Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e38302e302f32302d3230203d3e203230333236.roa
File: 3231372e3231372e38302e302f32302d3230203d3e203230333236.roa (raw, json)
Hash identifier: 1zMGFJiDfVjeIp+PzZ1Otyo6s2R6HWDwOfTqA1rGWGY=
Subject key identifier: A8:59:C6:85:80:58:59:27:2C:DB:2F:AF:CB:5C:FD:93:DF:29:29:14
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1FD80129E519D1E75D680A0B41566DB87117F004
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e38302e302f32302d3230203d3e203230333236.roa
Signing time: Tue 22 Jul 2025 09:27:31 +0000
ROA not before: Tue 22 Jul 2025 09:22:31 +0000
ROA not after: Tue 21 Jul 2026 09:27:31 +0000
asID: 20326
IP address blocks: 217.217.80.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:d8:01:29:e5:19:d1:e7:5d:68:0a:0b:41:56:6d:b8:71:17:f0:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 22 09:22:31 2025 GMT
Not After : Jul 21 09:27:31 2026 GMT
Subject: CN=A859C685805859272CDB2FAFCB5CFD93DF292914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7c:ef:72:fe:bf:f7:f5:8c:d4:02:17:74:61:
04:84:7a:66:e3:f7:27:56:a3:72:2c:e6:6b:9a:2f:
84:7f:76:e6:fe:76:eb:63:a6:1a:0a:5d:e3:5c:f3:
dd:37:f9:a2:91:25:e6:15:00:9a:54:d3:a9:2a:4c:
14:ab:ab:ab:72:7d:64:72:3a:1f:94:96:60:9b:78:
86:17:49:6e:ff:ff:5b:bb:67:a1:87:b7:e3:35:e7:
1e:18:74:e2:cc:18:ff:7f:4c:d3:9a:8a:6d:d8:e8:
c4:e8:dd:23:db:30:b5:66:9a:8c:3e:98:b5:aa:c4:
d6:45:7a:4d:bf:a7:4b:04:ea:7b:5a:72:f5:71:9d:
3a:30:e5:6a:94:ac:c1:6c:4f:82:6e:d1:63:db:c7:
70:f3:c7:09:86:7d:66:c0:60:e9:79:aa:1c:0f:33:
92:ec:ab:3d:40:bf:cb:d9:75:44:f6:a5:96:92:c5:
62:f8:f9:8f:39:09:ab:df:4f:51:df:e1:15:c1:98:
14:89:a4:da:58:e7:ed:cd:9d:e8:5b:bd:96:68:95:
76:c0:b6:8a:ec:8f:ba:0d:ed:d7:43:aa:dd:03:ef:
77:13:37:92:0f:15:c3:3f:54:50:a4:ad:8a:28:6e:
04:2d:ff:a8:ff:8b:ed:01:43:2b:2f:4b:8f:0e:a2:
5d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:59:C6:85:80:58:59:27:2C:DB:2F:AF:CB:5C:FD:93:DF:29:29:14
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e38302e302f32302d3230203d3e203230333236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.80.0/20
Signature Algorithm: sha256WithRSAEncryption
1e:e9:bb:16:39:e8:b5:4c:d6:1d:ac:dc:e9:49:37:16:38:b6:
36:64:18:5d:95:b8:14:bc:62:24:17:6a:64:b1:1a:44:9d:86:
47:10:b8:a6:e0:ed:fc:b8:c4:b9:19:d8:eb:d2:65:a8:8d:12:
cd:77:a5:4b:8f:31:08:a4:51:e4:f7:66:d7:99:ca:37:c0:ea:
38:ea:34:a7:bd:75:1a:0c:61:3e:de:51:e7:a7:e7:a5:58:a9:
b0:c3:d3:d8:31:09:9f:03:de:9e:56:c8:78:47:f3:d3:2c:ba:
8e:a4:d9:30:8d:e2:d2:8f:b2:25:5a:da:b5:c7:b3:b0:5f:1e:
0f:72:4c:7f:28:18:4e:55:4d:66:38:e4:43:07:13:8b:6d:79:
0d:d9:ea:ca:1d:5d:24:7c:c8:3a:9a:7e:ba:77:9c:b4:67:ef:
ae:c0:87:ca:a8:01:fd:ac:ad:5a:39:03:f0:01:62:5e:36:41:
f5:af:d8:ce:2e:c3:48:5b:67:78:eb:1a:6e:04:cc:f3:2a:bb:
dc:07:63:e4:53:1f:f2:80:89:54:66:ec:15:c8:5e:13:42:a1:
83:95:3f:e4:3c:28:d5:17:b2:e8:a7:f3:e0:6f:f5:c7:71:fd:
14:f7:ce:04:4a:07:24:c9:bf:69:92:21:5a:61:a6:ce:ab:15:
fe:6c:36:63
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUH9gBKeUZ0eddaAoLQVZtuHEX8AQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjIwOTIyMzFaFw0yNjA3MjEwOTI3MzFaMDMxMTAvBgNV
BAMTKEE4NTlDNjg1ODA1ODU5MjcyQ0RCMkZBRkNCNUNGRDkzREYyOTI5MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBfO9y/r/39YzUAhd0YQSEembj
9ydWo3Is5muaL4R/dub+dutjphoKXeNc8903+aKRJeYVAJpU06kqTBSrq6tyfWRy
Oh+UlmCbeIYXSW7//1u7Z6GHt+M15x4YdOLMGP9/TNOaim3Y6MTo3SPbMLVmmow+
mLWqxNZFek2/p0sE6ntacvVxnTow5WqUrMFsT4Ju0WPbx3DzxwmGfWbAYOl5qhwP
M5Lsqz1Av8vZdUT2pZaSxWL4+Y85CavfT1Hf4RXBmBSJpNpY5+3NnehbvZZolXbA
torsj7oN7ddDqt0D73cTN5IPFcM/VFCkrYoobgQt/6j/i+0BQysvS48Ool15AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqFnGhYBYWScs2y+vy1z9k98pKRQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTM4
MzAyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzMjMwMzMzMjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
2dlQMA0GCSqGSIb3DQEBCwUAA4IBAQAe6bsWOei1TNYdrNzpSTcWOLY2ZBhdlbgU
vGIkF2pksRpEnYZHELim4O38uMS5Gdjr0mWojRLNd6VLjzEIpFHk92bXmco3wOo4
6jSnvXUaDGE+3lHnp+elWKmww9PYMQmfA96eVsh4R/PTLLqOpNkwjeLSj7IlWtq1
x7OwXx4Pckx/KBhOVU1mOORDBxOLbXkN2erKHV0kfMg6mn66d5y0Z++uwIfKqAH9
rK1aOQPwAWJeNkH1r9jOLsNIW2d46xpuBMzzKrvcB2PkUx/ygIlUZuwVyF4TQqGD
lT/kPCjVF7Lop/Pgb/XHcf0U984ESgckyb9pkiFaYabOqxX+bDZj
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:23:41 2025 by rpki-client