Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3132362e302f32342d3234203d3e20323132323338.roa
File: 3231372e3231372e3132362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: /AtkwT8sMBHuJGgLhA57k094Aft+akKjKyTi50Dr4JQ=
Subject key identifier: 6E:2D:6E:F3:58:89:78:98:1A:9D:1D:9D:BB:BD:14:1D:3B:70:01:BF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3032C1F80C57EF27E58349A1E90DDA46FBC0B857
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3132362e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 07 Aug 2025 08:04:42 +0000
ROA not before: Thu 07 Aug 2025 07:59:42 +0000
ROA not after: Thu 06 Aug 2026 08:04:42 +0000
asID: 212238
IP address blocks: 217.217.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:32:c1:f8:0c:57:ef:27:e5:83:49:a1:e9:0d:da:46:fb:c0:b8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 7 07:59:42 2025 GMT
Not After : Aug 6 08:04:42 2026 GMT
Subject: CN=6E2D6EF3588978981A9D1D9DBBBD141D3B7001BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:33:d0:55:f2:4e:39:a3:d8:4c:e3:57:3f:60:
90:13:ae:ca:b1:5d:43:8f:c1:ec:ca:af:cf:3e:53:
c6:01:a0:10:5f:16:94:f7:1e:ac:f7:45:88:76:9c:
77:52:15:ba:90:88:04:13:84:89:f3:e0:6c:b9:d5:
d7:82:1e:97:97:9a:4a:c5:f8:fa:14:06:db:3c:7f:
f3:b4:8a:1f:8f:ac:c0:9f:60:6a:b4:c8:ff:29:ef:
4f:c4:cb:f6:9f:f7:fd:06:2d:c2:ff:bb:99:da:e5:
10:e2:0f:f5:c1:8d:46:c2:a8:9a:44:96:26:41:56:
af:65:ed:22:e3:d1:1e:f0:ed:e9:63:f8:52:a5:9a:
44:21:9a:b5:c0:2a:fc:53:89:fc:1c:03:24:cf:ba:
3a:87:41:1a:2c:54:db:60:2a:6c:f7:f9:77:80:d0:
05:f0:e8:02:d7:65:41:28:2a:08:b8:9c:0d:37:c1:
c1:6f:99:00:55:13:c7:25:f7:7d:9d:3a:72:1c:0b:
47:78:4c:bb:60:89:2e:3b:2a:08:ed:19:7c:ea:4a:
d2:99:f1:d7:ff:45:f5:39:78:cb:b4:52:1d:74:b3:
d0:d0:05:74:8b:63:65:72:df:af:38:e0:35:9b:bd:
d0:b1:45:94:8d:df:96:c6:86:1e:93:bf:56:be:a9:
1a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2D:6E:F3:58:89:78:98:1A:9D:1D:9D:BB:BD:14:1D:3B:70:01:BF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3132362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.126.0/24
Signature Algorithm: sha256WithRSAEncryption
04:84:00:f3:71:2c:10:55:d0:83:4b:2e:93:16:00:6e:b2:1d:
91:1a:99:21:19:90:fc:0e:a4:5e:64:0f:55:da:bd:cc:67:ae:
b4:01:bd:cb:c8:2f:ef:2b:92:77:23:31:c5:e1:de:4f:d0:5c:
a1:3e:68:1f:61:a3:54:b8:c5:93:ed:27:28:a0:9b:c6:0a:50:
87:48:1c:92:b3:3a:3e:d2:d2:d9:d3:c0:65:3c:ec:20:de:47:
74:82:5c:f4:f8:f9:18:34:87:31:2a:1a:01:cc:89:2c:25:c7:
2e:d4:5f:85:79:ec:8b:24:29:a4:91:20:0d:1a:c2:38:3f:57:
18:6b:f8:55:55:ea:25:0e:18:e9:26:bc:d6:1b:cb:54:df:91:
93:b4:9d:c3:31:85:99:5c:bc:9f:bd:10:15:ea:e6:7e:5a:52:
fd:a3:6d:7a:08:27:0e:a3:88:f8:3e:2e:b3:c4:c9:37:cb:83:
06:78:65:57:4f:28:f0:a0:42:36:47:1e:87:69:80:d5:16:6f:
67:77:15:d0:ca:17:0c:ca:bf:b6:31:d1:5d:e8:ee:c2:78:4f:
3a:9f:1e:69:6e:70:a7:64:0a:db:d6:1c:5c:4a:b1:4f:19:06:
8c:fe:12:39:59:a7:87:db:c3:3b:c3:50:f4:10:5b:7d:b3:3b:
a6:75:ce:86
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMDLB+AxX7yflg0mh6Q3aRvvAuFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MDcwNzU5NDJaFw0yNjA4MDYwODA0NDJaMDMxMTAvBgNV
BAMTKDZFMkQ2RUYzNTg4OTc4OTgxQTlEMUQ5REJCQkQxNDFEM0I3MDAxQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdM9BV8k45o9hM41c/YJATrsqx
XUOPwezKr88+U8YBoBBfFpT3Hqz3RYh2nHdSFbqQiAQThInz4Gy51deCHpeXmkrF
+PoUBts8f/O0ih+PrMCfYGq0yP8p70/Ey/af9/0GLcL/u5na5RDiD/XBjUbCqJpE
liZBVq9l7SLj0R7w7elj+FKlmkQhmrXAKvxTifwcAyTPujqHQRosVNtgKmz3+XeA
0AXw6ALXZUEoKgi4nA03wcFvmQBVE8cl932dOnIcC0d4TLtgiS47KgjtGXzqStKZ
8df/RfU5eMu0Uh10s9DQBXSLY2Vy36844DWbvdCxRZSN35bGhh6Tv1a+qRpJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUbi1u81iJeJganR2du70UHTtwAb8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzIzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZfjANBgkqhkiG9w0BAQsFAAOCAQEABIQA83EsEFXQg0sukxYAbrIdkRqZ
IRmQ/A6kXmQPVdq9zGeutAG9y8gv7yuSdyMxxeHeT9BcoT5oH2GjVLjFk+0nKKCb
xgpQh0gckrM6PtLS2dPAZTzsIN5HdIJc9Pj5GDSHMSoaAcyJLCXHLtRfhXnsiyQp
pJEgDRrCOD9XGGv4VVXqJQ4Y6Sa81hvLVN+Rk7SdwzGFmVy8n70QFermflpS/aNt
eggnDqOI+D4us8TJN8uDBnhlV08o8KBCNkceh2mA1RZvZ3cV0MoXDMq/tjHRXeju
wnhPOp8eaW5wp2QK29YcXEqxTxkGjP4SOVmnh9vDO8NQ9BBbfbM7pnXOhg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:19:52 2025 by rpki-client