Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32372e302f32342d3234203d3e20313530323739.roa
File: 3231372e3231372e32372e302f32342d3234203d3e20313530323739.roa (raw, json)
Hash identifier: yj02gBcHDn9y63NTL3j2Sc2FyZ+hJ53yT2/eeD0mfU8=
Subject key identifier: C6:1C:C3:7F:36:3F:3C:A8:B9:E7:33:E9:0C:94:02:4E:AA:B4:75:B4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 653AF11551CF6CD46C6625F9BA36AE935EA9F66F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32372e302f32342d3234203d3e20313530323739.roa
Signing time: Thu 25 Sep 2025 07:07:21 +0000
ROA not before: Thu 25 Sep 2025 07:02:21 +0000
ROA not after: Thu 24 Sep 2026 07:07:21 +0000
asID: 150279
IP address blocks: 217.217.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:3a:f1:15:51:cf:6c:d4:6c:66:25:f9:ba:36:ae:93:5e:a9:f6:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 25 07:02:21 2025 GMT
Not After : Sep 24 07:07:21 2026 GMT
Subject: CN=C61CC37F363F3CA8B9E733E90C94024EAAB475B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5c:2a:ad:96:6c:44:32:16:f6:ba:8a:30:3e:
23:e5:14:3c:9c:80:16:f3:dc:78:f1:a9:8b:98:f7:
cb:f0:1d:06:1a:e7:73:d1:86:eb:27:7a:6f:f9:79:
34:f1:aa:1d:ec:63:fb:d7:52:77:fd:d6:50:79:e2:
e4:bf:e6:1d:f0:48:b2:be:11:dd:d5:f8:d4:fe:ba:
2e:60:c3:bb:bd:ed:e8:7d:f3:97:56:da:33:a9:82:
10:05:b1:bb:17:43:14:a5:69:59:4b:f5:6c:76:ea:
79:15:e0:5f:84:7f:2f:06:43:ef:f5:c6:b4:f3:ec:
cc:ae:fe:90:8e:c6:9e:bd:ba:be:72:33:58:9d:e3:
45:ea:49:a9:31:35:d5:f2:dc:89:9a:74:4d:31:40:
1e:03:ed:44:50:25:f0:97:48:8d:02:5e:ca:06:7f:
2a:7f:8b:75:f6:0e:6b:b6:b6:0b:88:70:80:df:1a:
90:a6:d2:41:e9:ab:96:c1:e3:86:7e:d9:ad:43:fd:
b4:81:6a:62:53:be:3e:d1:96:04:ce:5a:08:2b:ce:
03:92:03:16:0b:68:23:4c:5c:c5:e7:89:22:ff:64:
8b:c2:5a:c0:7d:8d:ac:a9:70:1e:48:06:c7:1b:7d:
41:aa:36:ff:c6:84:42:58:cd:09:cb:21:23:c3:ee:
1a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1C:C3:7F:36:3F:3C:A8:B9:E7:33:E9:0C:94:02:4E:AA:B4:75:B4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32372e302f32342d3234203d3e20313530323739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.27.0/24
Signature Algorithm: sha256WithRSAEncryption
83:ef:b5:1d:63:10:d2:13:cb:1c:5e:8e:d3:58:11:96:d5:27:
c5:1d:a1:8c:21:1c:56:f1:63:f7:7d:ae:5b:c7:2b:6e:2b:a7:
41:00:50:15:54:29:fd:d2:d6:a3:5f:92:16:2b:08:ab:ec:43:
58:e7:78:5f:75:78:0d:da:fe:25:e8:e7:93:7b:f9:4d:ab:f4:
77:eb:84:d0:c0:92:a5:ea:31:a9:96:51:5f:9e:2b:ca:97:4a:
ec:0c:26:4a:7b:cf:6d:c8:ce:4b:0a:28:24:7f:cf:ad:a0:f7:
41:4e:05:c9:43:da:a1:48:ab:bd:f1:a3:65:99:97:9f:65:b2:
b1:9e:ea:75:4f:a9:8c:9c:29:3d:89:3c:fd:98:c7:e0:c2:b4:
6b:2f:ad:a2:fd:78:fa:1d:24:2e:3f:6c:d5:8f:db:78:6b:50:
76:10:f9:3b:53:c8:57:09:5d:92:99:01:9b:29:f9:e3:64:9d:
c2:79:8b:e2:ea:a3:2b:a1:78:2b:5b:43:06:ea:43:6a:31:40:
af:ba:98:15:ff:78:4f:e8:e6:ea:cc:e0:89:40:69:2f:35:a4:
87:68:ad:88:b4:88:2e:ea:b4:16:99:b0:4e:c0:e5:0f:62:58:
cb:bf:67:c4:6c:aa:7c:52:20:c4:79:a0:cc:7c:25:9c:36:6a:
a5:78:53:2b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZTrxFVHPbNRsZiX5ujauk16p9m8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjUwNzAyMjFaFw0yNjA5MjQwNzA3MjFaMDMxMTAvBgNV
BAMTKEM2MUNDMzdGMzYzRjNDQThCOUU3MzNFOTBDOTQwMjRFQUFCNDc1QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTXCqtlmxEMhb2uoowPiPlFDyc
gBbz3HjxqYuY98vwHQYa53PRhusnem/5eTTxqh3sY/vXUnf91lB54uS/5h3wSLK+
Ed3V+NT+ui5gw7u97eh985dW2jOpghAFsbsXQxSlaVlL9Wx26nkV4F+Efy8GQ+/1
xrTz7Myu/pCOxp69ur5yM1id40XqSakxNdXy3ImadE0xQB4D7URQJfCXSI0CXsoG
fyp/i3X2Dmu2tguIcIDfGpCm0kHpq5bB44Z+2a1D/bSBamJTvj7RlgTOWggrzgOS
AxYLaCNMXMXniSL/ZIvCWsB9jaypcB5IBscbfUGqNv/GhEJYzQnLISPD7hrLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxhzDfzY/PKi55zPpDJQCTqq0dbQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzAzMjM3Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2RswDQYJKoZIhvcNAQELBQADggEBAIPvtR1jENITyxxejtNYEZbVJ8UdoYwh
HFbxY/d9rlvHK24rp0EAUBVUKf3S1qNfkhYrCKvsQ1jneF91eA3a/iXo55N7+U2r
9HfrhNDAkqXqMamWUV+eK8qXSuwMJkp7z23IzksKKCR/z62g90FOBclD2qFIq73x
o2WZl59lsrGe6nVPqYycKT2JPP2Yx+DCtGsvraL9ePodJC4/bNWP23hrUHYQ+TtT
yFcJXZKZAZsp+eNkncJ5i+LqoyuheCtbQwbqQ2oxQK+6mBX/eE/o5urM4IlAaS81
pIdorYi0iC7qtBaZsE7A5Q9iWMu/Z8RsqnxSIMR5oMx8JZw2aqV4Uys=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:06 2025 by rpki-client