Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234302e302f32342d3234203d3e20323132323338.roa
File: 3231372e3231372e3234302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: MyonPcpxUZqh7UD0USAAv0zZKOhgeRmEORyFcAq+PCs=
Subject key identifier: 3C:98:14:29:97:FB:34:ED:23:0C:2F:32:45:92:61:7F:4A:AA:35:74
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4BC17313AE0F9EA68E089D040746DDF722E92DC2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234302e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 07 Aug 2025 08:04:57 +0000
ROA not before: Thu 07 Aug 2025 07:59:57 +0000
ROA not after: Thu 06 Aug 2026 08:04:57 +0000
asID: 212238
IP address blocks: 217.217.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:c1:73:13:ae:0f:9e:a6:8e:08:9d:04:07:46:dd:f7:22:e9:2d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 7 07:59:57 2025 GMT
Not After : Aug 6 08:04:57 2026 GMT
Subject: CN=3C98142997FB34ED230C2F324592617F4AAA3574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:79:f1:fe:99:0b:35:34:c5:3f:e9:72:c1:82:
af:75:0d:34:31:3d:1c:da:e6:bb:c3:1e:ac:26:fd:
2f:ed:7b:2f:d3:26:65:28:e2:a3:61:57:3b:34:a1:
37:98:3a:a8:78:2f:de:e1:a8:c9:ce:84:1b:3c:0e:
9c:b4:01:45:a7:f2:6e:f7:16:0e:9c:0b:6c:f8:6c:
66:b5:18:9b:6f:ac:3e:05:4f:ae:8d:31:06:2a:94:
f3:ae:cb:59:8c:df:05:2f:39:47:4b:56:a9:72:9a:
d7:d7:15:7e:ca:7b:2c:19:cf:8a:60:b8:e1:18:49:
89:d8:b1:be:73:dd:b5:2f:52:e2:9e:70:c0:07:d2:
60:d2:51:a6:fc:c8:98:28:f2:bd:28:37:89:ef:87:
12:0c:f4:b3:67:b8:31:6b:fb:18:fb:59:1e:21:32:
b2:79:f2:64:aa:a7:1a:ef:77:71:d2:01:28:35:7a:
d7:89:23:3f:11:5b:62:4c:c6:69:b6:21:ba:d1:bd:
f5:00:87:34:86:49:d0:99:ec:25:70:11:fd:de:9f:
94:d3:25:f2:03:23:14:16:fd:05:44:10:9d:43:02:
22:76:40:fe:c9:0f:2a:7d:ec:38:8d:d2:8c:4a:f0:
df:d1:9c:be:6f:a7:22:7d:e2:f4:39:4c:d1:da:4d:
40:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:98:14:29:97:FB:34:ED:23:0C:2F:32:45:92:61:7F:4A:AA:35:74
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.240.0/24
Signature Algorithm: sha256WithRSAEncryption
99:ca:18:51:9f:23:6d:a3:f5:90:16:9c:ee:c5:2c:c2:e4:f9:
e3:29:39:22:22:83:e5:c9:8e:25:7f:f8:e8:e4:c6:81:11:24:
70:71:af:b0:56:5b:76:7a:25:8a:ee:c1:10:fb:59:a4:2b:b9:
2d:10:e9:b3:8f:4a:b4:ab:8c:0b:2a:10:36:74:70:b2:0e:ee:
8b:f0:22:eb:51:62:34:23:ed:7a:a1:fb:79:a5:09:9c:03:2f:
8f:af:f7:b4:4e:5b:3d:ce:e1:5f:26:dd:00:b6:c5:4e:00:9b:
1b:8f:41:35:a8:cd:4b:9e:4c:b0:9f:16:3f:ee:e8:d7:bf:be:
21:7c:bb:58:7a:67:bf:c8:22:34:a6:8f:eb:ee:97:41:a7:7a:
5f:ee:c3:a7:8b:0c:ac:94:6c:5e:cb:7a:0a:ac:74:13:bf:cf:
ad:0d:53:a3:20:76:c5:52:72:82:90:ff:b4:87:ff:5a:c7:15:
f1:ee:d7:5b:a7:2c:62:a4:9e:d2:31:63:7a:ae:98:27:50:4d:
c8:ac:99:d5:8c:14:71:c0:34:6c:ca:c6:dc:ee:79:56:a5:db:
a2:6e:57:b6:5d:7c:2d:da:5f:8e:62:61:7e:7a:98:79:8f:53:
14:d5:13:f1:f0:b3:b1:67:92:08:4c:cb:aa:98:0e:9d:48:7b:
58:b8:6e:cf
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUS8FzE64PnqaOCJ0EB0bd9yLpLcIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MDcwNzU5NTdaFw0yNjA4MDYwODA0NTdaMDMxMTAvBgNV
BAMTKDNDOTgxNDI5OTdGQjM0RUQyMzBDMkYzMjQ1OTI2MTdGNEFBQTM1NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPefH+mQs1NMU/6XLBgq91DTQx
PRza5rvDHqwm/S/tey/TJmUo4qNhVzs0oTeYOqh4L97hqMnOhBs8Dpy0AUWn8m73
Fg6cC2z4bGa1GJtvrD4FT66NMQYqlPOuy1mM3wUvOUdLVqlymtfXFX7KeywZz4pg
uOEYSYnYsb5z3bUvUuKecMAH0mDSUab8yJgo8r0oN4nvhxIM9LNnuDFr+xj7WR4h
MrJ58mSqpxrvd3HSASg1eteJIz8RW2JMxmm2IbrRvfUAhzSGSdCZ7CVwEf3en5TT
JfIDIxQW/QVEEJ1DAiJ2QP7JDyp97DiN0oxK8N/RnL5vpyJ94vQ5TNHaTUDLAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUPJgUKZf7NO0jDC8yRZJhf0qqNXQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZ8DANBgkqhkiG9w0BAQsFAAOCAQEAmcoYUZ8jbaP1kBac7sUswuT54yk5
IiKD5cmOJX/46OTGgREkcHGvsFZbdnoliu7BEPtZpCu5LRDps49KtKuMCyoQNnRw
sg7ui/Ai61FiNCPteqH7eaUJnAMvj6/3tE5bPc7hXybdALbFTgCbG49BNajNS55M
sJ8WP+7o17++IXy7WHpnv8giNKaP6+6XQad6X+7Dp4sMrJRsXst6Cqx0E7/PrQ1T
oyB2xVJygpD/tIf/WscV8e7XW6csYqSe0jFjeq6YJ1BNyKyZ1YwUccA0bMrG3O55
VqXbom5Xtl18LdpfjmJhfnqYeY9TFNUT8fCzsWeSCEzLqpgOnUh7WLhuzw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:52:01 2025 by rpki-client