Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e39362e302f32312d3231203d3e203230333236.roa
File: 3231372e3231372e39362e302f32312d3231203d3e203230333236.roa (raw, json)
Hash identifier: ktfn0ts2AiT58iA+CJdhb5tsEulyxTrR0ScRtghcYA0=
Subject key identifier: 74:43:41:AF:8C:96:80:0E:F3:9F:A0:00:0B:61:28:16:34:64:B7:FF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 11111A4AB3D8E9928B03952B4A7C7817C180D1A9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e39362e302f32312d3231203d3e203230333236.roa
Signing time: Wed 23 Jul 2025 08:54:24 +0000
ROA not before: Wed 23 Jul 2025 08:49:24 +0000
ROA not after: Wed 22 Jul 2026 08:54:24 +0000
asID: 20326
IP address blocks: 217.217.96.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:11:1a:4a:b3:d8:e9:92:8b:03:95:2b:4a:7c:78:17:c1:80:d1:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 23 08:49:24 2025 GMT
Not After : Jul 22 08:54:24 2026 GMT
Subject: CN=744341AF8C96800EF39FA0000B6128163464B7FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:be:a8:94:d4:1b:7c:ea:fe:41:26:b4:a2:3a:
d9:43:28:38:27:03:54:c1:6a:b2:79:5b:c8:ee:8f:
27:66:44:8b:8f:4f:52:a0:7c:e3:b9:a3:eb:7e:2f:
b4:94:75:86:7c:83:4b:80:cd:35:bd:81:3f:6e:4a:
16:55:c3:4b:a0:f8:bb:f3:a7:98:83:88:1e:e6:cf:
95:f6:72:08:c1:27:a0:db:25:73:2d:f8:7c:91:b6:
b5:b8:5e:a5:0a:68:2d:5c:39:d9:7c:15:88:7d:92:
ca:5b:c6:f8:a8:d8:10:14:0f:b9:d9:92:1d:d9:4e:
1a:3a:4a:a4:c0:a8:2f:45:6f:5a:4b:24:f9:32:13:
65:3e:bc:32:5b:fa:c7:41:6e:a2:7b:b4:e3:4b:21:
ef:40:ab:d9:93:53:71:30:d7:9f:c4:a7:ae:56:16:
aa:b4:e2:d4:a4:47:bd:f5:c1:f4:80:51:ea:24:08:
56:20:9f:54:62:9a:5d:38:d6:7e:fa:f1:36:0f:9e:
09:c4:07:80:bb:1c:4e:09:27:e9:20:7d:0d:6f:bc:
01:a9:bf:27:56:ba:86:86:c5:69:01:0f:71:29:f9:
64:b2:7a:8d:43:9b:84:46:a3:ed:b5:b8:b3:a1:20:
e3:f4:3f:a4:e9:61:ce:61:9d:30:56:d1:ef:da:d1:
ea:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:43:41:AF:8C:96:80:0E:F3:9F:A0:00:0B:61:28:16:34:64:B7:FF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e39362e302f32312d3231203d3e203230333236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.96.0/21
Signature Algorithm: sha256WithRSAEncryption
04:cf:90:28:ca:93:12:79:ae:47:d2:ae:3a:df:7a:d5:d1:b8:
a5:a1:9f:d4:d1:d9:1a:20:c5:04:b9:ef:a3:b5:d9:30:5a:25:
09:a5:a6:26:1e:25:22:23:bb:a4:c4:9f:fa:c4:4c:25:50:3b:
0d:31:e8:ee:16:27:23:97:24:c6:e8:66:b5:8b:fb:c8:a0:f9:
5e:fb:93:04:75:cb:f1:ac:06:86:27:56:cd:f2:89:1d:f0:03:
99:9a:74:4e:9f:6c:7e:55:b0:cc:a6:c0:16:07:a9:6e:99:2d:
16:7c:61:7f:38:43:5d:13:86:e0:a3:e7:1c:61:5a:c5:db:79:
54:03:cf:90:5d:3a:59:b2:e2:cd:dd:06:09:5f:68:11:79:f8:
34:81:05:8f:7f:3d:99:8a:10:45:b6:63:d8:56:31:51:72:99:
30:ab:84:3c:e2:e7:82:0a:08:df:33:96:00:49:65:4a:67:ef:
83:45:cd:b0:f6:11:26:64:97:5a:35:f3:3a:06:37:90:7c:a6:
d4:0f:e9:65:23:5e:0b:e8:5f:5c:90:2f:99:a2:91:9d:f8:28:
79:43:e4:aa:97:9a:1d:d6:89:4f:d4:33:4e:25:5f:43:46:3b:
4c:94:3e:da:4d:bc:6d:28:f2:3c:3a:14:e3:e5:e4:33:d4:7a:
d2:28:b8:16
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEREaSrPY6ZKLA5UrSnx4F8GA0akwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjMwODQ5MjRaFw0yNjA3MjIwODU0MjRaMDMxMTAvBgNV
BAMTKDc0NDM0MUFGOEM5NjgwMEVGMzlGQTAwMDBCNjEyODE2MzQ2NEI3RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKvqiU1Bt86v5BJrSiOtlDKDgn
A1TBarJ5W8jujydmRIuPT1KgfOO5o+t+L7SUdYZ8g0uAzTW9gT9uShZVw0ug+Lvz
p5iDiB7mz5X2cgjBJ6DbJXMt+HyRtrW4XqUKaC1cOdl8FYh9kspbxvio2BAUD7nZ
kh3ZTho6SqTAqC9Fb1pLJPkyE2U+vDJb+sdBbqJ7tONLIe9Aq9mTU3Ew15/Ep65W
Fqq04tSkR731wfSAUeokCFYgn1Riml041n768TYPngnEB4C7HE4JJ+kgfQ1vvAGp
vydWuoaGxWkBD3Ep+WSyeo1Dm4RGo+21uLOhIOP0P6TpYc5hnTBW0e/a0erjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUdENBr4yWgA7zn6AAC2EoFjRkt/8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTM5
MzYyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzMjMwMzMzMjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
2dlgMA0GCSqGSIb3DQEBCwUAA4IBAQAEz5AoypMSea5H0q4633rV0biloZ/U0dka
IMUEue+jtdkwWiUJpaYmHiUiI7ukxJ/6xEwlUDsNMejuFicjlyTG6Ga1i/vIoPle
+5MEdcvxrAaGJ1bN8okd8AOZmnROn2x+VbDMpsAWB6lumS0WfGF/OENdE4bgo+cc
YVrF23lUA8+QXTpZsuLN3QYJX2gRefg0gQWPfz2ZihBFtmPYVjFRcpkwq4Q84ueC
CgjfM5YASWVKZ++DRc2w9hEmZJdaNfM6BjeQfKbUD+llI14L6F9ckC+ZopGd+Ch5
Q+Sql5od1olP1DNOJV9DRjtMlD7aTbxtKPI8OhTj5eQz1HrSKLgW
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:22:12 2025 by rpki-client