Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3132342e302f32342d3234203d3e20323132323338.roa
File: 3231372e3231372e3132342e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: WTedJski7nPLThiHGGD3i9bYyTjm5SZUKDrscLlMa5I=
Subject key identifier: A6:FA:6F:5F:99:DC:AD:87:42:46:6C:A5:41:7A:18:C7:F6:34:29:36
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4E498CBC16401E1BADEE5F02D46DE848AEAA2AED
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3132342e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 07 Aug 2025 08:04:27 +0000
ROA not before: Thu 07 Aug 2025 07:59:27 +0000
ROA not after: Thu 06 Aug 2026 08:04:27 +0000
asID: 212238
IP address blocks: 217.217.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:49:8c:bc:16:40:1e:1b:ad:ee:5f:02:d4:6d:e8:48:ae:aa:2a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 7 07:59:27 2025 GMT
Not After : Aug 6 08:04:27 2026 GMT
Subject: CN=A6FA6F5F99DCAD8742466CA5417A18C7F6342936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bd:99:e7:c4:d8:cf:ee:af:36:1b:4c:14:f5:
59:b6:75:e8:b5:ca:46:d5:4c:4a:43:e0:2b:af:a4:
6b:2c:7a:4c:00:39:1e:a6:52:d4:74:80:47:ef:71:
a5:08:15:b3:f9:f9:cf:b4:49:af:a2:11:28:dd:b1:
0b:d9:e6:3e:ee:f0:7b:01:53:3f:89:54:3e:b0:d8:
6e:e7:87:89:e1:36:73:13:55:a8:cc:7b:bd:fa:8d:
1f:dc:99:c5:15:70:27:b1:1a:13:39:f9:b6:67:45:
3a:0a:3f:a1:3f:47:4e:3a:96:12:43:3e:df:0b:f6:
82:08:ba:f1:2b:08:82:b2:3e:d1:36:de:b5:d8:53:
c8:17:28:49:54:68:fd:d8:fa:e8:28:ef:04:1e:7a:
55:f1:a4:3c:25:12:1a:5f:9d:cd:e1:cc:dd:1a:db:
a8:d0:e1:81:d9:a5:72:31:f1:e2:5b:c6:66:50:bf:
5a:a7:92:f3:bd:c6:ee:5f:c9:43:37:eb:8d:34:9a:
61:30:a8:28:65:bc:9a:72:88:03:85:f8:f5:7f:35:
34:6b:b1:0d:70:0d:f5:50:06:a6:88:08:57:18:0d:
8a:81:dd:dc:be:9e:a4:8d:5a:43:36:53:a9:d7:28:
bb:a4:d0:d4:43:45:e3:d0:8f:7b:55:e1:26:cb:2a:
44:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FA:6F:5F:99:DC:AD:87:42:46:6C:A5:41:7A:18:C7:F6:34:29:36
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3132342e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.124.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:0e:b3:19:28:24:e5:35:56:cd:f2:f3:f1:d6:5b:82:2f:fa:
3d:e2:7e:05:3d:3c:43:eb:f1:46:48:5d:9f:3f:c5:75:9c:91:
5e:23:aa:69:bd:8b:18:f6:f4:17:ee:f8:ff:66:be:40:a0:85:
3b:01:a9:16:df:8d:bf:fd:a7:54:fc:b9:51:3a:1f:01:18:b1:
34:50:a5:70:f0:24:3d:6a:4c:91:43:c8:4f:c0:b6:4e:94:cd:
25:d4:94:7b:d4:2f:65:16:dc:e5:66:12:c6:2e:64:71:5b:4b:
09:83:56:63:2a:6d:1a:7e:78:b3:6e:59:d2:9e:49:54:05:bd:
29:2a:55:a2:a3:ed:a1:3b:34:ae:b5:1f:0a:da:79:17:89:fc:
cb:96:56:90:e4:f5:fd:32:49:2a:f3:9b:63:ee:fb:8c:37:6d:
13:62:b2:0d:03:89:ef:3f:cb:7a:f3:09:fe:bf:44:95:ab:73:
4b:72:6b:3a:ba:dc:bd:f6:2b:a6:54:a2:ff:3a:54:f0:30:aa:
10:ac:4b:d6:36:a9:e9:5a:7c:44:90:3a:65:03:55:6f:32:5f:
ef:a0:96:3c:8e:1f:5b:37:ea:de:03:bc:7a:7e:f5:03:22:e8:
f8:d7:3b:b3:cd:e4:cf:cd:6d:ba:aa:dc:56:58:1f:90:2b:3a:
ba:33:2c:4b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTkmMvBZAHhut7l8C1G3oSK6qKu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MDcwNzU5MjdaFw0yNjA4MDYwODA0MjdaMDMxMTAvBgNV
BAMTKEE2RkE2RjVGOTlEQ0FEODc0MjQ2NkNBNTQxN0ExOEM3RjYzNDI5MzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCvZnnxNjP7q82G0wU9Vm2dei1
ykbVTEpD4CuvpGssekwAOR6mUtR0gEfvcaUIFbP5+c+0Sa+iESjdsQvZ5j7u8HsB
Uz+JVD6w2G7nh4nhNnMTVajMe736jR/cmcUVcCexGhM5+bZnRToKP6E/R046lhJD
Pt8L9oIIuvErCIKyPtE23rXYU8gXKElUaP3Y+ugo7wQeelXxpDwlEhpfnc3hzN0a
26jQ4YHZpXIx8eJbxmZQv1qnkvO9xu5fyUM36400mmEwqChlvJpyiAOF+PV/NTRr
sQ1wDfVQBqaICFcYDYqB3dy+nqSNWkM2U6nXKLuk0NRDRePQj3tV4SbLKkQlAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUpvpvX5ncrYdCRmylQXoYx/Y0KTYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzIzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZfDANBgkqhkiG9w0BAQsFAAOCAQEAbw6zGSgk5TVWzfLz8dZbgi/6PeJ+
BT08Q+vxRkhdnz/FdZyRXiOqab2LGPb0F+74/2a+QKCFOwGpFt+Nv/2nVPy5UTof
ARixNFClcPAkPWpMkUPIT8C2TpTNJdSUe9QvZRbc5WYSxi5kcVtLCYNWYyptGn54
s25Z0p5JVAW9KSpVoqPtoTs0rrUfCtp5F4n8y5ZWkOT1/TJJKvObY+77jDdtE2Ky
DQOJ7z/LevMJ/r9ElatzS3JrOrrcvfYrplSi/zpU8DCqEKxL1jap6Vp8RJA6ZQNV
bzJf76CWPI4fWzfq3gO8en71AyLo+Nc7s83kz81tuqrcVlgfkCs6ujMsSw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:58:12 2025 by rpki-client