Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234312e302f32342d3234203d3e20323134313535.roa
File: 3231372e3231372e3234312e302f32342d3234203d3e20323134313535.roa (raw, json)
Hash identifier: gdjM44g01nTEGf96zcd6sIdbsdsqsfCT72GknYOnnuY=
Subject key identifier: 80:94:35:29:4C:71:6E:FF:BD:D9:91:CD:A5:70:24:35:C6:0C:B4:B2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 53D1DFE76036B1E5CFE8A3E39CC8D17A1DABF3CD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234312e302f32342d3234203d3e20323134313535.roa
Signing time: Tue 22 Jul 2025 10:52:38 +0000
ROA not before: Tue 22 Jul 2025 10:47:38 +0000
ROA not after: Tue 21 Jul 2026 10:52:38 +0000
asID: 214155
IP address blocks: 217.217.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:d1:df:e7:60:36:b1:e5:cf:e8:a3:e3:9c:c8:d1:7a:1d:ab:f3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 22 10:47:38 2025 GMT
Not After : Jul 21 10:52:38 2026 GMT
Subject: CN=809435294C716EFFBDD991CDA5702435C60CB4B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:18:ac:eb:67:c6:be:a3:82:f1:bf:fb:91:9a:
e1:da:92:55:3a:c1:f8:b7:d8:3f:55:6f:25:6f:87:
d7:ab:f8:19:2f:23:7c:49:8d:0b:ef:d5:e0:4e:d0:
5f:70:e8:c6:e4:57:ed:30:08:8d:1b:ca:7e:c6:ae:
43:f9:de:f8:f5:2a:22:01:75:0c:8d:03:1c:8f:d3:
62:9d:95:3f:22:56:2a:57:dc:07:5c:b4:87:e3:45:
69:a5:89:f2:fd:0f:50:87:58:a6:97:d3:3a:c2:e6:
46:04:46:c6:b2:e4:cb:23:cb:14:92:5e:30:ab:cc:
d2:e8:ed:d3:87:cf:a3:42:c9:21:16:45:e4:49:2c:
92:d6:be:6c:0a:9d:f1:60:93:8a:0a:3b:1f:13:d2:
58:ee:b6:6d:03:b4:2e:44:7c:16:54:d7:c5:3b:b6:
77:95:ed:da:bb:94:39:4f:e0:7d:c0:8a:c8:2b:91:
dc:3c:db:d1:95:6a:f2:47:ed:75:e7:71:a5:4b:31:
da:9d:8f:17:63:fb:ca:03:17:57:67:05:48:f6:5a:
b1:23:80:af:7d:c0:06:c0:1f:dc:ac:d4:0d:50:0b:
09:d3:92:38:de:26:eb:7d:44:54:4c:fa:a3:7c:e1:
ad:a4:0d:0f:9e:79:af:d9:79:aa:55:1e:1f:f2:52:
48:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:94:35:29:4C:71:6E:FF:BD:D9:91:CD:A5:70:24:35:C6:0C:B4:B2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234312e302f32342d3234203d3e20323134313535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.241.0/24
Signature Algorithm: sha256WithRSAEncryption
83:cb:9d:6b:ef:9d:33:70:8c:ce:4c:b5:70:f2:a0:53:e0:a8:
5b:64:97:be:31:1b:e2:59:a8:a6:f8:79:00:12:5e:f9:19:24:
8c:f9:c8:13:2b:f7:6f:8c:c6:8e:0d:92:37:ae:02:e9:bd:5f:
c6:7b:56:16:5c:ab:a2:3a:26:e8:37:0a:c8:90:a7:7f:8a:02:
7e:9e:b8:75:ce:f7:6a:27:4d:03:e5:43:fc:2b:a3:77:10:87:
c4:6d:e2:54:ad:78:22:87:a7:63:d9:5a:1f:e4:51:c3:72:76:
51:0e:37:80:d6:79:4d:d3:12:d3:10:9d:f6:05:3a:18:20:e4:
1b:0f:95:23:30:44:31:6b:95:31:d6:4d:a7:3f:c2:5d:da:b6:
45:44:ad:25:a3:88:73:4f:e6:bb:6d:89:e7:37:04:79:5a:b7:
b2:b2:4f:b6:50:ba:79:4a:b7:08:c6:b0:e0:72:f1:61:53:02:
e1:bb:dd:95:d4:84:e5:3d:c6:6a:6b:03:6d:0a:a0:0e:5b:2b:
1a:91:99:8a:47:dc:4d:a5:f2:76:4a:8f:7d:b5:94:95:43:37:
89:5d:81:d1:e0:c7:09:65:31:e4:cf:0a:70:b0:f6:74:1f:77:
d6:2f:f8:85:99:a2:d3:f5:67:9c:93:32:bd:f5:d3:9d:f4:3e:
90:3e:63:51
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUU9Hf52A2seXP6KPjnMjReh2r880wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjIxMDQ3MzhaFw0yNjA3MjExMDUyMzhaMDMxMTAvBgNV
BAMTKDgwOTQzNTI5NEM3MTZFRkZCREQ5OTFDREE1NzAyNDM1QzYwQ0I0QjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfGKzrZ8a+o4Lxv/uRmuHaklU6
wfi32D9VbyVvh9er+BkvI3xJjQvv1eBO0F9w6MbkV+0wCI0byn7GrkP53vj1KiIB
dQyNAxyP02KdlT8iVipX3AdctIfjRWmlifL9D1CHWKaX0zrC5kYERsay5MsjyxSS
XjCrzNLo7dOHz6NCySEWReRJLJLWvmwKnfFgk4oKOx8T0ljutm0DtC5EfBZU18U7
tneV7dq7lDlP4H3Aisgrkdw829GVavJH7XXncaVLMdqdjxdj+8oDF1dnBUj2WrEj
gK99wAbAH9ys1A1QCwnTkjjeJut9RFRM+qN84a2kDQ+eea/ZeapVHh/yUkgXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUgJQ1KUxxbv+92ZHNpXAkNcYMtLIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDMxMzUzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZ8TANBgkqhkiG9w0BAQsFAAOCAQEAg8uda++dM3CMzky1cPKgU+CoW2SX
vjEb4lmopvh5ABJe+RkkjPnIEyv3b4zGjg2SN64C6b1fxntWFlyrojom6DcKyJCn
f4oCfp64dc73aidNA+VD/CujdxCHxG3iVK14IoenY9laH+RRw3J2UQ43gNZ5TdMS
0xCd9gU6GCDkGw+VIzBEMWuVMdZNpz/CXdq2RUStJaOIc0/mu22J5zcEeVq3srJP
tlC6eUq3CMaw4HLxYVMC4bvdldSE5T3GamsDbQqgDlsrGpGZikfcTaXydkqPfbWU
lUM3iV2B0eDHCWUx5M8KcLD2dB931i/4hZmi0/VnnJMyvfXTnfQ+kD5jUQ==
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:20:29 2025 by rpki-client