Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3131322e302f32342d3234203d3e20313337343039.roa
File: 3231372e3231372e3131322e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier: yu75N09sQw/iCM6iOQcem8cXx9ZimlxVWrRvWXo3ASU=
Subject key identifier: 69:80:AF:4C:DD:4D:F9:C4:4E:91:BE:76:66:FB:21:0E:99:D4:80:D8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5813C87BD7AD605A39D80A212EA13848E523B772
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3131322e302f32342d3234203d3e20313337343039.roa
Signing time: Fri 11 Jul 2025 19:28:50 +0000
ROA not before: Fri 11 Jul 2025 19:23:50 +0000
ROA not after: Fri 10 Jul 2026 19:28:50 +0000
asID: 137409
IP address blocks: 217.217.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 20:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:13:c8:7b:d7:ad:60:5a:39:d8:0a:21:2e:a1:38:48:e5:23:b7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 11 19:23:50 2025 GMT
Not After : Jul 10 19:28:50 2026 GMT
Subject: CN=6980AF4CDD4DF9C44E91BE7666FB210E99D480D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:b4:f1:3d:6f:80:4e:02:91:5f:0c:53:5f:
b0:2b:27:0d:76:a7:52:2f:d3:52:fe:ce:bb:9f:7e:
99:34:4f:e7:29:17:b5:b5:58:11:6a:22:8e:8f:3d:
f4:a8:ee:48:d3:42:2b:8e:ce:4a:d6:97:7f:03:ca:
ee:16:4f:68:73:2e:a5:1d:1a:75:71:75:64:ef:8b:
3c:f3:7c:28:2d:29:5e:57:81:f1:0f:42:3a:de:26:
c3:ba:45:ce:45:1f:13:15:bf:62:22:9e:5f:93:e5:
b3:2e:c9:8a:f4:44:e9:89:41:9f:da:14:3b:76:57:
19:2a:c8:e1:39:55:40:ea:ba:19:50:0b:a6:26:4c:
c0:65:a8:69:eb:d3:c6:8d:44:58:cb:06:45:6c:8b:
a6:78:99:e3:d0:de:db:ff:19:a1:86:f8:70:54:6c:
be:85:eb:fe:18:59:cf:13:87:00:54:64:2c:87:6f:
95:63:c1:8a:85:46:6b:af:37:e2:f8:1d:70:4e:f6:
74:3d:63:64:55:c6:3d:be:11:f6:d4:4d:fb:fb:f4:
11:6a:15:a8:e2:d1:dc:3c:34:15:d4:e7:ff:af:cc:
2e:e2:7e:0c:c5:74:ee:26:e5:11:37:cf:16:3f:c1:
86:53:38:a2:d1:6c:89:18:dc:b9:c3:55:53:40:bb:
c4:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:80:AF:4C:DD:4D:F9:C4:4E:91:BE:76:66:FB:21:0E:99:D4:80:D8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3131322e302f32342d3234203d3e20313337343039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.112.0/24
Signature Algorithm: sha256WithRSAEncryption
05:31:9e:fe:f8:b2:13:9a:8e:c6:5d:91:70:2c:f4:7f:f6:14:
5d:ec:c9:bd:f9:e3:9f:09:29:07:86:76:9d:34:18:41:5a:87:
45:94:60:80:44:01:50:f1:72:5f:ee:99:f1:7c:df:a8:85:c3:
b6:49:d1:c4:98:47:d5:36:9c:d4:df:96:d6:f4:af:5b:51:77:
b5:54:c9:92:8b:8d:19:40:1a:d5:06:b7:8e:19:03:7f:08:19:
bd:2e:6d:26:4a:89:1a:46:bc:e8:a9:7b:ff:77:13:dd:b6:06:
9a:ed:37:c6:b4:bd:8d:c0:ef:75:34:7b:d3:67:f7:dc:93:75:
51:8b:1a:73:63:c3:c9:d5:d0:41:ec:71:1d:35:7d:50:ae:19:
3c:e2:f8:4f:6a:ae:e9:a5:4a:4c:de:36:58:e7:0f:83:55:af:
1c:36:73:20:2c:d6:b8:16:75:43:e8:75:62:6e:77:63:a0:73:
32:86:e0:9d:b6:85:2d:9d:36:13:38:73:79:b0:17:8b:39:d6:
ac:26:3c:9a:f1:c2:da:3e:ed:db:b4:17:d1:a3:1d:46:0a:cb:
e5:82:17:a8:8b:5f:f8:4e:83:26:cc:dc:69:05:22:b5:7f:90:
ea:d3:45:4b:89:eb:30:23:4e:4f:35:7a:de:77:70:36:e6:4d:
84:d3:e8:28
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUWBPIe9etYFo52AohLqE4SOUjt3IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MTExOTIzNTBaFw0yNjA3MTAxOTI4NTBaMDMxMTAvBgNV
BAMTKDY5ODBBRjRDREQ0REY5QzQ0RTkxQkU3NjY2RkIyMTBFOTlENDgwRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2Y7TxPW+ATgKRXwxTX7ArJw12
p1Iv01L+zruffpk0T+cpF7W1WBFqIo6PPfSo7kjTQiuOzkrWl38Dyu4WT2hzLqUd
GnVxdWTvizzzfCgtKV5XgfEPQjreJsO6Rc5FHxMVv2Iinl+T5bMuyYr0ROmJQZ/a
FDt2VxkqyOE5VUDquhlQC6YmTMBlqGnr08aNRFjLBkVsi6Z4mePQ3tv/GaGG+HBU
bL6F6/4YWc8ThwBUZCyHb5VjwYqFRmuvN+L4HXBO9nQ9Y2RVxj2+EfbUTfv79BFq
Faji0dw8NBXU5/+vzC7ifgzFdO4m5RE3zxY/wYZTOKLRbIkY3LnDVVNAu8RDAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUaYCvTN1N+cROkb52ZvshDpnUgNgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNzM0MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZcDANBgkqhkiG9w0BAQsFAAOCAQEABTGe/viyE5qOxl2RcCz0f/YUXezJ
vfnjnwkpB4Z2nTQYQVqHRZRggEQBUPFyX+6Z8XzfqIXDtknRxJhH1Tac1N+W1vSv
W1F3tVTJkouNGUAa1Qa3jhkDfwgZvS5tJkqJGka86Kl7/3cT3bYGmu03xrS9jcDv
dTR702f33JN1UYsac2PDydXQQexxHTV9UK4ZPOL4T2qu6aVKTN42WOcPg1WvHDZz
ICzWuBZ1Q+h1Ym53Y6BzMobgnbaFLZ02EzhzebAXiznWrCY8mvHC2j7t27QX0aMd
RgrL5YIXqItf+E6DJszcaQUitX+Q6tNFS4nrMCNOTzV63ndwNuZNhNPoKA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:07:39 2025 by rpki-client