Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234352e302f32342d3234203d3e20323136323533.roa
File: 3231372e3231372e3234352e302f32342d3234203d3e20323136323533.roa (raw, json)
Hash identifier: AWaQI50xJVqTaEOAFIAY+0W3p1dzHByrS8upLlatqwE=
Subject key identifier: C1:3D:ED:08:65:BC:21:2E:49:30:1F:A5:AC:9B:CD:87:7E:17:A7:E2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 415B6BDD5E3EB4FCA2B43AC3A7CD2313FBE92969
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234352e302f32342d3234203d3e20323136323533.roa
Signing time: Tue 16 Sep 2025 18:40:00 +0000
ROA not before: Tue 16 Sep 2025 18:35:00 +0000
ROA not after: Tue 15 Sep 2026 18:40:00 +0000
asID: 216253
IP address blocks: 217.217.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:5b:6b:dd:5e:3e:b4:fc:a2:b4:3a:c3:a7:cd:23:13:fb:e9:29:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 16 18:35:00 2025 GMT
Not After : Sep 15 18:40:00 2026 GMT
Subject: CN=C13DED0865BC212E49301FA5AC9BCD877E17A7E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:67:a8:52:94:c1:00:6f:c3:42:18:fe:32:34:
0a:60:fb:17:3a:d8:61:d3:2e:3a:18:95:4d:a9:e5:
5d:bf:09:62:f5:a7:7f:f9:08:94:4d:f1:3f:98:28:
93:2b:ca:c8:86:c8:c7:63:1a:81:54:b5:c1:bd:10:
f7:cf:4a:38:48:03:dd:cf:38:6f:c0:a2:71:04:2c:
85:01:b2:3c:16:a0:e0:fa:79:69:16:7a:f5:8c:a5:
12:d7:19:ee:40:f1:fb:c1:30:e7:6c:16:d5:58:ac:
d2:ef:7c:f2:d7:db:0a:03:5c:1a:68:f7:0e:3d:67:
9f:62:f2:75:86:49:ff:9b:25:5b:a4:22:fe:a1:16:
60:2d:69:32:de:a0:0b:9c:0d:e8:47:51:90:48:76:
62:15:d8:a5:d7:f6:f8:ae:17:ee:2c:7f:8f:5d:50:
c1:e2:fb:7c:b4:fc:2c:25:b1:81:eb:59:5e:dc:a1:
53:12:70:2d:a6:b9:5a:fe:b8:a7:b5:90:d7:70:4c:
67:33:ae:44:39:f7:39:96:4c:a9:19:bb:9a:0f:fd:
87:e0:45:9a:5c:1d:14:1e:e7:39:3e:37:27:94:82:
fd:2c:2b:2e:46:2e:8b:69:5d:65:12:55:af:7d:66:
18:c6:0c:07:7a:e0:45:55:00:17:a6:46:30:80:50:
04:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3D:ED:08:65:BC:21:2E:49:30:1F:A5:AC:9B:CD:87:7E:17:A7:E2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234352e302f32342d3234203d3e20323136323533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.245.0/24
Signature Algorithm: sha256WithRSAEncryption
47:e5:eb:38:41:3b:59:c9:cd:c2:7c:b0:4b:62:89:19:fc:bb:
0f:fb:26:9c:73:ea:68:65:a7:ac:a4:0d:bd:03:bc:47:da:84:
0c:50:cd:8e:ba:f7:00:f2:47:da:bd:75:74:84:51:7d:87:1b:
fd:fb:ab:25:07:31:e1:85:8a:3e:c2:9f:7b:60:2f:34:47:5d:
55:61:16:2e:a3:39:0a:ce:b8:f4:6e:4f:1a:e1:a8:b7:c0:17:
7e:57:75:80:73:c9:f4:5c:63:37:90:5a:5f:23:a8:67:7c:75:
6b:ca:3d:19:94:cf:3f:97:a6:f4:87:45:31:71:95:ff:0c:e5:
0a:4e:41:a0:d8:7c:17:67:ef:27:fa:e1:94:39:cc:b2:99:93:
1e:ea:01:8c:88:07:5a:fe:bf:bd:50:25:00:17:eb:3a:ba:87:
d4:05:43:fa:4f:b3:a0:6e:3f:23:20:87:75:9f:eb:f5:1a:45:
38:15:77:61:54:bf:e2:e7:1a:d8:80:6c:0f:1a:80:d2:03:dc:
9b:cb:02:0f:bd:dd:e5:ee:91:82:4b:58:4c:23:46:a3:13:dc:
a2:1c:1c:90:5f:91:c4:31:34:3c:5d:46:66:9b:92:54:7b:76:
c4:03:0d:e1:a6:c8:9e:d9:94:d5:92:e7:5c:e6:44:58:29:8b:
96:01:2e:3e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQVtr3V4+tPyitDrDp80jE/vpKWkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MTYxODM1MDBaFw0yNjA5MTUxODQwMDBaMDMxMTAvBgNV
BAMTKEMxM0RFRDA4NjVCQzIxMkU0OTMwMUZBNUFDOUJDRDg3N0UxN0E3RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAZ6hSlMEAb8NCGP4yNApg+xc6
2GHTLjoYlU2p5V2/CWL1p3/5CJRN8T+YKJMrysiGyMdjGoFUtcG9EPfPSjhIA93P
OG/AonEELIUBsjwWoOD6eWkWevWMpRLXGe5A8fvBMOdsFtVYrNLvfPLX2woDXBpo
9w49Z59i8nWGSf+bJVukIv6hFmAtaTLeoAucDehHUZBIdmIV2KXX9viuF+4sf49d
UMHi+3y0/CwlsYHrWV7coVMScC2muVr+uKe1kNdwTGczrkQ59zmWTKkZu5oP/Yfg
RZpcHRQe5zk+NyeUgv0sKy5GLotpXWUSVa99ZhjGDAd64EVVABemRjCAUASXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUwT3tCGW8IS5JMB+lrJvNh34Xp+IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzQzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNjMyMzUzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZ9TANBgkqhkiG9w0BAQsFAAOCAQEAR+XrOEE7WcnNwnywS2KJGfy7D/sm
nHPqaGWnrKQNvQO8R9qEDFDNjrr3APJH2r11dIRRfYcb/furJQcx4YWKPsKfe2Av
NEddVWEWLqM5Cs649G5PGuGot8AXfld1gHPJ9FxjN5BaXyOoZ3x1a8o9GZTPP5em
9IdFMXGV/wzlCk5BoNh8F2fvJ/rhlDnMspmTHuoBjIgHWv6/vVAlABfrOrqH1AVD
+k+zoG4/IyCHdZ/r9RpFOBV3YVS/4uca2IBsDxqA0gPcm8sCD73d5e6RgktYTCNG
oxPcohwckF+RxDE0PF1GZpuSVHt2xAMN4abIntmU1ZLnXOZEWCmLlgEuPg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:04 2025 by rpki-client