Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3132372e302f32342d3234203d3e20323132323338.roa
File: 3231372e3231372e3132372e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: /Fk8Xpp8zdLzv/077NWoi07RKKDzkEgX3CtpmIK01rM=
Subject key identifier: E4:F9:13:84:9F:32:D0:44:82:60:1D:01:1A:36:5F:86:F3:69:79:58
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3C875256CBD42657997C2320294B61A9F6F09223
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3132372e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 07 Aug 2025 08:04:50 +0000
ROA not before: Thu 07 Aug 2025 07:59:50 +0000
ROA not after: Thu 06 Aug 2026 08:04:50 +0000
asID: 212238
IP address blocks: 217.217.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:87:52:56:cb:d4:26:57:99:7c:23:20:29:4b:61:a9:f6:f0:92:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 7 07:59:50 2025 GMT
Not After : Aug 6 08:04:50 2026 GMT
Subject: CN=E4F913849F32D04482601D011A365F86F3697958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f1:a3:b6:8b:1b:50:85:c3:76:53:72:75:e9:
32:de:b8:e2:6a:9b:d7:8f:36:eb:68:a8:a2:55:f0:
e9:d8:99:d7:93:a7:bf:6e:b0:00:14:bb:a3:58:82:
33:ed:c6:79:c3:bc:c7:6e:e1:43:80:c2:33:43:69:
ee:b5:a0:ca:41:d7:33:e4:76:f5:ca:a9:d2:db:f8:
e3:7d:41:49:84:44:25:45:21:64:70:ca:7b:8e:e3:
cc:2d:ed:68:20:c5:c1:27:3e:2a:84:53:eb:01:1a:
c2:0d:ef:dc:a8:eb:6d:09:da:24:18:b8:87:5c:44:
9e:60:03:cd:df:8c:a6:21:cb:e9:73:dd:da:83:20:
43:91:2e:1d:6f:f6:d4:ce:a6:18:f3:bc:41:ab:07:
5b:fe:89:92:d5:32:88:53:ea:c0:5a:8d:2b:40:28:
5f:b4:04:3a:67:a4:47:c4:a4:a9:ca:e1:33:47:c2:
0c:50:ca:3e:e7:4e:59:27:7a:cb:e2:7d:0d:e7:0a:
1a:a7:4c:27:40:f0:17:5a:dd:54:47:82:ea:e9:fb:
f6:60:2a:bc:f9:2d:c6:bd:05:12:f4:8a:e0:f6:e5:
79:2c:c9:1c:93:8a:26:49:44:a0:d2:dd:9d:53:01:
95:a3:e9:6c:e6:aa:d9:f0:20:ab:da:70:af:0b:8e:
b5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F9:13:84:9F:32:D0:44:82:60:1D:01:1A:36:5F:86:F3:69:79:58
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3132372e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.127.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:38:6e:91:15:68:e4:22:a6:a8:85:4b:2e:31:30:61:67:24:
80:02:16:71:b5:0a:93:f5:d1:77:0d:78:40:be:ef:5a:a0:37:
e0:30:8b:61:4b:ea:ef:af:a6:e8:c3:61:45:21:63:a2:4a:8b:
88:af:93:3a:ae:1d:09:92:dc:6a:0a:94:1d:54:e1:c5:3a:de:
0b:3e:c7:89:50:7e:36:3b:56:c9:bb:78:3d:9d:7d:18:04:f3:
9d:3e:1f:73:be:f2:db:e5:6c:9d:6d:7c:b5:4f:54:19:6b:78:
51:77:fa:2b:91:71:4f:46:92:11:03:ef:fc:3d:bf:67:11:93:
7b:09:31:7c:ad:a0:9e:23:14:93:0f:16:05:33:84:db:88:7e:
81:51:2c:f9:c5:1b:3c:db:34:dc:bf:fa:d8:13:69:6f:f6:99:
36:b7:3f:57:5e:a1:16:36:bb:7d:fe:fa:16:d3:60:15:25:3f:
2f:09:d7:b4:be:29:71:8b:60:13:56:92:7c:ab:68:3f:cc:29:
6b:aa:5e:e5:08:72:78:58:78:e9:b9:fd:ba:c2:b2:31:98:f4:
50:e0:0a:30:ba:f7:32:6e:66:8b:f0:b9:3b:32:90:6d:b7:c5:
af:9f:85:5d:5a:ba:bf:8f:10:b6:3f:9e:ce:f7:52:1a:03:05:
b6:83:17:df
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPIdSVsvUJleZfCMgKUthqfbwkiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MDcwNzU5NTBaFw0yNjA4MDYwODA0NTBaMDMxMTAvBgNV
BAMTKEU0RjkxMzg0OUYzMkQwNDQ4MjYwMUQwMTFBMzY1Rjg2RjM2OTc5NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ8aO2ixtQhcN2U3J16TLeuOJq
m9ePNutoqKJV8OnYmdeTp79usAAUu6NYgjPtxnnDvMdu4UOAwjNDae61oMpB1zPk
dvXKqdLb+ON9QUmERCVFIWRwynuO48wt7WggxcEnPiqEU+sBGsIN79yo620J2iQY
uIdcRJ5gA83fjKYhy+lz3dqDIEORLh1v9tTOphjzvEGrB1v+iZLVMohT6sBajStA
KF+0BDpnpEfEpKnK4TNHwgxQyj7nTlknesvifQ3nChqnTCdA8Bda3VRHgurp+/Zg
Krz5Lca9BRL0iuD25XksyRyTiiZJRKDS3Z1TAZWj6WzmqtnwIKvacK8LjrXrAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU5PkThJ8y0ESCYB0BGjZfhvNpeVgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzIzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZfzANBgkqhkiG9w0BAQsFAAOCAQEAWzhukRVo5CKmqIVLLjEwYWckgAIW
cbUKk/XRdw14QL7vWqA34DCLYUvq76+m6MNhRSFjokqLiK+TOq4dCZLcagqUHVTh
xTreCz7HiVB+NjtWybt4PZ19GATznT4fc77y2+VsnW18tU9UGWt4UXf6K5FxT0aS
EQPv/D2/ZxGTewkxfK2gniMUkw8WBTOE24h+gVEs+cUbPNs03L/62BNpb/aZNrc/
V16hFja7ff76FtNgFSU/LwnXtL4pcYtgE1aSfKtoP8wpa6pe5QhyeFh46bn9usKy
MZj0UOAKMLr3Mm5mi/C5OzKQbbfFr5+FXVq6v48Qtj+ezvdSGgMFtoMX3w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:44:56 2025 by rpki-client