Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231372e302f32342d3234203d3e20323037383938.roa
File: 3231372e3231372e3231372e302f32342d3234203d3e20323037383938.roa (raw, json)
Hash identifier: pJcdvNJg8/OdoW5LxlMkCp9/OqLlv6LuKirKuOJzscM=
Subject key identifier: 6C:CB:BE:D4:72:BA:38:55:CD:D8:83:AD:BD:2E:6E:73:2B:80:6C:72
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7F910258C967D35AFC58AFC242D70EAF086F5947
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231372e302f32342d3234203d3e20323037383938.roa
Signing time: Mon 22 Sep 2025 13:47:29 +0000
ROA not before: Mon 22 Sep 2025 13:42:29 +0000
ROA not after: Mon 21 Sep 2026 13:47:29 +0000
asID: 207898
IP address blocks: 217.217.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:91:02:58:c9:67:d3:5a:fc:58:af:c2:42:d7:0e:af:08:6f:59:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 22 13:42:29 2025 GMT
Not After : Sep 21 13:47:29 2026 GMT
Subject: CN=6CCBBED472BA3855CDD883ADBD2E6E732B806C72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:11:93:23:65:94:56:5d:de:36:6b:1d:a2:83:
52:76:fc:07:59:2f:a1:c4:28:40:2f:31:d6:22:02:
c9:83:2f:9c:e2:a3:ae:d8:ac:0c:8b:ff:d8:8e:3d:
e1:af:51:74:1e:c2:c2:9a:d0:15:d5:87:dc:28:58:
16:00:c5:fb:ee:de:7b:fa:a5:11:4e:5b:19:23:55:
88:bb:f0:14:eb:6c:f4:b4:74:68:66:a4:d3:ec:70:
81:8d:1c:d1:6a:cf:28:3c:cb:07:ee:89:1e:c6:75:
fb:db:0b:e7:62:16:3c:07:7d:ac:cb:51:ee:ed:2c:
e6:7c:54:2a:70:ad:e9:f2:ed:f2:db:74:9a:cc:c9:
f1:10:b2:a2:ec:93:d4:4e:34:f8:19:2b:0f:13:f5:
00:91:35:44:dc:87:bd:f2:26:1b:00:f2:18:84:c4:
7c:1a:a4:f1:32:55:32:4d:19:64:af:22:62:b7:2d:
84:a5:70:cf:39:54:d8:8c:17:02:a4:1f:43:7a:76:
58:c1:58:16:d8:69:24:3f:fe:69:1d:a1:11:7f:1d:
fb:ce:10:78:43:d7:38:89:14:33:8f:0f:c6:ae:23:
53:24:dd:cf:18:dc:e8:36:7f:73:5f:9c:17:60:14:
56:c2:96:1c:74:34:75:47:26:37:46:bb:cb:27:e7:
13:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:CB:BE:D4:72:BA:38:55:CD:D8:83:AD:BD:2E:6E:73:2B:80:6C:72
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231372e302f32342d3234203d3e20323037383938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.217.0/24
Signature Algorithm: sha256WithRSAEncryption
18:d5:49:6a:f4:e7:28:92:d2:df:7e:3a:4b:ac:c1:b2:9c:db:
87:ea:c6:90:7a:ad:5f:46:b1:fa:04:3b:a4:ff:33:8d:a6:fa:
f7:ca:57:07:02:15:0d:f2:ac:b6:15:29:c1:e0:8b:d3:d7:09:
28:01:a8:ea:a1:b4:78:57:6d:63:80:a7:ad:b6:32:9a:4c:fc:
24:72:c6:d4:cd:04:50:ac:77:3b:96:0d:66:50:35:5f:aa:2e:
96:4b:a8:c1:2f:c6:97:ae:89:61:ab:54:e6:70:5e:61:3c:aa:
8f:6b:67:79:67:3b:c3:55:21:83:d3:ae:28:51:aa:e9:70:39:
e5:82:14:33:b2:7a:74:e5:6e:6e:c4:cf:74:8c:10:2b:23:2d:
e1:83:45:3b:9d:87:fb:21:cd:22:87:1b:d4:4a:dd:0c:84:06:
1c:39:27:5f:0a:31:2e:eb:ab:60:6b:88:b8:4d:19:21:b9:aa:
29:c3:fd:88:3a:91:16:2d:a0:31:13:e1:5a:35:3f:98:ed:c0:
4f:36:36:4f:a7:54:2e:dc:69:84:18:85:65:8e:f7:2b:d0:ca:
0d:d6:af:65:3e:6c:63:17:40:11:42:46:f5:59:b1:6b:73:ef:
38:b8:44:bb:35:fd:ee:ec:28:42:c3:13:1f:ec:ef:61:7c:9d:
f4:58:bd:12
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUf5ECWMln01r8WK/CQtcOrwhvWUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjIxMzQyMjlaFw0yNjA5MjExMzQ3MjlaMDMxMTAvBgNV
BAMTKDZDQ0JCRUQ0NzJCQTM4NTVDREQ4ODNBREJEMkU2RTczMkI4MDZDNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkEZMjZZRWXd42ax2ig1J2/AdZ
L6HEKEAvMdYiAsmDL5zio67YrAyL/9iOPeGvUXQewsKa0BXVh9woWBYAxfvu3nv6
pRFOWxkjVYi78BTrbPS0dGhmpNPscIGNHNFqzyg8ywfuiR7GdfvbC+diFjwHfazL
Ue7tLOZ8VCpwreny7fLbdJrMyfEQsqLsk9RONPgZKw8T9QCRNUTch73yJhsA8hiE
xHwapPEyVTJNGWSvImK3LYSlcM85VNiMFwKkH0N6dljBWBbYaSQ//mkdoRF/HfvO
EHhD1ziJFDOPD8auI1Mk3c8Y3Og2f3NfnBdgFFbClhx0NHVHJjdGu8sn5xOPAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUbMu+1HK6OFXN2IOtvS5ucyuAbHIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzEzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzM4MzkzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZ2TANBgkqhkiG9w0BAQsFAAOCAQEAGNVJavTnKJLS3346S6zBspzbh+rG
kHqtX0ax+gQ7pP8zjab698pXBwIVDfKsthUpweCL09cJKAGo6qG0eFdtY4CnrbYy
mkz8JHLG1M0EUKx3O5YNZlA1X6oulkuowS/Gl66JYatU5nBeYTyqj2tneWc7w1Uh
g9OuKFGq6XA55YIUM7J6dOVubsTPdIwQKyMt4YNFO52H+yHNIocb1ErdDIQGHDkn
XwoxLuurYGuIuE0ZIbmqKcP9iDqRFi2gMRPhWjU/mO3ATzY2T6dULtxphBiFZY73
K9DKDdavZT5sYxdAEUJG9Vmxa3PvOLhEuzX97uwoQsMTH+zvYXyd9Fi9Eg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:29:59 2025 by rpki-client