Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3231332e3234302e3132382e302f31382d3234203d3e2038383230.roa
File: 3231332e3234302e3132382e302f31382d3234203d3e2038383230.roa (raw, json)
Hash identifier: Tt7co4BLvt6HSnHMbF6xwMEY0Zl8rl5UhfgxyCOyUcI=
Subject key identifier: 64:0E:B7:44:E2:CD:42:49:E9:5F:22:CB:EB:7E:17:92:E9:D5:D2:80
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 7069CDBB7DF9C72612F98511243E5F72CA17D993
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3231332e3234302e3132382e302f31382d3234203d3e2038383230.roa
Signing time: Thu 04 Sep 2025 10:40:07 +0000
ROA not before: Thu 04 Sep 2025 10:35:07 +0000
ROA not after: Thu 03 Sep 2026 10:40:07 +0000
asID: 8820
IP address blocks: 213.240.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:69:cd:bb:7d:f9:c7:26:12:f9:85:11:24:3e:5f:72:ca:17:d9:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:07 2025 GMT
Not After : Sep 3 10:40:07 2026 GMT
Subject: CN=640EB744E2CD4249E95F22CBEB7E1792E9D5D280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ff:7a:45:9f:a6:71:3d:9c:d4:6a:0c:89:ca:
80:22:4c:00:e6:82:8e:09:89:69:eb:f7:1a:e6:76:
c3:bf:31:5b:3f:0f:2c:a0:5c:d1:6f:04:86:3a:81:
2c:35:2e:95:dd:4b:3f:e5:fe:cb:0c:ab:5d:cd:52:
da:df:9d:19:a0:ff:5b:0f:7a:15:a6:f9:30:3b:b1:
30:bd:25:9e:dd:e1:07:8e:90:a3:85:ae:32:64:77:
e8:4c:54:b6:a0:ee:ff:2a:a5:9b:aa:8e:25:e1:99:
5e:90:57:c6:9e:63:50:92:cd:f3:0d:e3:ed:7a:1c:
fa:f5:83:8f:fa:38:01:40:28:74:69:e7:ba:08:0e:
af:c2:d0:39:c5:3a:66:97:17:44:bc:f7:5f:95:f7:
69:66:8f:91:65:66:1a:a0:77:5d:69:49:55:27:e4:
f3:01:32:61:6c:1d:bb:d0:8e:df:2c:82:da:7a:dc:
9b:07:63:da:be:3b:cc:13:63:07:e5:40:f2:11:f1:
a0:38:c9:6a:67:56:64:29:ac:e9:e0:ea:02:ad:88:
fd:54:bc:d6:bd:51:ae:39:17:21:af:4c:36:a2:02:
71:84:63:fc:fb:9e:14:86:30:76:28:fc:b4:bf:5d:
b3:ae:ad:e3:a1:c5:b1:ff:d1:87:fe:a2:01:b3:d1:
57:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0E:B7:44:E2:CD:42:49:E9:5F:22:CB:EB:7E:17:92:E9:D5:D2:80
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3231332e3234302e3132382e302f31382d3234203d3e2038383230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.240.128.0/18
Signature Algorithm: sha256WithRSAEncryption
a2:66:c9:9f:75:64:67:35:3b:6a:40:f6:8c:38:5d:a3:68:f5:
93:d7:87:be:0f:1f:ec:87:20:24:c9:66:a6:57:ca:b3:60:74:
76:e5:52:36:32:92:a3:67:44:4f:90:3c:b1:36:11:96:97:99:
c1:0a:b0:46:cb:92:4d:84:53:80:1a:b9:0c:21:b7:2e:6a:97:
15:a0:97:77:86:09:96:f5:8a:4c:cf:b4:3c:6a:4c:c3:8f:b7:
7a:50:f7:02:67:25:d2:c6:07:27:3c:e7:a3:0a:29:b4:9a:99:
0f:82:c1:b3:73:76:26:98:c0:47:17:f8:52:25:01:a5:0b:10:
9b:80:b2:d7:ce:18:c0:22:a5:ca:b3:00:2e:30:62:6a:1a:27:
ef:de:46:8e:3c:dd:da:85:3f:10:07:23:64:1e:67:f3:74:b6:
97:cf:ee:ce:0f:13:e5:36:a4:ea:9c:5a:d5:9d:9c:21:bc:f5:
9b:2e:10:1d:98:cd:e1:d3:7c:d4:b1:a4:bd:f5:71:a0:0e:48:
d2:52:da:e2:eb:3c:59:83:a8:f0:7b:7a:01:95:45:e4:23:15:
04:47:66:5e:8b:61:aa:37:07:c5:5f:36:6c:65:df:5c:11:05:
fc:86:63:c0:6f:a7:65:ce:d1:c6:fe:0c:51:dd:90:42:2a:fc:
82:00:0c:08
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcGnNu335xyYS+YURJD5fcsoX2ZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDdaFw0yNjA5MDMxMDQwMDdaMDMxMTAvBgNV
BAMTKDY0MEVCNzQ0RTJDRDQyNDlFOTVGMjJDQkVCN0UxNzkyRTlENUQyODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP/3pFn6ZxPZzUagyJyoAiTADm
go4JiWnr9xrmdsO/MVs/DyygXNFvBIY6gSw1LpXdSz/l/ssMq13NUtrfnRmg/1sP
ehWm+TA7sTC9JZ7d4QeOkKOFrjJkd+hMVLag7v8qpZuqjiXhmV6QV8aeY1CSzfMN
4+16HPr1g4/6OAFAKHRp57oIDq/C0DnFOmaXF0S891+V92lmj5FlZhqgd11pSVUn
5PMBMmFsHbvQjt8sgtp63JsHY9q+O8wTYwflQPIR8aA4yWpnVmQprOng6gKtiP1U
vNa9Ua45FyGvTDaiAnGEY/z7nhSGMHYo/LS/XbOureOhxbH/0Yf+ogGz0Ve5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZA63ROLNQknpXyLL634XkunV0oAwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzIzMTMzMmUzMjM0MzAyZTMx
MzIzODJlMzAyZjMxMzgyZDMyMzQyMDNkM2UyMDM4MzgzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG
1fCAMA0GCSqGSIb3DQEBCwUAA4IBAQCiZsmfdWRnNTtqQPaMOF2jaPWT14e+Dx/s
hyAkyWamV8qzYHR25VI2MpKjZ0RPkDyxNhGWl5nBCrBGy5JNhFOAGrkMIbcuapcV
oJd3hgmW9YpMz7Q8akzDj7d6UPcCZyXSxgcnPOejCim0mpkPgsGzc3YmmMBHF/hS
JQGlCxCbgLLXzhjAIqXKswAuMGJqGifv3kaOPN3ahT8QByNkHmfzdLaXz+7ODxPl
NqTqnFrVnZwhvPWbLhAdmM3h03zUsaS99XGgDkjSUtri6zxZg6jwe3oBlUXkIxUE
R2Zei2GqNwfFXzZsZd9cEQX8hmPAb6dlztHG/gxR3ZBCKvyCAAwI
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:54:45 2025 by rpki-client