Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32372e302f32342d3234203d3e203537303433.roa
File: 3231372e3231372e32372e302f32342d3234203d3e203537303433.roa (raw, json)
Hash identifier: xPGQW1Sq+NJKTfFP15K/IHY+P4fq2VEydI4MmL/5rZ4=
Subject key identifier: 5E:06:26:A7:E9:8F:73:BF:8F:B7:28:0D:D2:7C:AE:7B:5E:2E:A1:FC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6EC545B2CE4468EF6C4F36B95116A84E234EFE22
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32372e302f32342d3234203d3e203537303433.roa
Signing time: Tue 22 Jul 2025 15:01:21 +0000
ROA not before: Tue 22 Jul 2025 14:56:21 +0000
ROA not after: Tue 21 Jul 2026 15:01:21 +0000
asID: 57043
IP address blocks: 217.217.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:c5:45:b2:ce:44:68:ef:6c:4f:36:b9:51:16:a8:4e:23:4e:fe:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 22 14:56:21 2025 GMT
Not After : Jul 21 15:01:21 2026 GMT
Subject: CN=5E0626A7E98F73BF8FB7280DD27CAE7B5E2EA1FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7e:89:21:0f:ad:cb:37:93:0c:77:b1:85:1f:
59:80:9a:cc:b6:c3:0f:7f:f1:ef:3a:12:6c:e3:95:
77:53:61:52:fb:b4:53:77:ae:6f:3e:bb:89:6a:d1:
dd:49:9a:ea:2d:35:c8:2b:2a:38:b8:80:f4:2f:90:
7f:aa:6d:fe:47:8f:12:19:ab:ee:ca:cd:46:be:0e:
b2:a0:35:99:a5:d1:99:62:52:0d:12:12:3f:cf:cc:
73:ec:88:b7:f4:81:da:23:b5:59:4c:f1:ce:4d:f1:
07:32:97:33:f1:7b:bd:0d:51:a3:af:7f:b8:88:61:
ef:5b:4c:f2:5f:ac:8d:18:a4:e7:60:20:bb:44:a6:
67:4d:8d:e8:5b:94:84:4e:4a:f9:b1:02:54:55:b6:
b5:22:e9:b1:57:66:93:44:e1:6e:85:28:f9:3a:ab:
92:55:12:b6:e2:5d:97:50:7b:ab:79:bd:3c:0e:d9:
5c:ad:dc:e8:27:64:ea:78:9f:e4:63:80:89:8d:3e:
39:90:23:10:1d:99:c8:b2:07:9e:d6:ba:f2:a9:94:
b5:42:c6:3b:85:76:b4:4a:9f:8b:3b:4a:cb:60:36:
68:4d:55:5d:7b:d9:2c:18:69:13:02:c5:cd:64:19:
7e:03:44:f6:f2:90:f4:5e:3d:a7:1f:04:68:e8:07:
7e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:06:26:A7:E9:8F:73:BF:8F:B7:28:0D:D2:7C:AE:7B:5E:2E:A1:FC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32372e302f32342d3234203d3e203537303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.27.0/24
Signature Algorithm: sha256WithRSAEncryption
86:b0:ba:72:fb:8d:db:df:6f:8b:25:aa:f6:9c:b5:a3:db:5c:
32:aa:b7:87:01:c2:8c:44:10:97:fd:35:a6:22:2f:44:c6:37:
60:b5:61:c8:72:78:c2:81:e7:bd:3e:62:ce:1f:a7:fd:23:f8:
5d:55:96:d0:74:94:32:80:f4:06:f2:ca:2f:21:15:15:df:21:
76:ba:b7:33:32:26:c2:e0:53:9a:43:3b:24:e6:e8:2c:d1:63:
ae:0e:62:47:a9:1d:44:94:1c:ac:f4:dc:4a:89:71:d6:b6:b9:
fe:a5:d2:51:5a:3f:a7:52:6d:76:18:f4:da:53:fa:e4:bb:7f:
b7:0a:4a:1d:95:12:e9:d4:a1:6d:16:81:66:5c:10:82:13:cb:
59:bd:36:fc:87:08:00:9f:bb:f3:36:8c:af:b1:0e:da:52:f3:
fb:a9:90:08:9b:73:99:7c:da:f7:a1:90:e0:00:6f:d3:18:d5:
56:9e:97:b5:1f:6c:10:56:b9:06:7d:64:a9:37:d2:9e:e9:f6:
41:a0:11:56:38:9a:77:be:43:84:1d:08:c7:0c:9c:11:5a:65:
5f:b3:51:51:20:50:a5:8b:57:7d:98:1d:b6:79:fc:2f:17:ad:
15:e1:55:b9:fa:d8:9b:86:36:e7:02:ea:4a:a9:83:35:b5:a7:
03:77:fd:a9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbsVFss5EaO9sTza5URaoTiNO/iIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjIxNDU2MjFaFw0yNjA3MjExNTAxMjFaMDMxMTAvBgNV
BAMTKDVFMDYyNkE3RTk4RjczQkY4RkI3MjgwREQyN0NBRTdCNUUyRUExRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNfokhD63LN5MMd7GFH1mAmsy2
ww9/8e86EmzjlXdTYVL7tFN3rm8+u4lq0d1JmuotNcgrKji4gPQvkH+qbf5HjxIZ
q+7KzUa+DrKgNZml0ZliUg0SEj/PzHPsiLf0gdojtVlM8c5N8QcylzPxe70NUaOv
f7iIYe9bTPJfrI0YpOdgILtEpmdNjehblIROSvmxAlRVtrUi6bFXZpNE4W6FKPk6
q5JVErbiXZdQe6t5vTwO2Vyt3OgnZOp4n+RjgImNPjmQIxAdmciyB57WuvKplLVC
xjuFdrRKn4s7SstgNmhNVV172SwYaRMCxc1kGX4DRPbykPRePacfBGjoB34NAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUXgYmp+mPc7+PtygN0nyue14uofwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM3MzAzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dkbMA0GCSqGSIb3DQEBCwUAA4IBAQCGsLpy+43b32+LJar2nLWj21wyqreHAcKM
RBCX/TWmIi9ExjdgtWHIcnjCgee9PmLOH6f9I/hdVZbQdJQygPQG8sovIRUV3yF2
urczMibC4FOaQzsk5ugs0WOuDmJHqR1ElBys9NxKiXHWtrn+pdJRWj+nUm12GPTa
U/rku3+3CkodlRLp1KFtFoFmXBCCE8tZvTb8hwgAn7vzNoyvsQ7aUvP7qZAIm3OZ
fNr3oZDgAG/TGNVWnpe1H2wQVrkGfWSpN9Ke6fZBoBFWOJp3vkOEHQjHDJwRWmVf
s1FRIFCli1d9mB22efwvF60V4VW5+tibhjbnAupKqYM1tacDd/2p
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:19:37 2025 by rpki-client