Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234362e302f32342d3234203d3e20323136323533.roa
File: 3231372e3231372e3234362e302f32342d3234203d3e20323136323533.roa (raw, json)
Hash identifier: +nMnMIWiRh04c1M8eCJCgf+cKfreXDD9zMu+P+wmCy4=
Subject key identifier: 95:FA:DD:A6:1E:B9:80:48:BB:20:28:71:4C:62:65:04:12:B9:4C:92
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3F73F0BFBACA43A8197903842703FFC0CCEF493A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234362e302f32342d3234203d3e20323136323533.roa
Signing time: Tue 16 Sep 2025 18:39:52 +0000
ROA not before: Tue 16 Sep 2025 18:34:52 +0000
ROA not after: Tue 15 Sep 2026 18:39:52 +0000
asID: 216253
IP address blocks: 217.217.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:73:f0:bf:ba:ca:43:a8:19:79:03:84:27:03:ff:c0:cc:ef:49:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 16 18:34:52 2025 GMT
Not After : Sep 15 18:39:52 2026 GMT
Subject: CN=95FADDA61EB98048BB2028714C62650412B94C92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bf:2c:7d:4a:5e:7c:52:0d:d5:47:a3:59:7c:
c5:44:e8:6f:d2:cc:33:1b:1b:c6:53:7a:0d:d4:f9:
bc:ab:4e:14:bb:19:c9:28:8e:dd:13:46:51:f2:10:
d5:14:c6:81:60:f7:15:0a:9e:ef:4f:09:34:30:8e:
d3:6b:9f:86:9a:6d:48:4a:b9:96:e8:d4:91:d7:10:
66:6b:29:46:5d:cf:5f:90:f4:a0:5a:79:59:14:70:
3b:79:7e:08:f1:32:4c:9e:32:c8:66:22:41:51:ce:
6d:fb:56:77:ff:fa:14:25:30:96:32:0d:b0:04:f6:
b0:c0:49:6c:2d:f8:10:27:72:4f:8a:c3:f6:e5:62:
b9:fe:af:f3:b4:06:64:c9:62:b0:d0:59:ce:5e:ea:
f7:37:81:6c:ed:95:ec:ae:56:36:5b:2a:7b:c5:ff:
83:bd:16:8e:a8:7a:77:34:48:c9:9f:32:53:71:c0:
3f:24:70:b8:7d:4d:ec:f0:d6:4c:fe:a8:36:84:c3:
7c:0d:f3:73:95:b2:1b:b5:7d:55:96:a3:cd:c7:85:
4b:39:4b:21:a3:5d:e3:11:03:23:91:33:93:f4:53:
dd:ff:e5:dc:60:92:c7:10:b5:a9:1d:01:85:b7:31:
ab:79:6a:61:ac:c1:72:dc:be:12:72:23:1f:75:6f:
67:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:FA:DD:A6:1E:B9:80:48:BB:20:28:71:4C:62:65:04:12:B9:4C:92
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234362e302f32342d3234203d3e20323136323533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.246.0/24
Signature Algorithm: sha256WithRSAEncryption
20:ba:3e:3c:ad:ab:b5:58:c1:bc:a7:a8:97:88:38:92:d4:f8:
05:1a:09:25:33:a7:cb:d3:d9:a8:79:41:9a:18:60:3e:eb:29:
6a:45:ab:bf:04:f3:a5:05:86:f2:aa:67:42:9d:27:e8:10:64:
54:a6:d9:69:03:d4:29:9f:83:c0:a2:fe:5d:49:d9:51:d2:b7:
65:87:45:d1:a6:0c:93:45:b5:f8:9b:67:df:2c:49:92:97:6b:
f2:27:31:fc:56:0e:93:c8:34:9c:02:d9:2f:0f:fb:f5:bc:7d:
11:bc:6d:3c:a8:1c:1c:3b:2c:35:1b:2f:a1:17:10:57:13:fd:
de:9a:8c:d4:38:80:1c:87:ff:f9:b1:82:b4:14:1c:fe:2b:44:
d5:6a:35:94:53:27:11:af:f4:7b:3a:47:ee:88:c6:4e:29:a5:
44:46:9e:a1:34:4b:01:13:9d:e3:dc:c6:df:91:12:1f:0b:87:
b8:b8:c7:5f:31:07:48:25:88:f3:ee:4d:d6:6d:94:4d:1b:a3:
53:67:6a:3c:27:fa:cb:1c:ed:95:0a:3a:17:94:52:ba:a6:22:
cb:ba:f3:77:46:ad:a4:a6:70:4f:56:66:e2:4d:c2:98:9e:4a:
2e:bb:4f:4b:8b:9f:90:b2:a5:03:3e:27:27:dd:a6:b0:42:ba:
56:6a:77:ee
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUP3Pwv7rKQ6gZeQOEJwP/wMzvSTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MTYxODM0NTJaFw0yNjA5MTUxODM5NTJaMDMxMTAvBgNV
BAMTKDk1RkFEREE2MUVCOTgwNDhCQjIwMjg3MTRDNjI2NTA0MTJCOTRDOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxvyx9Sl58Ug3VR6NZfMVE6G/S
zDMbG8ZTeg3U+byrThS7Gckojt0TRlHyENUUxoFg9xUKnu9PCTQwjtNrn4aabUhK
uZbo1JHXEGZrKUZdz1+Q9KBaeVkUcDt5fgjxMkyeMshmIkFRzm37Vnf/+hQlMJYy
DbAE9rDASWwt+BAnck+Kw/blYrn+r/O0BmTJYrDQWc5e6vc3gWztleyuVjZbKnvF
/4O9Fo6oenc0SMmfMlNxwD8kcLh9Tezw1kz+qDaEw3wN83OVshu1fVWWo83HhUs5
SyGjXeMRAyORM5P0U93/5dxgkscQtakdAYW3Mat5amGswXLcvhJyIx91b2ffAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUlfrdph65gEi7IChxTGJlBBK5TJIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzQzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNjMyMzUzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZ9jANBgkqhkiG9w0BAQsFAAOCAQEAILo+PK2rtVjBvKeol4g4ktT4BRoJ
JTOny9PZqHlBmhhgPuspakWrvwTzpQWG8qpnQp0n6BBkVKbZaQPUKZ+DwKL+XUnZ
UdK3ZYdF0aYMk0W1+Jtn3yxJkpdr8icx/FYOk8g0nALZLw/79bx9EbxtPKgcHDss
NRsvoRcQVxP93pqM1DiAHIf/+bGCtBQc/itE1Wo1lFMnEa/0ezpH7ojGTimlREae
oTRLAROd49zG35ESHwuHuLjHXzEHSCWI8+5N1m2UTRujU2dqPCf6yxztlQo6F5RS
uqYiy7rzd0atpKZwT1Zm4k3CmJ5KLrtPS4ufkLKlAz4nJ92msEK6Vmp37g==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:05 2025 by rpki-client