Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234302e302f32342d3234203d3e20313336373837.roa
File: 3231372e3231372e3234302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: N0X0/JQU4bBnFHDthsRpwEcKHHXA6gVkdl7xYIrJQqY=
Subject key identifier: 16:92:BF:7D:74:4A:B1:33:6D:31:C6:C6:F4:2F:88:19:B2:50:52:F9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6F0FD99AA46BF2EE18FA55178AC469A3F8693BDF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234302e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 16 Jul 2025 17:40:49 +0000
ROA not before: Wed 16 Jul 2025 17:35:49 +0000
ROA not after: Wed 15 Jul 2026 17:40:49 +0000
asID: 136787
IP address blocks: 217.217.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 07:09:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:0f:d9:9a:a4:6b:f2:ee:18:fa:55:17:8a:c4:69:a3:f8:69:3b:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 16 17:35:49 2025 GMT
Not After : Jul 15 17:40:49 2026 GMT
Subject: CN=1692BF7D744AB1336D31C6C6F42F8819B25052F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:72:ab:04:a7:69:6a:e1:1b:5b:b8:31:44:6e:
b1:0b:2f:97:c8:3a:a6:4a:f2:97:a4:71:47:11:7e:
28:d5:57:ba:93:17:11:ff:ec:49:d3:ec:5f:ea:28:
7c:78:6e:e2:b6:e7:b1:66:5e:59:7d:0b:41:04:09:
46:93:ad:bf:f0:d4:10:75:7b:49:01:a5:7a:9f:54:
fe:51:7a:40:9c:6e:b1:c9:af:0a:18:16:42:de:d0:
f4:a0:94:f2:33:d7:16:03:d5:75:7c:db:ac:57:6e:
d3:aa:e7:62:93:62:d2:f0:a9:09:85:51:01:86:9a:
c4:4c:e3:5d:ab:f0:57:99:3f:39:66:25:8a:6f:ee:
7b:63:2b:dd:10:76:91:8e:6b:b5:f4:72:d1:2e:83:
89:a2:8f:4b:58:fb:e5:96:56:e7:d8:7b:cf:b3:55:
c4:1f:a7:d2:b2:d5:76:87:f5:74:e1:71:b8:1e:15:
19:ef:78:e0:26:11:71:86:66:6f:eb:8f:51:39:4c:
8e:a8:81:58:7d:12:4e:50:3a:db:00:a8:31:bb:95:
02:d7:3e:97:69:d6:7c:a2:25:8d:1d:df:2b:b4:92:
af:f3:02:49:86:7f:60:70:87:b5:b6:34:62:1b:05:
18:6a:c3:37:46:1f:32:5b:89:bb:85:00:4d:94:3f:
8a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:92:BF:7D:74:4A:B1:33:6D:31:C6:C6:F4:2F:88:19:B2:50:52:F9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.240.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:99:36:79:d4:59:de:81:c1:9c:b5:01:56:ed:26:51:ee:09:
1c:2a:fc:bb:54:08:2b:d6:b2:0c:a8:15:da:50:dc:59:06:f6:
50:82:d0:5e:c2:cd:d8:8a:17:26:94:b8:6c:e4:54:60:68:8c:
b2:35:6b:ea:99:3b:be:4f:01:a0:bb:47:a8:10:c6:a0:57:04:
7d:26:05:f4:49:1e:71:e6:9e:04:be:15:04:7b:57:6d:c4:db:
a9:70:94:80:d0:f3:b7:71:2a:4e:48:be:13:5f:45:b8:87:84:
9a:cb:a3:bb:ac:4b:22:f4:63:5e:1c:de:d9:d3:c2:cc:15:96:
15:7d:fc:fb:a7:9e:d0:ef:7d:e3:ef:30:87:b8:4c:34:f6:d8:
60:21:bd:b2:ef:b9:cc:01:17:1d:83:00:29:d9:99:8d:29:44:
c7:69:93:24:da:44:4d:8a:36:e7:28:ae:49:27:10:71:97:6f:
32:05:e9:e6:12:9b:f4:df:c0:2c:58:ec:0a:f4:41:f4:61:19:
2e:f5:ea:38:6e:63:28:50:81:eb:af:df:fa:55:49:dc:b8:32:
30:6b:b1:83:16:39:b6:3a:ea:a5:4f:0e:5c:3e:b2:fd:a3:da:
e1:a1:7c:65:3c:f3:c8:02:c0:bd:ae:23:fa:36:dd:48:46:90:
6b:9e:b3:43
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUbw/ZmqRr8u4Y+lUXisRpo/hpO98wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MTYxNzM1NDlaFw0yNjA3MTUxNzQwNDlaMDMxMTAvBgNV
BAMTKDE2OTJCRjdENzQ0QUIxMzM2RDMxQzZDNkY0MkY4ODE5QjI1MDUyRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0cqsEp2lq4RtbuDFEbrELL5fI
OqZK8pekcUcRfijVV7qTFxH/7EnT7F/qKHx4buK257FmXll9C0EECUaTrb/w1BB1
e0kBpXqfVP5RekCcbrHJrwoYFkLe0PSglPIz1xYD1XV826xXbtOq52KTYtLwqQmF
UQGGmsRM412r8FeZPzlmJYpv7ntjK90QdpGOa7X0ctEug4mij0tY++WWVufYe8+z
VcQfp9Ky1XaH9XThcbgeFRnveOAmEXGGZm/rj1E5TI6ogVh9Ek5QOtsAqDG7lQLX
Ppdp1nyiJY0d3yu0kq/zAkmGf2Bwh7W2NGIbBRhqwzdGHzJbibuFAE2UP4pZAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUFpK/fXRKsTNtMcbG9C+IGbJQUvkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZ8DANBgkqhkiG9w0BAQsFAAOCAQEAbJk2edRZ3oHBnLUBVu0mUe4JHCr8
u1QIK9ayDKgV2lDcWQb2UILQXsLN2IoXJpS4bORUYGiMsjVr6pk7vk8BoLtHqBDG
oFcEfSYF9EkeceaeBL4VBHtXbcTbqXCUgNDzt3EqTki+E19FuIeEmsuju6xLIvRj
Xhze2dPCzBWWFX38+6ee0O994+8wh7hMNPbYYCG9su+5zAEXHYMAKdmZjSlEx2mT
JNpETYo25yiuSScQcZdvMgXp5hKb9N/ALFjsCvRB9GEZLvXqOG5jKFCB66/f+lVJ
3LgyMGuxgxY5tjrqpU8OXD6y/aPa4aF8ZTzzyALAva4j+jbdSEaQa56zQw==
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:15:55 2025 by rpki-client