Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e312e302f32342d3234203d3e203631333137.roa
File: 3231372e32352e312e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: AuTG5hLsCwUWbPjqPfLL3+sUc3GYo/fF3PPYDhERDx0=
Subject key identifier: 01:23:4D:28:D7:8D:DE:1D:97:3F:D6:C8:B7:73:DA:3F:7E:42:9D:5D
Certificate issuer: /CN=22bfd4e021547d030ac10b0213535d4c6968eede
Certificate serial: 6BA05015DE51DC84762E7D3D27926700C7B5A736
Authority key identifier: 22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e312e302f32342d3234203d3e203631333137.roa
Signing time: Mon 02 Mar 2026 11:38:36 +0000
ROA not before: Mon 02 Mar 2026 11:33:36 +0000
ROA not after: Mon 01 Mar 2027 11:38:36 +0000
asID: 61317
IP address blocks: 217.25.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:a0:50:15:de:51:dc:84:76:2e:7d:3d:27:92:67:00:c7:b5:a7:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22bfd4e021547d030ac10b0213535d4c6968eede
Validity
Not Before: Mar 2 11:33:36 2026 GMT
Not After : Mar 1 11:38:36 2027 GMT
Subject: CN=01234D28D78DDE1D973FD6C8B773DA3F7E429D5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4b:e6:b8:ad:ef:63:44:9c:f6:f4:72:e5:26:
88:25:81:13:9e:87:7b:b9:af:5c:4d:77:ed:31:64:
c9:c5:ad:7b:b7:6c:a5:b5:41:91:9d:c6:40:99:1a:
79:aa:a5:bd:f6:46:73:38:3e:18:e8:f9:d5:fc:05:
3a:66:c9:52:71:34:32:af:14:d8:39:12:20:f2:37:
8c:cf:f7:46:aa:2e:a0:02:b7:f3:00:46:85:50:4b:
4d:1c:7f:54:b9:86:f2:28:8c:5a:2b:e4:e8:74:b3:
c7:fa:c1:0f:c5:47:8f:04:a9:31:7b:05:ff:13:d9:
b0:fd:17:31:28:90:86:ff:dd:ba:40:55:69:cd:27:
33:b5:43:f9:73:ad:2c:51:1a:f7:ed:1a:1c:96:cb:
43:54:12:0a:c5:8f:75:6e:2c:6b:c5:64:1b:4c:03:
d1:01:28:b1:ff:b6:33:bd:aa:13:bd:cf:5f:a8:62:
f1:02:69:ac:ca:ad:1b:6e:2a:fb:8a:5d:7b:b7:d1:
9d:0c:5b:3b:83:fc:fe:a3:0a:c3:92:f7:93:21:b4:
a4:46:c8:43:53:27:7a:0d:e6:c0:40:f7:de:eb:ae:
94:5a:bd:fe:28:09:ab:28:61:5f:4c:24:46:82:7c:
f2:5c:86:3b:f4:f7:0c:55:a4:65:be:75:35:1c:83:
22:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:23:4D:28:D7:8D:DE:1D:97:3F:D6:C8:B7:73:DA:3F:7E:42:9D:5D
X509v3 Authority Key Identifier:
keyid:22:BF:D4:E0:21:54:7D:03:0A:C1:0B:02:13:53:5D:4C:69:68:EE:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/22BFD4E021547D030AC10B0213535D4C6968EEDE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ir_U4CFUfQMKwQsCE1NdTGlo7t4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23aacd17-bf9d-47db-864d-f9c7c2be183a/0/3231372e32352e312e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:63:4b:4b:ef:47:57:b8:ad:95:b5:63:47:64:5a:fb:55:1d:
8f:aa:0c:8a:5c:7a:18:86:df:8d:02:18:59:ff:54:f3:65:52:
27:d4:8c:90:99:b5:28:dc:e4:81:ee:ea:a5:f4:fd:38:98:5d:
6c:05:8d:b6:20:d5:c1:4c:fe:6b:3f:dd:31:1f:3e:93:e4:b2:
5e:e2:6b:a8:42:ab:e6:1f:32:93:19:f6:f6:cd:80:44:c2:85:
43:75:c4:65:74:18:d4:9e:67:aa:d3:fe:aa:23:6d:4f:f9:34:
17:5c:34:4c:b1:f3:c7:b7:4d:ce:b0:3d:92:5c:ca:1a:15:14:
45:18:c9:c2:3a:e4:af:33:ec:47:f3:b5:5f:1a:a2:0f:56:b4:
98:fc:43:fd:07:1a:c5:aa:92:97:54:1d:08:7e:0b:c4:27:6f:
a2:04:07:07:cc:89:a4:9a:6b:97:94:5a:48:ab:4c:f9:fc:42:
85:50:ce:5d:a4:dc:b8:77:0f:0b:ba:90:a1:da:23:4a:5f:ef:
f9:d8:41:c5:97:e3:44:6d:41:6a:b0:f9:4f:a4:f3:ea:05:24:
a6:62:c4:00:29:b9:3b:c2:7b:03:bb:8a:b9:8f:77:d0:94:f4:
d3:0d:fe:3a:6c:3e:a1:fd:6f:21:c0:a7:d3:14:05:a7:be:89:
7f:7c:f1:3d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUa6BQFd5R3IR2Ln09J5JnAMe1pzYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJiZmQ0ZTAyMTU0N2QwMzBhYzEwYjAyMTM1MzVkNGM2
OTY4ZWVkZTAeFw0yNjAzMDIxMTMzMzZaFw0yNzAzMDExMTM4MzZaMDMxMTAvBgNV
BAMTKDAxMjM0RDI4RDc4RERFMUQ5NzNGRDZDOEI3NzNEQTNGN0U0MjlENUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGS+a4re9jRJz29HLlJoglgROe
h3u5r1xNd+0xZMnFrXu3bKW1QZGdxkCZGnmqpb32RnM4Phjo+dX8BTpmyVJxNDKv
FNg5EiDyN4zP90aqLqACt/MARoVQS00cf1S5hvIojFor5Oh0s8f6wQ/FR48EqTF7
Bf8T2bD9FzEokIb/3bpAVWnNJzO1Q/lzrSxRGvftGhyWy0NUEgrFj3VuLGvFZBtM
A9EBKLH/tjO9qhO9z1+oYvECaazKrRtuKvuKXXu30Z0MWzuD/P6jCsOS95MhtKRG
yENTJ3oN5sBA997rrpRavf4oCasoYV9MJEaCfPJchjv09wxVpGW+dTUcgyLtAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUASNNKNeN3h2XP9bIt3PaP35CnV0wHwYDVR0j
BBgwFoAUIr/U4CFUfQMKwQsCE1NdTGlo7t4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNhYWNkMTctYmY5ZC00N2RiLTg2NGQtZjljN2MyYmUx
ODNhLzAvMjJCRkQ0RTAyMTU0N0QwMzBBQzEwQjAyMTM1MzVENEM2OTY4RUVERS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lyX1U0Q0ZVZlFNS3dRc0NFMU5kVEds
bzd0NC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjNhYWNkMTct
YmY5ZC00N2RiLTg2NGQtZjljN2MyYmUxODNhLzAvMzIzMTM3MmUzMjM1MmUzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADZGQEw
DQYJKoZIhvcNAQELBQADggEBAC5jS0vvR1e4rZW1Y0dkWvtVHY+qDIpcehiG340C
GFn/VPNlUifUjJCZtSjc5IHu6qX0/TiYXWwFjbYg1cFM/ms/3TEfPpPksl7ia6hC
q+YfMpMZ9vbNgETChUN1xGV0GNSeZ6rT/qojbU/5NBdcNEyx88e3Tc6wPZJcyhoV
FEUYycI65K8z7EfztV8aog9WtJj8Q/0HGsWqkpdUHQh+C8Qnb6IEBwfMiaSaa5eU
WkirTPn8QoVQzl2k3Lh3Dwu6kKHaI0pf7/nYQcWX40RtQWqw+U+k8+oFJKZixAAp
uTvCewO7irmPd9CU9NMN/jpsPqH9byHAp9MUBae+iX988T0=
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:32:40 2026 by rpki-client