Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3235322e302f32322d3332203d3e20313431393935.roa
File: 3231372e3231372e3235322e302f32322d3332203d3e20313431393935.roa (raw, json)
Hash identifier: 1sj84SFNN4vQSQQb6VjFqFNmRwRndZvuCiJH4y2irQ0=
Subject key identifier: 8C:EB:F0:AF:4C:C1:26:B8:65:C3:2B:D7:33:77:7B:41:EB:CF:FF:7D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 069C2866B8526E86291B7FB946DCF997C924DFEF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3235322e302f32322d3332203d3e20313431393935.roa
Signing time: Tue 15 Jul 2025 19:22:56 +0000
ROA not before: Tue 15 Jul 2025 19:17:56 +0000
ROA not after: Tue 14 Jul 2026 19:22:56 +0000
asID: 141995
IP address blocks: 217.217.252.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 20:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:9c:28:66:b8:52:6e:86:29:1b:7f:b9:46:dc:f9:97:c9:24:df:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 15 19:17:56 2025 GMT
Not After : Jul 14 19:22:56 2026 GMT
Subject: CN=8CEBF0AF4CC126B865C32BD733777B41EBCFFF7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f1:a0:5b:3a:a6:05:85:1b:74:02:75:bd:03:
7f:68:2d:f4:3f:7e:24:ef:1c:65:44:0d:e5:c9:91:
62:70:d0:02:ec:29:39:fd:bf:8e:2e:1c:84:da:d8:
8c:9c:10:c3:5c:85:dd:e5:26:55:e7:43:17:cf:a5:
70:c7:52:91:72:2f:8b:d1:18:90:d5:fd:ac:1f:9c:
ec:77:26:9c:c0:43:24:9b:87:29:93:e2:d7:f1:67:
dc:23:8d:8b:48:e7:22:88:15:64:25:fb:7a:20:cb:
a3:d9:c8:60:c4:ab:f7:fa:e8:9d:03:e3:be:f2:a4:
b9:2e:ac:4d:b8:d9:c9:67:50:3f:10:c0:52:f4:fd:
c3:9a:c7:35:a5:cd:eb:ce:68:bc:a9:13:49:93:b3:
d6:c7:8d:cc:e8:41:e8:86:cb:6f:08:6c:84:bc:c5:
b3:12:c9:e2:4b:ba:0d:9f:0f:59:2a:a9:d9:0e:42:
ea:50:1c:1f:64:09:88:f8:65:28:59:74:68:ba:74:
02:5c:ad:23:4e:78:f0:5b:9e:7e:a7:19:b7:16:28:
6d:68:ab:a8:e0:8f:db:8c:d3:14:56:8d:ea:e1:e9:
08:9c:7a:43:4c:3f:47:00:61:48:61:af:bf:f2:87:
64:7c:ef:32:f9:34:07:51:b7:b3:f3:75:02:6c:76:
82:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:EB:F0:AF:4C:C1:26:B8:65:C3:2B:D7:33:77:7B:41:EB:CF:FF:7D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3235322e302f32322d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:65:5d:b5:c0:c9:12:b8:93:78:8c:eb:c2:ff:b1:71:41:9e:
8e:2f:d7:6c:cc:10:fe:f0:97:d0:fc:d5:b7:33:c6:ed:02:62:
53:0b:2a:0a:43:88:d8:08:4e:54:1a:87:64:8c:c4:e0:3f:ac:
35:f2:b9:ee:c9:da:0b:da:b9:f5:ea:16:fa:c3:d1:ae:a9:5c:
64:08:53:d7:bd:3c:2b:d8:d5:12:4b:e5:52:99:f0:10:73:28:
c3:69:ce:21:71:5d:89:e4:03:19:c9:aa:2f:fb:7f:4a:f7:25:
90:28:a6:47:4b:78:2f:fd:10:e4:e5:b4:9f:9b:c8:41:05:57:
84:07:ed:7a:85:b0:4c:0d:61:50:75:76:22:61:ba:07:b5:dd:
d3:dd:39:c0:72:07:bd:d0:c2:cd:31:e9:40:7d:a1:aa:20:16:
5b:b8:67:01:9f:6f:06:29:27:36:13:0e:49:75:7f:56:9a:14:
79:1f:3b:c3:aa:73:58:d4:58:21:fa:c7:e9:d5:a1:e7:5f:9c:
f6:3d:e4:e3:37:25:41:01:f9:9b:52:27:9f:78:2e:ac:41:08:
bd:db:01:ec:24:63:92:d9:b7:75:1d:b0:b3:5a:a6:fa:91:8e:
d0:a9:a9:ee:93:28:aa:06:9b:65:0a:f0:da:22:80:c5:57:ec:
9e:d0:dc:db
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUBpwoZrhSboYpG3+5Rtz5l8kk3+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MTUxOTE3NTZaFw0yNjA3MTQxOTIyNTZaMDMxMTAvBgNV
BAMTKDhDRUJGMEFGNENDMTI2Qjg2NUMzMkJENzMzNzc3QjQxRUJDRkZGN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN8aBbOqYFhRt0AnW9A39oLfQ/
fiTvHGVEDeXJkWJw0ALsKTn9v44uHITa2IycEMNchd3lJlXnQxfPpXDHUpFyL4vR
GJDV/awfnOx3JpzAQySbhymT4tfxZ9wjjYtI5yKIFWQl+3ogy6PZyGDEq/f66J0D
477ypLkurE242clnUD8QwFL0/cOaxzWlzevOaLypE0mTs9bHjczoQeiGy28IbIS8
xbMSyeJLug2fD1kqqdkOQupQHB9kCYj4ZShZdGi6dAJcrSNOePBbnn6nGbcWKG1o
q6jgj9uM0xRWjerh6QicekNMP0cAYUhhr7/yh2R87zL5NAdRt7PzdQJsdoJzAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUjOvwr0zBJrhlwyvXM3d7QevP/30wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzUzMjJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDMxMzQzMTM5MzkzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAtnZ/DANBgkqhkiG9w0BAQsFAAOCAQEAPGVdtcDJEriTeIzrwv+xcUGeji/X
bMwQ/vCX0PzVtzPG7QJiUwsqCkOI2AhOVBqHZIzE4D+sNfK57snaC9q59eoW+sPR
rqlcZAhT1708K9jVEkvlUpnwEHMow2nOIXFdieQDGcmqL/t/SvclkCimR0t4L/0Q
5OW0n5vIQQVXhAfteoWwTA1hUHV2ImG6B7Xd0905wHIHvdDCzTHpQH2hqiAWW7hn
AZ9vBiknNhMOSXV/VpoUeR87w6pzWNRYIfrH6dWh51+c9j3k4zclQQH5m1Inn3gu
rEEIvdsB7CRjktm3dR2ws1qm+pGO0Kmp7pMoqgabZQrw2iKAxVfsntDc2w==
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:20:18 2025 by rpki-client