Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e34302e302f32312d3231203d3e203230343733.roa
File: 3231372e3231372e34302e302f32312d3231203d3e203230343733.roa (raw, json)
Hash identifier: cJlWeaCrK+3MY4wRJ/tLH63GOUZ6o2BiOrWI+bdq5/k=
Subject key identifier: B1:06:F2:8E:91:BB:77:E1:5E:56:00:4A:6E:3B:AF:B5:84:7B:7D:32
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 025E556A80110AC6AFED0856980102F9F8EE0EE3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e34302e302f32312d3231203d3e203230343733.roa
Signing time: Tue 15 Jul 2025 07:20:33 +0000
ROA not before: Tue 15 Jul 2025 07:15:33 +0000
ROA not after: Tue 14 Jul 2026 07:20:33 +0000
asID: 20473
IP address blocks: 217.217.40.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 16:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:5e:55:6a:80:11:0a:c6:af:ed:08:56:98:01:02:f9:f8:ee:0e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 15 07:15:33 2025 GMT
Not After : Jul 14 07:20:33 2026 GMT
Subject: CN=B106F28E91BB77E15E56004A6E3BAFB5847B7D32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9a:8f:9c:02:65:ba:37:f0:84:16:69:01:5c:
55:4d:be:07:23:ba:c4:04:e9:99:1f:c9:eb:c1:23:
dc:96:2f:b7:90:59:51:ed:e5:68:e6:18:1d:5f:d5:
d2:b9:e9:41:71:d5:8f:12:de:e8:e3:b1:d3:e1:9f:
52:ee:0f:8a:4c:42:27:aa:84:04:9a:7a:71:49:8e:
b4:74:e8:af:7e:10:5e:86:4f:74:55:df:2d:17:18:
db:1c:fc:c1:05:71:f7:c1:de:dc:c5:dc:5f:e8:74:
00:97:68:0d:30:bf:56:1f:bf:0b:95:dc:39:87:d1:
cd:5e:64:ee:ff:1c:73:b5:71:1d:b6:6c:7e:15:bc:
9b:af:2e:c0:e2:4f:a3:91:db:58:7b:94:2c:c8:11:
1d:14:56:f2:db:30:5f:03:a8:b8:2b:d4:60:03:c4:
cd:e7:c7:92:d4:6d:b7:ac:e8:62:23:5a:a1:86:dd:
04:0d:53:1c:0b:97:13:3a:50:3b:df:82:08:1b:46:
43:10:cd:ca:0c:b8:4d:72:ef:01:dd:1b:54:7b:85:
3d:a5:f1:95:a8:a4:95:76:5f:b6:b0:8b:81:94:40:
49:4a:85:35:12:eb:0a:86:e4:49:5d:16:f3:f9:55:
03:0c:43:73:5c:d0:ec:5c:a2:2d:4b:fa:c4:83:a1:
39:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:06:F2:8E:91:BB:77:E1:5E:56:00:4A:6E:3B:AF:B5:84:7B:7D:32
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e34302e302f32312d3231203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.40.0/21
Signature Algorithm: sha256WithRSAEncryption
03:13:2d:8e:c8:84:8c:08:9c:2a:9f:b9:74:4d:b0:f3:a0:4c:
a0:d1:df:39:66:ca:5a:7e:35:71:85:d8:e9:a0:dd:55:e8:84:
80:f5:2e:4c:be:ab:81:6f:1c:c5:19:2f:75:de:12:12:b6:0a:
1c:83:dc:7b:69:bf:71:76:2a:8d:2f:ef:16:b0:22:6e:4d:1c:
f2:50:67:05:dc:74:7f:58:c5:53:2a:f7:f9:ce:6e:f0:ab:83:
a2:c1:d3:1c:8a:af:88:bd:32:4a:5c:6d:c4:ba:bf:4f:b8:44:
78:a3:a4:6c:8b:72:f9:7b:db:ff:0d:cf:2f:b0:fe:13:36:b7:
b9:a6:54:59:4c:14:ab:08:82:e9:f0:b1:36:19:b4:2b:50:53:
54:2e:35:af:ae:07:84:aa:47:bb:50:f0:50:75:10:2a:11:4b:
33:71:72:4d:e5:dd:73:87:f0:7b:4c:a0:81:92:4f:bc:4b:62:
b2:32:ae:94:c9:71:43:96:19:b3:32:53:b7:52:f3:69:09:cd:
1e:6a:60:f7:65:dd:b1:e1:3d:9a:0c:cb:08:24:c2:e2:c5:2e:
cb:93:5b:aa:0f:b5:15:61:19:99:25:ef:d4:30:fd:af:30:10:
22:9d:a0:13:63:54:b4:73:f6:f7:fa:b6:ad:79:72:b3:31:97:
7f:27:35:01
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAl5VaoARCsav7QhWmAEC+fjuDuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MTUwNzE1MzNaFw0yNjA3MTQwNzIwMzNaMDMxMTAvBgNV
BAMTKEIxMDZGMjhFOTFCQjc3RTE1RTU2MDA0QTZFM0JBRkI1ODQ3QjdEMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDImo+cAmW6N/CEFmkBXFVNvgcj
usQE6ZkfyevBI9yWL7eQWVHt5WjmGB1f1dK56UFx1Y8S3ujjsdPhn1LuD4pMQieq
hASaenFJjrR06K9+EF6GT3RV3y0XGNsc/MEFcffB3tzF3F/odACXaA0wv1YfvwuV
3DmH0c1eZO7/HHO1cR22bH4VvJuvLsDiT6OR21h7lCzIER0UVvLbMF8DqLgr1GAD
xM3nx5LUbbes6GIjWqGG3QQNUxwLlxM6UDvfgggbRkMQzcoMuE1y7wHdG1R7hT2l
8ZWopJV2X7awi4GUQElKhTUS6wqG5EldFvP5VQMMQ3Nc0Oxcoi1L+sSDoTmJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsQbyjpG7d+FeVgBKbjuvtYR7fTIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTM0
MzAyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
2dkoMA0GCSqGSIb3DQEBCwUAA4IBAQADEy2OyISMCJwqn7l0TbDzoEyg0d85Zspa
fjVxhdjpoN1V6ISA9S5MvquBbxzFGS913hIStgocg9x7ab9xdiqNL+8WsCJuTRzy
UGcF3HR/WMVTKvf5zm7wq4OiwdMciq+IvTJKXG3Eur9PuER4o6Rsi3L5e9v/Dc8v
sP4TNre5plRZTBSrCILp8LE2GbQrUFNULjWvrgeEqke7UPBQdRAqEUszcXJN5d1z
h/B7TKCBkk+8S2KyMq6UyXFDlhmzMlO3UvNpCc0eamD3Zd2x4T2aDMsIJMLixS7L
k1uqD7UVYRmZJe/UMP2vMBAinaATY1S0c/b3+rateXKzMZd/JzUB
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:04:52 2025 by rpki-client