Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3130342e302f32312d3231203d3e203230333236.roa
File: 3231372e3231372e3130342e302f32312d3231203d3e203230333236.roa (raw, json)
Hash identifier: ink8FXWrbyfwcAlfWWEgwDSrlY5LtukEcg2TwvELXXQ=
Subject key identifier: DD:B4:9A:8F:BF:7A:64:A0:19:41:23:CC:05:08:A7:A7:90:25:A5:25
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 67198AB14F3B8427A3AA7BE572DE42EE77938EB3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3130342e302f32312d3231203d3e203230333236.roa
Signing time: Wed 23 Jul 2025 08:54:16 +0000
ROA not before: Wed 23 Jul 2025 08:49:16 +0000
ROA not after: Wed 22 Jul 2026 08:54:16 +0000
asID: 20326
IP address blocks: 217.217.104.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:19:8a:b1:4f:3b:84:27:a3:aa:7b:e5:72:de:42:ee:77:93:8e:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 23 08:49:16 2025 GMT
Not After : Jul 22 08:54:16 2026 GMT
Subject: CN=DDB49A8FBF7A64A0194123CC0508A7A79025A525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c5:f2:11:d9:f2:5f:92:62:fa:4f:d6:bd:19:
9b:3c:e1:3d:11:38:4d:3b:00:e8:f7:ee:53:9b:0c:
b2:dc:9b:73:b4:73:5f:eb:c6:f4:1d:e0:80:ca:ec:
1f:9f:92:17:3a:38:13:96:f9:5f:69:fc:ef:a2:a8:
e8:6f:5a:06:03:f2:b2:4a:bc:bc:ff:99:dc:59:d6:
40:ef:20:9c:f5:e5:03:91:52:19:3e:21:cb:ac:30:
8b:b5:ea:52:ac:91:ca:aa:e8:60:c9:37:95:20:b5:
1b:d2:1b:c6:bc:f9:31:3f:27:c0:83:d1:1f:19:b2:
20:1b:50:45:e8:66:12:04:f4:a2:9d:d5:16:8c:26:
f5:ad:59:6d:1c:5f:82:e8:5d:f2:3e:68:95:26:94:
e6:0f:ff:e1:f1:23:d0:80:96:8f:44:d5:1b:9b:f7:
b7:ec:2c:8e:03:54:f6:ec:ed:70:32:fd:5b:db:84:
13:c7:61:8e:94:78:80:d0:43:ec:d5:5e:db:90:e6:
33:6d:ad:13:90:46:0c:5d:b9:18:03:88:89:4e:72:
bc:cb:e8:50:61:f3:da:1c:2a:b6:a6:b2:b2:0d:f8:
05:77:17:d7:33:0b:00:57:b0:6f:00:d4:c0:1b:e9:
6a:f3:19:4b:fe:28:c5:f7:4e:1d:3a:fe:b5:3e:a6:
ad:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:B4:9A:8F:BF:7A:64:A0:19:41:23:CC:05:08:A7:A7:90:25:A5:25
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3130342e302f32312d3231203d3e203230333236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.104.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:f0:02:92:36:0f:ab:48:69:08:a4:74:db:cc:42:56:45:b7:
e9:04:f0:fe:21:31:34:82:f7:a6:46:0f:cb:55:b8:10:3d:33:
95:9a:87:40:de:27:5b:9a:ad:1e:01:12:1d:8c:65:2c:40:1f:
d9:bd:f9:17:e9:38:9a:e6:9c:88:05:af:c8:46:92:d0:1e:25:
f9:a1:7a:62:4d:23:60:a5:a2:0d:1e:6b:9e:a1:27:55:ec:bd:
ff:7a:ed:1c:4f:e0:6d:6a:b0:3a:08:09:2a:3d:85:af:0e:df:
1e:d0:2f:64:cc:6b:8c:20:a2:39:22:8e:14:f1:36:ca:22:4c:
7a:89:e3:2d:00:d9:75:2d:de:11:ae:c4:eb:9e:9f:f9:69:63:
fe:2b:e1:d5:7b:e0:d9:89:b8:9e:1a:43:51:15:18:69:06:9c:
9d:c0:93:0c:82:2a:3d:ac:50:99:4f:d6:42:63:85:5a:56:db:
92:a2:f4:09:88:af:94:23:a9:63:a1:70:50:bc:64:3d:59:af:
10:a4:dd:05:b4:5d:eb:76:89:77:e2:b1:4b:1e:0c:37:a2:cd:
3d:2f:58:ab:30:fd:73:c1:77:3e:6f:55:55:8a:57:fc:6b:44:
80:60:ca:50:07:47:d7:3c:a5:23:d9:ea:bf:22:22:06:bb:08:
6b:66:b7:bd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZxmKsU87hCejqnvlct5C7neTjrMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjMwODQ5MTZaFw0yNjA3MjIwODU0MTZaMDMxMTAvBgNV
BAMTKEREQjQ5QThGQkY3QTY0QTAxOTQxMjNDQzA1MDhBN0E3OTAyNUE1MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoxfIR2fJfkmL6T9a9GZs84T0R
OE07AOj37lObDLLcm3O0c1/rxvQd4IDK7B+fkhc6OBOW+V9p/O+iqOhvWgYD8rJK
vLz/mdxZ1kDvIJz15QORUhk+IcusMIu16lKskcqq6GDJN5UgtRvSG8a8+TE/J8CD
0R8ZsiAbUEXoZhIE9KKd1RaMJvWtWW0cX4LoXfI+aJUmlOYP/+HxI9CAlo9E1Rub
97fsLI4DVPbs7XAy/VvbhBPHYY6UeIDQQ+zVXtuQ5jNtrROQRgxduRgDiIlOcrzL
6FBh89ocKramsrIN+AV3F9czCwBXsG8A1MAb6WrzGUv+KMX3Th06/rU+pq1HAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3bSaj796ZKAZQSPMBQinp5AlpSUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzAzNDJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDMyMzAzMzMyMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPZ2WgwDQYJKoZIhvcNAQELBQADggEBAEzwApI2D6tIaQikdNvMQlZFt+kE8P4h
MTSC96ZGD8tVuBA9M5Wah0DeJ1uarR4BEh2MZSxAH9m9+RfpOJrmnIgFr8hGktAe
JfmhemJNI2Clog0ea56hJ1Xsvf967RxP4G1qsDoICSo9ha8O3x7QL2TMa4wgojki
jhTxNsoiTHqJ4y0A2XUt3hGuxOuen/lpY/4r4dV74NmJuJ4aQ1EVGGkGnJ3AkwyC
Kj2sUJlP1kJjhVpW25Ki9AmIr5QjqWOhcFC8ZD1ZrxCk3QW0Xet2iXfisUseDDei
zT0vWKsw/XPBdz5vVVWKV/xrRIBgylAHR9c8pSPZ6r8iIga7CGtmt70=
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:20:24 2025 by rpki-client