Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32352e302f32342d3234203d3e20323030363336.roa
File: 3231372e3231372e32352e302f32342d3234203d3e20323030363336.roa (raw, json)
Hash identifier: pi2/5Sbi/qNLo0NTSG7sTmnuvudlmtkAfAHjJR/4k/k=
Subject key identifier: 2A:8F:27:EA:3D:41:D5:61:D1:3B:EE:87:DE:F7:7A:EF:89:F2:D4:B4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4002F940750C1D1A4B74C302BDF4E9D044E2F1AC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32352e302f32342d3234203d3e20323030363336.roa
Signing time: Wed 23 Jul 2025 08:54:49 +0000
ROA not before: Wed 23 Jul 2025 08:49:49 +0000
ROA not after: Wed 22 Jul 2026 08:54:49 +0000
asID: 200636
IP address blocks: 217.217.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:02:f9:40:75:0c:1d:1a:4b:74:c3:02:bd:f4:e9:d0:44:e2:f1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 23 08:49:49 2025 GMT
Not After : Jul 22 08:54:49 2026 GMT
Subject: CN=2A8F27EA3D41D561D13BEE87DEF77AEF89F2D4B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bb:41:93:e7:6a:96:14:a8:92:aa:fa:cf:f6:
57:7d:ec:72:f2:63:26:e0:7b:2e:12:b5:ea:89:3c:
3f:c2:ca:61:1e:2e:d2:0c:59:b3:fb:6f:4c:0c:3b:
89:a9:d4:2a:d3:01:0d:91:4d:f1:bd:f8:ae:c5:8a:
ce:56:e1:72:b8:72:db:9b:15:b3:ac:77:bc:5d:e5:
80:cb:fe:51:de:89:17:74:83:99:94:24:3f:ed:22:
dc:ec:5c:7d:ac:7d:ec:78:f3:c0:57:fe:41:e6:98:
9f:2c:b4:b2:18:59:f2:28:dd:c6:76:9e:80:82:a3:
77:d5:31:60:8f:ad:ba:aa:a4:31:35:e0:93:b8:32:
c2:e6:20:ee:65:3f:bf:dc:58:1a:60:ec:5d:c3:b5:
61:05:cd:2e:04:8b:73:59:cf:4e:7e:a0:8f:4f:11:
cd:7d:e8:88:13:c4:87:25:d3:df:c1:a5:30:23:11:
48:67:d8:18:08:67:04:d1:8e:aa:14:0e:da:0d:58:
de:4e:9d:1a:e4:dc:df:78:94:79:4a:72:99:d3:98:
8d:e5:82:2b:31:c2:f8:d3:52:85:f0:39:f8:0a:46:
38:25:e2:7b:3f:76:6a:ac:70:63:ae:0e:72:61:be:
86:19:f7:6b:44:94:e0:26:fc:80:df:42:b2:2a:b3:
d9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8F:27:EA:3D:41:D5:61:D1:3B:EE:87:DE:F7:7A:EF:89:F2:D4:B4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32352e302f32342d3234203d3e20323030363336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.25.0/24
Signature Algorithm: sha256WithRSAEncryption
72:e2:01:09:e1:f4:68:a7:8b:80:e3:2e:aa:a4:b4:01:8c:2c:
4e:5d:ef:a6:12:3a:cd:ab:81:8d:cc:7e:95:6b:2b:88:66:a3:
0b:0a:fc:ab:9a:b9:74:83:46:5a:32:40:08:e5:5d:c6:f5:b7:
f0:50:72:98:3f:e5:9a:7f:57:ab:63:94:39:c8:24:75:1e:e5:
46:93:02:06:8e:3c:ca:33:92:57:fc:73:1b:e3:11:0a:dd:07:
f7:b2:55:dc:a2:c7:01:52:1f:b4:a7:96:d7:87:67:c8:0a:cd:
9a:43:84:67:8d:31:27:d8:b4:ee:c6:f2:2e:1e:1b:1e:6d:5a:
55:59:ae:e9:7d:1c:a1:4c:65:95:4f:cd:5d:ba:5d:5b:07:9d:
c6:67:0a:90:29:25:c9:b3:3f:df:d6:d5:e9:1f:dc:a9:4c:e1:
05:8a:4d:45:b7:35:98:d1:95:55:09:2c:34:e6:ab:39:d7:52:
2a:17:45:46:f8:68:ed:24:9b:fd:aa:a9:fd:8d:ec:62:73:70:
00:7a:83:8e:ee:c9:6d:99:f6:e2:75:81:60:fe:bc:dd:95:97:
26:3f:f6:f8:22:2a:42:b5:3f:72:18:21:57:d4:47:a7:40:19:
4a:27:c7:63:c1:99:87:28:9e:79:8b:7a:24:15:be:1c:28:cf:
fd:8c:d2:8e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQAL5QHUMHRpLdMMCvfTp0ETi8awwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjMwODQ5NDlaFw0yNjA3MjIwODU0NDlaMDMxMTAvBgNV
BAMTKDJBOEYyN0VBM0Q0MUQ1NjFEMTNCRUU4N0RFRjc3QUVGODlGMkQ0QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyu0GT52qWFKiSqvrP9ld97HLy
Yybgey4SteqJPD/CymEeLtIMWbP7b0wMO4mp1CrTAQ2RTfG9+K7Fis5W4XK4ctub
FbOsd7xd5YDL/lHeiRd0g5mUJD/tItzsXH2sfex488BX/kHmmJ8stLIYWfIo3cZ2
noCCo3fVMWCPrbqqpDE14JO4MsLmIO5lP7/cWBpg7F3DtWEFzS4Ei3NZz05+oI9P
Ec196IgTxIcl09/BpTAjEUhn2BgIZwTRjqoUDtoNWN5OnRrk3N94lHlKcpnTmI3l
gisxwvjTUoXwOfgKRjgl4ns/dmqscGOuDnJhvoYZ92tElOAm/IDfQrIqs9kpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKo8n6j1B1WHRO+6H3vd674ny1LQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzNjMzMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2RkwDQYJKoZIhvcNAQELBQADggEBAHLiAQnh9Gini4DjLqqktAGMLE5d76YS
Os2rgY3MfpVrK4hmowsK/KuauXSDRloyQAjlXcb1t/BQcpg/5Zp/V6tjlDnIJHUe
5UaTAgaOPMozklf8cxvjEQrdB/eyVdyixwFSH7SnlteHZ8gKzZpDhGeNMSfYtO7G
8i4eGx5tWlVZrul9HKFMZZVPzV26XVsHncZnCpApJcmzP9/W1ekf3KlM4QWKTUW3
NZjRlVUJLDTmqznXUioXRUb4aO0km/2qqf2N7GJzcAB6g47uyW2Z9uJ1gWD+vN2V
lyY/9vgiKkK1P3IYIVfUR6dAGUonx2PBmYconnmLeiQVvhwoz/2M0o4=
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:23:42 2025 by rpki-client