Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38302e302f32342d3234203d3e20323132323338.roa
File: 3231322e33322e38302e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: isOChEK388KuoGn/0C9RLsHQyGPZakCjVRsVRAVs+Pg=
Subject key identifier: D4:31:E2:47:A8:0D:0F:01:E6:62:EC:8E:0F:11:74:76:3C:10:07:69
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1EAB42E1A624062DE779C166A84F523E7A165776
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38302e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 09 Oct 2025 09:07:32 +0000
ROA not before: Thu 09 Oct 2025 09:02:32 +0000
ROA not after: Thu 08 Oct 2026 09:07:32 +0000
asID: 212238
IP address blocks: 212.32.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 00:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:ab:42:e1:a6:24:06:2d:e7:79:c1:66:a8:4f:52:3e:7a:16:57:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 09:02:32 2025 GMT
Not After : Oct 8 09:07:32 2026 GMT
Subject: CN=D431E247A80D0F01E662EC8E0F1174763C100769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:30:70:30:86:0b:19:67:38:8b:f5:27:ec:f9:
04:ea:75:23:ce:69:45:b1:bf:1a:47:00:3e:dd:6b:
8d:f5:f0:08:28:d2:ae:c8:57:17:11:93:e4:eb:69:
76:ce:ea:7f:07:45:37:6b:10:b5:fd:a8:97:7c:58:
04:cf:39:7d:b5:82:74:0f:42:7e:53:40:54:d3:6e:
56:f0:96:5b:24:a0:8b:e9:4b:44:97:2c:2b:04:be:
5c:00:56:da:4b:56:fb:55:ed:89:3a:59:61:8c:e9:
25:c2:53:c4:0b:3c:41:76:0d:e0:96:65:aa:7a:dd:
7d:1a:47:f0:2c:62:15:57:62:a6:26:c6:cc:b0:6b:
ec:41:79:bf:fd:50:0d:71:b9:d8:ae:7a:43:f7:3c:
ad:8a:78:ee:50:e3:30:f4:23:85:2e:ca:34:e7:09:
87:10:22:11:e6:4d:db:d0:03:df:24:17:ae:37:ea:
de:93:8c:ff:38:cc:18:e3:e1:55:68:1e:da:2f:ec:
87:20:08:bb:05:22:f9:13:76:4e:0e:25:5e:3c:c8:
e8:c3:ef:4f:e0:af:15:a2:c0:af:7b:af:f3:17:1c:
ee:54:fb:ce:b2:f3:2d:1f:e5:43:36:3c:73:27:12:
8a:c4:20:22:2a:2d:4c:76:ae:0d:47:ba:d5:d1:de:
a8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:31:E2:47:A8:0D:0F:01:E6:62:EC:8E:0F:11:74:76:3C:10:07:69
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38302e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.80.0/24
Signature Algorithm: sha256WithRSAEncryption
66:3c:d0:9b:e3:66:66:9f:2f:d1:33:cd:07:24:fa:65:4e:8f:
f6:aa:37:9e:e8:5c:09:56:02:eb:36:c1:6c:07:e0:e4:2d:8c:
97:a2:91:6e:9f:ac:52:cf:1a:7b:1a:3a:de:5f:f4:11:cb:37:
bb:fe:d4:35:e3:cf:63:ce:66:c6:55:a9:62:7d:a5:7c:3a:7d:
93:b1:e7:f8:ac:0a:23:2f:07:3c:4f:6c:04:36:03:b1:3c:28:
e1:cc:c9:c6:ec:46:a3:63:42:49:e6:75:dd:ef:ed:a4:b2:47:
7b:5b:7b:f3:b7:f0:fe:5c:dd:d9:76:cb:e0:c5:1f:99:e1:d9:
92:98:9b:e5:71:c1:3f:39:f8:59:44:5c:97:6b:5d:a0:78:e7:
e4:f2:35:b0:14:c8:2c:f9:25:d5:42:00:52:2e:95:d0:12:ff:
06:b7:33:a5:25:70:8c:33:5b:29:2c:20:79:dd:f9:4e:65:b5:
49:f2:31:8d:ec:c2:83:fe:6e:ae:af:c1:4d:f9:fd:f6:66:d4:
4b:44:7f:f4:56:dd:94:00:87:28:c4:1b:4c:c8:8b:e7:5d:ea:
f2:54:89:81:ab:61:a7:06:95:e3:b2:c2:c7:4a:34:09:07:6e:
48:36:af:b8:35:9e:4a:e3:f1:a3:27:1f:5d:80:52:e3:0e:2d:
43:f7:f9:fe
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHqtC4aYkBi3necFmqE9SPnoWV3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDkwOTAyMzJaFw0yNjEwMDgwOTA3MzJaMDMxMTAvBgNV
BAMTKEQ0MzFFMjQ3QTgwRDBGMDFFNjYyRUM4RTBGMTE3NDc2M0MxMDA3NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyMHAwhgsZZziL9Sfs+QTqdSPO
aUWxvxpHAD7da4318Ago0q7IVxcRk+TraXbO6n8HRTdrELX9qJd8WATPOX21gnQP
Qn5TQFTTblbwllskoIvpS0SXLCsEvlwAVtpLVvtV7Yk6WWGM6SXCU8QLPEF2DeCW
Zap63X0aR/AsYhVXYqYmxsywa+xBeb/9UA1xudiuekP3PK2KeO5Q4zD0I4UuyjTn
CYcQIhHmTdvQA98kF6436t6TjP84zBjj4VVoHtov7IcgCLsFIvkTdk4OJV48yOjD
70/grxWiwK97r/MXHO5U+86y8y0f5UM2PHMnEorEICIqLUx2rg1HutXR3qhbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1DHiR6gNDwHmYuyODxF0djwQB2kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzODMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBQMA0GCSqGSIb3DQEBCwUAA4IBAQBmPNCb42Zmny/RM80HJPplTo/2qjee6FwJ
VgLrNsFsB+DkLYyXopFun6xSzxp7GjreX/QRyze7/tQ1489jzmbGValifaV8On2T
sef4rAojLwc8T2wENgOxPCjhzMnG7EajY0JJ5nXd7+2kskd7W3vzt/D+XN3Zdsvg
xR+Z4dmSmJvlccE/OfhZRFyXa12geOfk8jWwFMgs+SXVQgBSLpXQEv8GtzOlJXCM
M1spLCB53flOZbVJ8jGN7MKD/m6ur8FN+f32ZtRLRH/0Vt2UAIcoxBtMyIvnXery
VImBq2GnBpXjssLHSjQJB25INq+4NZ5K4/GjJx9dgFLjDi1D9/n+
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:29:10 2025 by rpki-client