Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31302e302f32342d3234203d3e20313336373837.roa
File: 33312e3232302e31302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: dWhqbzGcUmrvhZd3aItPRI60V/07ktTjOeiS0h2++FM=
Subject key identifier: 56:84:4C:A0:00:6A:A2:51:AA:FE:D8:AB:62:DF:76:8A:B9:0A:14:8D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 59E2E93302361A358EF9F430E54F2969FE298BC5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 28 Sep 2025 20:47:39 +0000
ROA not before: Sun 28 Sep 2025 20:42:39 +0000
ROA not after: Sun 27 Sep 2026 20:47:39 +0000
asID: 136787
IP address blocks: 31.220.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:e2:e9:33:02:36:1a:35:8e:f9:f4:30:e5:4f:29:69:fe:29:8b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 28 20:42:39 2025 GMT
Not After : Sep 27 20:47:39 2026 GMT
Subject: CN=56844CA0006AA251AAFED8AB62DF768AB90A148D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:77:e7:60:1a:f4:25:17:67:6f:d0:60:7b:de:
9b:7c:64:97:4f:92:4f:97:70:7b:1c:ce:7b:78:ff:
2f:e9:89:68:23:d3:f3:ce:4e:1b:e9:67:61:49:03:
a8:5a:1b:5a:0f:d8:8b:e7:14:da:68:34:64:13:4a:
61:dc:64:95:17:60:d3:32:63:02:20:35:2c:6e:e0:
21:55:fd:b6:df:7c:2e:5d:20:0d:ac:39:6d:0c:2a:
e6:82:60:60:90:0e:06:2d:37:87:75:be:dd:4f:1a:
64:f5:3e:43:47:9f:b1:62:6c:7b:bc:be:4a:66:fd:
02:78:90:28:b3:2a:19:be:df:cc:0e:07:65:03:e3:
77:26:45:9c:a6:53:c7:31:da:a5:fb:1d:76:1b:bc:
f2:7b:68:69:d6:03:3d:64:ba:bd:87:13:55:e5:07:
03:16:fa:84:1f:0d:cc:90:22:56:dd:5a:2c:9a:af:
43:8c:51:d8:52:d2:6a:51:b4:47:f8:73:0e:e8:41:
af:49:21:c8:b4:9d:09:a3:b6:c4:cc:bb:c8:37:70:
d4:73:01:80:1c:1d:2c:db:2a:fc:ed:ae:cd:cf:20:
31:f9:9d:06:5c:aa:20:91:bf:1c:27:e0:8e:07:1f:
83:00:9e:2b:5a:94:a2:86:fe:aa:43:da:b3:4f:6b:
1f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:84:4C:A0:00:6A:A2:51:AA:FE:D8:AB:62:DF:76:8A:B9:0A:14:8D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.10.0/24
Signature Algorithm: sha256WithRSAEncryption
40:0b:f5:61:42:da:6c:79:06:d0:49:e3:5a:56:a2:a4:3d:bc:
c5:db:dc:52:0c:13:ea:36:b8:01:ce:a2:f1:07:d1:88:3e:67:
a8:c7:47:d9:96:b7:c7:78:68:f9:6e:bd:d8:3f:de:bc:fd:e7:
6a:0c:f5:70:74:ea:b4:8f:30:48:05:55:e1:63:a5:29:3a:34:
1d:59:ed:3f:62:72:61:8f:6a:b3:4b:2e:49:a7:9b:32:3f:2e:
d6:4c:70:92:45:80:62:3a:d2:1f:77:20:ec:97:08:91:d8:ac:
ee:cf:89:ba:10:38:d6:63:a1:f0:5a:02:83:bb:5c:ea:14:f8:
52:3a:d5:b3:21:c7:df:d0:80:7a:b8:a9:80:d8:7a:ed:48:c0:
45:a3:14:55:a9:0d:3a:28:ad:58:ff:f3:d8:2a:c5:14:4a:25:
07:56:23:ab:9d:a6:34:7f:0e:f8:e1:e7:64:b4:06:68:02:59:
d0:4b:71:e9:7f:ea:33:0b:15:cb:ac:55:ac:18:5c:71:e7:f9:
79:17:9e:b0:0e:98:84:4a:45:36:5f:e0:fa:e8:8d:a4:9a:7d:
d1:58:09:ee:30:6d:ef:4f:52:58:3e:38:80:3b:72:10:3b:e5:
e2:d0:eb:6a:b0:66:b1:41:d0:b4:d8:23:20:1d:eb:cb:38:84:
27:e8:60:94
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWeLpMwI2GjWO+fQw5U8paf4pi8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjgyMDQyMzlaFw0yNjA5MjcyMDQ3MzlaMDMxMTAvBgNV
BAMTKDU2ODQ0Q0EwMDA2QUEyNTFBQUZFRDhBQjYyREY3NjhBQjkwQTE0OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCud+dgGvQlF2dv0GB73pt8ZJdP
kk+XcHscznt4/y/piWgj0/POThvpZ2FJA6haG1oP2IvnFNpoNGQTSmHcZJUXYNMy
YwIgNSxu4CFV/bbffC5dIA2sOW0MKuaCYGCQDgYtN4d1vt1PGmT1PkNHn7FibHu8
vkpm/QJ4kCizKhm+38wOB2UD43cmRZymU8cx2qX7HXYbvPJ7aGnWAz1kur2HE1Xl
BwMW+oQfDcyQIlbdWiyar0OMUdhS0mpRtEf4cw7oQa9JIci0nQmjtsTMu8g3cNRz
AYAcHSzbKvztrs3PIDH5nQZcqiCRvxwn4I4HH4MAnitalKKG/qpD2rNPax8/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVoRMoABqolGq/tirYt92irkKFI0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9wKMA0GCSqGSIb3DQEBCwUAA4IBAQBAC/VhQtpseQbQSeNaVqKkPbzF29xSDBPq
NrgBzqLxB9GIPmeox0fZlrfHeGj5br3YP968/edqDPVwdOq0jzBIBVXhY6UpOjQd
We0/YnJhj2qzSy5Jp5syPy7WTHCSRYBiOtIfdyDslwiR2Kzuz4m6EDjWY6HwWgKD
u1zqFPhSOtWzIcff0IB6uKmA2HrtSMBFoxRVqQ06KK1Y//PYKsUUSiUHViOrnaY0
fw744edktAZoAlnQS3Hpf+ozCxXLrFWsGFxx5/l5F56wDpiESkU2X+D66I2kmn3R
WAnuMG3vT1JYPjiAO3IQO+Xi0OtqsGaxQdC02CMgHevLOIQn6GCU
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:21:21 2025 by rpki-client