Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32342e302f32342d3234203d3e20323030363336.roa
File: 3231372e3231372e32342e302f32342d3234203d3e20323030363336.roa (raw, json)
Hash identifier: lVTQxnSyog6K2ISrEpYTOFIOg5vB4Wd9DM4pi5KdarE=
Subject key identifier: C8:71:E6:89:57:76:84:09:44:57:CD:E4:7C:69:13:5E:96:0A:0F:4D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A777E295C7E4302270FC255AE7B867D6F7C7F7A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32342e302f32342d3234203d3e20323030363336.roa
Signing time: Wed 23 Jul 2025 08:54:37 +0000
ROA not before: Wed 23 Jul 2025 08:49:37 +0000
ROA not after: Wed 22 Jul 2026 08:54:37 +0000
asID: 200636
IP address blocks: 217.217.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:77:7e:29:5c:7e:43:02:27:0f:c2:55:ae:7b:86:7d:6f:7c:7f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 23 08:49:37 2025 GMT
Not After : Jul 22 08:54:37 2026 GMT
Subject: CN=C871E689577684094457CDE47C69135E960A0F4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3f:44:fd:99:36:ab:11:0b:55:fd:e4:63:fa:
98:10:25:29:d7:6d:d5:db:ed:3c:15:83:17:7a:51:
8d:33:4a:01:8f:37:4f:82:42:2d:4c:93:bc:59:ba:
44:5f:16:68:70:3e:d1:9d:ba:29:03:cc:1d:a9:fe:
75:23:26:d7:a3:d9:55:48:31:1e:ec:09:cd:2b:cb:
ee:9f:32:43:6e:1d:87:3b:56:49:10:01:00:38:52:
2f:94:6f:f0:98:8b:ff:4f:45:1b:44:9b:f2:64:b3:
58:c4:0d:d0:92:15:9a:7c:15:27:c8:17:75:80:67:
9d:9b:47:ef:9d:22:fa:a7:48:02:87:ae:e1:4a:e5:
38:e8:a6:0e:01:cf:0d:60:98:77:7e:9c:52:ff:c0:
1d:20:9f:30:2f:18:19:50:7e:24:31:c1:64:23:53:
39:4f:b0:b0:fa:f9:fa:d3:e8:a1:8a:0d:29:b4:2a:
25:34:7d:0d:79:cb:f2:8a:97:d7:7e:b2:2f:2f:9d:
3b:00:8b:80:e7:95:92:82:9a:f5:3b:b1:ab:76:39:
71:d5:44:85:39:65:f0:a0:06:f9:66:85:67:49:fa:
07:53:97:fb:69:74:84:59:62:eb:61:a5:40:b7:4b:
55:84:40:3d:2e:d6:a9:9e:02:67:43:5a:b0:11:7b:
01:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:71:E6:89:57:76:84:09:44:57:CD:E4:7C:69:13:5E:96:0A:0F:4D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32342e302f32342d3234203d3e20323030363336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.24.0/24
Signature Algorithm: sha256WithRSAEncryption
71:a4:01:9a:51:58:cb:a2:c4:74:d5:09:0a:cc:8b:49:4a:d2:
34:dc:ce:c7:e5:94:aa:c7:d6:48:06:9d:7e:bd:04:de:26:bf:
3c:c2:b1:cf:97:2c:5b:59:71:34:d0:9f:63:16:1c:fb:af:47:
b4:97:d5:88:ca:33:b9:f7:2e:ef:19:7d:cd:c6:13:c6:2e:77:
19:b7:6a:81:4d:15:f7:7c:bd:11:d4:10:c9:00:7d:31:4f:e1:
7f:93:8a:8d:f1:7b:4c:ce:5c:c1:25:54:c3:3d:58:7d:f0:6e:
a2:b0:74:cf:2d:7d:f7:f8:4c:17:bb:be:fd:c1:17:af:e7:3b:
45:e0:2b:dc:77:fa:af:d0:fd:60:2b:8f:19:fa:0c:1a:0b:b6:
f5:a9:23:22:2c:97:44:b4:ec:0c:38:9b:4c:e7:1a:84:33:8f:
49:97:5a:cf:54:06:c2:3c:2e:c9:3d:97:d1:39:ae:bb:f1:f9:
c7:f2:7f:e7:77:3e:cc:54:64:22:10:08:ba:5a:df:fc:c6:63:
d4:fb:86:fb:f4:98:d4:7f:3a:83:c9:89:d3:9f:fb:f4:f4:37:
d8:cd:de:6a:2f:48:0c:eb:93:d3:b3:7f:ea:fd:19:57:30:13:
19:3d:d6:e4:4d:cc:b9:09:ff:f2:b8:8d:4d:b7:13:64:0f:4f:
70:a5:2e:bc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWnd+KVx+QwInD8JVrnuGfW98f3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjMwODQ5MzdaFw0yNjA3MjIwODU0MzdaMDMxMTAvBgNV
BAMTKEM4NzFFNjg5NTc3Njg0MDk0NDU3Q0RFNDdDNjkxMzVFOTYwQTBGNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGP0T9mTarEQtV/eRj+pgQJSnX
bdXb7TwVgxd6UY0zSgGPN0+CQi1Mk7xZukRfFmhwPtGduikDzB2p/nUjJtej2VVI
MR7sCc0ry+6fMkNuHYc7VkkQAQA4Ui+Ub/CYi/9PRRtEm/Jks1jEDdCSFZp8FSfI
F3WAZ52bR++dIvqnSAKHruFK5Tjopg4Bzw1gmHd+nFL/wB0gnzAvGBlQfiQxwWQj
UzlPsLD6+frT6KGKDSm0KiU0fQ15y/KKl9d+si8vnTsAi4DnlZKCmvU7sat2OXHV
RIU5ZfCgBvlmhWdJ+gdTl/tpdIRZYuthpUC3S1WEQD0u1qmeAmdDWrARewGpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyHHmiVd2hAlEV83kfGkTXpYKD00wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzNjMzMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2RgwDQYJKoZIhvcNAQELBQADggEBAHGkAZpRWMuixHTVCQrMi0lK0jTczsfl
lKrH1kgGnX69BN4mvzzCsc+XLFtZcTTQn2MWHPuvR7SX1YjKM7n3Lu8Zfc3GE8Yu
dxm3aoFNFfd8vRHUEMkAfTFP4X+Tio3xe0zOXMElVMM9WH3wbqKwdM8tfff4TBe7
vv3BF6/nO0XgK9x3+q/Q/WArjxn6DBoLtvWpIyIsl0S07Aw4m0znGoQzj0mXWs9U
BsI8Lsk9l9E5rrvx+cfyf+d3PsxUZCIQCLpa3/zGY9T7hvv0mNR/OoPJidOf+/T0
N9jN3movSAzrk9Ozf+r9GVcwExk91uRNzLkJ//K4jU23E2QPT3ClLrw=
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:23:48 2025 by rpki-client