Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3131352e302f32342d3234203d3e20313337343039.roa
File: 3231372e3231372e3131352e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier: mEe3ps2OEJ8fT4aNwRDPvqaOXzQXPkH5JteGTW7Qhko=
Subject key identifier: D6:B9:A0:C4:C3:90:DC:59:5F:59:FD:59:80:1E:70:FF:58:5D:46:23
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6D877ECD62655700E2E6523E2F5BD0A1E81BBE13
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3131352e302f32342d3234203d3e20313337343039.roa
Signing time: Fri 11 Jul 2025 19:29:16 +0000
ROA not before: Fri 11 Jul 2025 19:24:16 +0000
ROA not after: Fri 10 Jul 2026 19:29:16 +0000
asID: 137409
IP address blocks: 217.217.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 07:09:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:87:7e:cd:62:65:57:00:e2:e6:52:3e:2f:5b:d0:a1:e8:1b:be:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 11 19:24:16 2025 GMT
Not After : Jul 10 19:29:16 2026 GMT
Subject: CN=D6B9A0C4C390DC595F59FD59801E70FF585D4623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:dc:65:71:8c:c3:93:dc:fb:be:84:ac:c2:da:
2d:f0:8c:7a:77:82:73:1d:cc:89:2c:b9:1a:12:dd:
3d:5d:31:8f:c3:f3:19:c7:e7:8f:fc:bc:95:aa:cc:
f5:ca:a5:10:8b:61:75:98:a2:f1:64:02:94:00:a3:
b9:4a:79:ba:9e:0d:b6:d9:17:18:f4:8d:80:aa:e9:
f4:a8:f0:78:61:55:f5:c5:75:23:26:41:2a:5c:a3:
e8:fa:f5:e1:b7:51:06:80:81:cd:06:c9:3c:78:48:
2c:a9:f0:4f:62:87:a7:7f:10:f2:3f:38:4f:0b:67:
22:91:73:1b:77:ce:28:3c:30:78:0e:50:6c:ac:31:
ee:7c:33:67:40:d5:ff:96:13:ef:f9:cd:6a:11:9c:
25:e1:bc:2b:42:ba:72:cb:b7:1f:f9:d5:6e:c1:84:
61:8a:3b:22:3c:69:63:7a:e6:e5:f1:97:28:fa:45:
8c:a0:97:c8:62:7a:57:59:de:d8:ba:cc:b2:45:49:
93:02:53:8f:53:c2:1e:3b:49:db:11:57:7d:66:a9:
e0:da:5d:7a:64:ec:7e:b1:b5:af:36:58:f5:a6:e2:
5d:f8:f2:1f:d9:34:ac:2b:e8:58:fa:b6:dc:c1:16:
87:91:ed:cd:00:02:cc:e0:54:47:e4:09:f5:41:ba:
59:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B9:A0:C4:C3:90:DC:59:5F:59:FD:59:80:1E:70:FF:58:5D:46:23
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3131352e302f32342d3234203d3e20313337343039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.115.0/24
Signature Algorithm: sha256WithRSAEncryption
03:ec:01:b6:16:5c:58:4d:af:83:be:87:12:e6:0c:2f:64:f9:
78:b9:02:ce:80:60:d2:31:08:22:03:1c:6e:4f:59:c7:a1:38:
f4:4b:aa:d0:39:f5:8f:19:d9:29:0c:28:71:5f:ef:fc:23:e1:
4c:4a:95:d8:ec:c7:c8:7d:84:53:18:2c:b2:39:0d:9b:b2:f3:
22:6c:69:c9:e3:d4:fc:2a:d0:ce:5c:d7:c8:58:18:cf:15:01:
e7:1e:b5:a9:43:55:85:c4:9d:5a:f3:2d:9c:ca:c3:f5:98:40:
64:b9:a4:ee:16:78:f3:08:36:b2:92:47:6a:3d:cb:dd:0a:f0:
98:2b:46:cb:06:e9:01:23:5c:af:25:f3:77:77:92:99:77:39:
48:76:92:71:5a:fd:aa:af:a1:98:a4:53:f6:1d:12:a9:1e:40:
7f:9c:03:65:5d:b4:68:8b:54:82:ba:f0:1b:5e:ca:4c:37:5e:
1b:29:21:b3:ac:36:73:6f:b3:97:f3:60:5b:1a:28:40:c6:2e:
45:67:c2:50:39:7c:ef:3b:2d:5d:f6:63:cd:c0:ab:5f:d5:1c:
6b:86:c2:10:91:1e:93:bc:f3:e4:9a:09:6a:1c:7f:12:44:b7:
c5:d4:5f:c8:3e:a9:c2:2c:4c:e4:f0:d8:9d:f2:2c:71:00:a7:
82:ef:70:6e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUbYd+zWJlVwDi5lI+L1vQoegbvhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MTExOTI0MTZaFw0yNjA3MTAxOTI5MTZaMDMxMTAvBgNV
BAMTKEQ2QjlBMEM0QzM5MERDNTk1RjU5RkQ1OTgwMUU3MEZGNTg1RDQ2MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP3GVxjMOT3Pu+hKzC2i3wjHp3
gnMdzIksuRoS3T1dMY/D8xnH54/8vJWqzPXKpRCLYXWYovFkApQAo7lKebqeDbbZ
Fxj0jYCq6fSo8HhhVfXFdSMmQSpco+j69eG3UQaAgc0GyTx4SCyp8E9ih6d/EPI/
OE8LZyKRcxt3zig8MHgOUGysMe58M2dA1f+WE+/5zWoRnCXhvCtCunLLtx/51W7B
hGGKOyI8aWN65uXxlyj6RYygl8hieldZ3ti6zLJFSZMCU49Twh47SdsRV31mqeDa
XXpk7H6xta82WPWm4l348h/ZNKwr6Fj6ttzBFoeR7c0AAszgVEfkCfVBulkxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU1rmgxMOQ3FlfWf1ZgB5w/1hdRiMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNzM0MzAzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZczANBgkqhkiG9w0BAQsFAAOCAQEAA+wBthZcWE2vg76HEuYML2T5eLkC
zoBg0jEIIgMcbk9Zx6E49Euq0Dn1jxnZKQwocV/v/CPhTEqV2OzHyH2EUxgssjkN
m7LzImxpyePU/CrQzlzXyFgYzxUB5x61qUNVhcSdWvMtnMrD9ZhAZLmk7hZ48wg2
spJHaj3L3QrwmCtGywbpASNcryXzd3eSmXc5SHaScVr9qq+hmKRT9h0SqR5Af5wD
ZV20aItUgrrwG17KTDdeGykhs6w2c2+zl/NgWxooQMYuRWfCUDl87zstXfZjzcCr
X9Uca4bCEJEek7zz5JoJahx/EkS3xdRfyD6pwixM5PDYnfIscQCngu9wbg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:02:46 2025 by rpki-client