:24:5f:f1:96:7a:b6:54:20:
57:08:e0:6c:30:19:33:81:8b:c6:c5:75:50:3d:c9:
1d:4b:f9:70:33:5e:9a:e1:7b:ac:d4:4b:8f:0d:58:
33:56:da:04:5f:69:06:f3:48:1a:3e:08:64:21:09:
e6:de:cb:fe:95:a0:73:c3:5b:40:cc:ec:52:62:2c:
65:53:c1:11:f6:6a:df:2a:c5:a4:67:ac:4a:d1:b2:
72:ad:5d:6f:f8:20:e7:0f:08:ae:f8:21:20:85:76:
24:e6:89:a5:af:41:9f:08:64:3f:8f:57:c4:01:4e:
dc:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:DC:35:FF:94:6E:09:F6:54:36:57:40:86:C5:46:C5:54:3F:B6:42
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e39392e302f32342d3234203d3e20313337343039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.99.0/24
Signature Algorithm: sha256WithRSAEncryption
64:b7:f5:b0:3b:de:71:96:35:40:57:29:7f:43:cd:47:f5:f5:
0e:81:7c:db:5f:b5:cb:62:a5:d2:a9:93:60:ba:71:5f:87:70:
7f:2d:eb:ea:6e:ec:2b:e1:4c:f7:6f:2b:93:86:27:ff:92:76:
46:de:9b:b9:e2:cd:af:36:82:a8:59:00:36:dc:7e:d3:89:6e:
27:d9:57:2d:02:c3:fc:2d:76:3b:0a:31:87:63:b7:71:27:b5:
db:49:f4:35:5f:ce:0a:44:0a:69:95:fe:c2:e6:f8:6d:ae:5f:
ee:00:73:98:1d:01:4f:0e:f1:68:81:9f:9f:57:31:47:d5:7c:
76:7b:22:43:a6:67:8b:c1:ab:2e:34:19:96:dc:ec:97:ad:96:
4d:37:d3:0b:b0:aa:ff:4e:15:96:fc:b8:be:60:05:c6:5a:ff:
7c:65:d9:8f:4b:62:29:aa:29:a4:d8:59:ac:3b:e0:83:cd:c4:
75:85:93:0f:3f:d8:5c:23:e8:98:e8:81:cb:12:54:3c:6b:76:
82:24:22:21:20:7d:7e:df:ca:ec:9b:8e:5d:b2:f8:54:b0:9e:
e3:d4:ae:55:c5:16:e1:da:8f:be:e7:dd:c0:a7:4b:7f:89:d9:
14:ed:33:28:84:fe:d1:f4:18:ee:c2:05:97:07:2b:57:84:1f:
a4:5f:af:e5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURwmY9QqOkMuca69fcTgHwoKF/okwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjkxMzM1MzNaFw0yNjA5MjgxMzQwMzNaMDMxMTAvBgNV
BAMTKDgyREMzNUZGOTQ2RTA5RjY1NDM2NTc0MDg2QzU0NkM1NTQzRkI2NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMMmwc4cPmtFetuWNcBZa/le9D
M+YSFQtlipWn/PDzeQP/i2KyMB5UU1WUq78V4+avuSLfDKZbFyVlh8gE0tM/3uai
ikmzEtzokzP87Ml8WArqzBNPXWjtQ6th91UiYRTMn9UoucHoGwOaitQqG9vvjglf
2ArYFggug9HoPzCShtD1wdVQD2fDmiiVZQUkX/GWerZUIFcI4GwwGTOBi8bFdVA9
yR1L+XAzXprhe6zUS48NWDNW2gRfaQbzSBo+CGQhCebey/6VoHPDW0DM7FJiLGVT
wRH2at8qxaRnrErRsnKtXW/4IOcPCK74ISCFdiTmiaWvQZ8IZD+PV8QBTtwNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUgtw1/5RuCfZUNldAhsVGxVQ/tkIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczNDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2GMwDQYJKoZIhvcNAQELBQADggEBAGS39bA73nGWNUBXKX9DzUf19Q6BfNtf
tctipdKpk2C6cV+HcH8t6+pu7CvhTPdvK5OGJ/+Sdkbem7niza82gqhZADbcftOJ
bifZVy0Cw/wtdjsKMYdjt3EntdtJ9DVfzgpECmmV/sLm+G2uX+4Ac5gdAU8O8WiB
n59XMUfVfHZ7IkOmZ4vBqy40GZbc7Jetlk030wuwqv9OFZb8uL5gBcZa/3xl2Y9L
YimqKaTYWaw74IPNxHWFkw8/2Fwj6JjogcsSVDxrdoIkIiEgfX7fyuybjl2y+FSw
nuPUrlXFFuHaj77n3cCnS3+J2RTtMyiE/tH0GO7CBZcHK1eEH6Rfr+U=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:10 2025 by rpki-client