Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32382e302f32342d3234203d3e203537303433.roa
File: 3231372e3231372e32382e302f32342d3234203d3e203537303433.roa (raw, json)
Hash identifier: uCjIPC3dIwrG3+XBaKHEvbsK9DmBB8quLXs7nThHKXg=
Subject key identifier: 08:7F:5F:39:5D:5D:A4:7D:FD:01:2A:36:54:65:EF:C5:0A:CB:E7:2D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 17319FAEF410A88A51A64A226724837232CA6240
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32382e302f32342d3234203d3e203537303433.roa
Signing time: Tue 22 Jul 2025 15:01:31 +0000
ROA not before: Tue 22 Jul 2025 14:56:31 +0000
ROA not after: Tue 21 Jul 2026 15:01:31 +0000
asID: 57043
IP address blocks: 217.217.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:31:9f:ae:f4:10:a8:8a:51:a6:4a:22:67:24:83:72:32:ca:62:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 22 14:56:31 2025 GMT
Not After : Jul 21 15:01:31 2026 GMT
Subject: CN=087F5F395D5DA47DFD012A365465EFC50ACBE72D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ca:5c:2e:77:19:35:d8:83:c6:6c:15:9d:36:
9a:d7:2d:e7:64:08:2d:6a:3d:7d:91:5d:22:3a:9d:
d0:a0:6d:fc:06:7e:2c:bf:62:ae:ea:7d:92:42:2d:
9d:39:d2:e9:45:7c:e9:64:d2:db:44:f6:83:ed:46:
0b:34:30:e7:14:33:41:b5:2d:60:c8:82:eb:e1:f3:
bb:ab:ee:9c:af:b9:fd:60:60:ce:d1:8f:4e:52:98:
52:1b:17:4b:af:60:26:02:11:33:83:23:fb:a7:f3:
44:12:d6:71:dd:94:01:09:fa:02:8e:75:34:e0:a1:
30:dd:fe:42:ae:08:96:ba:6c:68:94:bf:be:cb:97:
c8:16:31:0e:b6:a8:0a:b3:07:a7:8d:2d:31:48:ae:
a6:d0:05:4a:ea:81:33:d4:f7:29:45:54:30:81:f5:
34:de:4a:ae:66:e5:7d:f6:c7:62:54:db:f6:3f:08:
67:24:01:8b:9b:dc:21:42:1c:a0:b8:99:53:81:4a:
7c:da:52:c6:e2:14:ea:e2:3a:2f:4f:30:b0:6c:d4:
08:c1:2c:1d:b8:21:34:86:cd:df:89:28:30:45:e2:
c3:8c:e0:42:87:d0:8d:d4:03:25:40:6e:66:fe:40:
ef:d2:9c:e2:94:68:08:48:26:6b:89:4f:07:72:ba:
a8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7F:5F:39:5D:5D:A4:7D:FD:01:2A:36:54:65:EF:C5:0A:CB:E7:2D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e32382e302f32342d3234203d3e203537303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.28.0/24
Signature Algorithm: sha256WithRSAEncryption
07:60:79:d6:f0:44:63:70:4e:5c:07:66:c5:48:36:4d:e2:e9:
25:76:89:3c:6c:22:84:2e:e9:90:8b:8e:1d:92:5a:9f:13:16:
50:1b:98:75:2e:fa:ea:c2:5c:c7:8d:eb:c9:6b:a0:e4:a8:91:
bf:6c:83:fd:48:36:ee:ca:55:05:cb:86:97:26:ca:09:72:a9:
78:39:f3:88:25:9e:ec:1f:9a:f4:41:82:a7:63:a1:93:44:c2:
8d:12:1e:ee:53:ec:19:19:b1:74:89:63:f8:c3:70:83:bd:8e:
73:c5:b7:b9:4c:60:b1:26:ec:ad:6a:be:91:d7:bf:15:6c:6a:
f5:9c:e3:a0:ca:67:7e:c1:a4:bb:09:0d:eb:8b:e1:c1:fe:e8:
50:7e:e8:4f:3a:36:c2:39:c6:c0:53:3c:36:0f:db:6f:62:54:
37:ae:de:10:10:94:00:e2:45:5a:01:b4:0f:ed:5c:23:ab:d0:
33:b3:8f:5c:c0:d7:26:f6:5e:9a:02:38:ca:bf:e6:6b:58:71:
79:90:29:94:59:82:a5:65:d6:f0:98:45:13:52:23:57:fc:9b:
67:bf:28:8c:c9:7b:88:f9:21:9a:2b:5d:36:af:8d:26:ee:12:
81:5d:9d:1b:e8:4f:73:4d:26:59:f6:f0:37:fd:21:1a:27:cf:
8c:64:f4:cb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFzGfrvQQqIpRpkoiZySDcjLKYkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjIxNDU2MzFaFw0yNjA3MjExNTAxMzFaMDMxMTAvBgNV
BAMTKDA4N0Y1RjM5NUQ1REE0N0RGRDAxMkEzNjU0NjVFRkM1MEFDQkU3MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ylwudxk12IPGbBWdNprXLedk
CC1qPX2RXSI6ndCgbfwGfiy/Yq7qfZJCLZ050ulFfOlk0ttE9oPtRgs0MOcUM0G1
LWDIguvh87ur7pyvuf1gYM7Rj05SmFIbF0uvYCYCETODI/un80QS1nHdlAEJ+gKO
dTTgoTDd/kKuCJa6bGiUv77Ll8gWMQ62qAqzB6eNLTFIrqbQBUrqgTPU9ylFVDCB
9TTeSq5m5X32x2JU2/Y/CGckAYub3CFCHKC4mVOBSnzaUsbiFOriOi9PMLBs1AjB
LB24ITSGzd+JKDBF4sOM4EKH0I3UAyVAbmb+QO/SnOKUaAhIJmuJTwdyuqjJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCH9fOV1dpH39ASo2VGXvxQrL5y0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM3MzAzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dkcMA0GCSqGSIb3DQEBCwUAA4IBAQAHYHnW8ERjcE5cB2bFSDZN4ukldok8bCKE
LumQi44dklqfExZQG5h1LvrqwlzHjevJa6DkqJG/bIP9SDbuylUFy4aXJsoJcql4
OfOIJZ7sH5r0QYKnY6GTRMKNEh7uU+wZGbF0iWP4w3CDvY5zxbe5TGCxJuytar6R
178VbGr1nOOgymd+waS7CQ3ri+HB/uhQfuhPOjbCOcbAUzw2D9tvYlQ3rt4QEJQA
4kVaAbQP7Vwjq9Azs49cwNcm9l6aAjjKv+ZrWHF5kCmUWYKlZdbwmEUTUiNX/Jtn
vyiMyXuI+SGaK102r40m7hKBXZ0b6E9zTSZZ9vA3/SEaJ8+MZPTL
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:20:34 2025 by rpki-client