Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38322e302f32342d3234203d3e20323132323338.roa
File: 3231322e33322e38322e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: crJkDD4KxDHrXu8WRogKiTj4VoLjuQ9ttYA3IWbiSP4=
Subject key identifier: 1D:3E:96:1B:86:52:DB:5B:BE:13:2D:67:E5:73:40:38:BD:C3:95:77
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 607D45151CF41DBD03A11C6329C5050A23A5B88C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38322e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 09 Oct 2025 09:07:22 +0000
ROA not before: Thu 09 Oct 2025 09:02:22 +0000
ROA not after: Thu 08 Oct 2026 09:07:22 +0000
asID: 212238
IP address blocks: 212.32.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 00:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:7d:45:15:1c:f4:1d:bd:03:a1:1c:63:29:c5:05:0a:23:a5:b8:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 09:02:22 2025 GMT
Not After : Oct 8 09:07:22 2026 GMT
Subject: CN=1D3E961B8652DB5BBE132D67E5734038BDC39577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d0:1b:25:c0:e9:12:9c:04:e4:0c:1c:6f:ac:
89:5c:f1:4d:ca:37:95:af:21:08:b8:10:8c:45:50:
28:02:a7:7a:fe:ea:eb:d2:5c:e9:a4:a2:9c:77:64:
6b:1e:62:8f:34:56:82:7f:bf:8e:94:7f:19:6c:d7:
c7:2d:5f:86:15:29:6c:77:9e:1d:34:a2:4b:22:2f:
1a:3a:64:62:e7:29:fc:be:53:2f:07:4f:1d:af:a1:
5e:8b:43:9b:f2:9a:f1:bf:bd:5f:eb:ca:8b:68:23:
35:25:c5:bc:cb:15:4c:9b:58:4d:ea:a1:90:9e:63:
17:95:f2:95:83:8a:42:7e:fe:1d:61:a2:11:2a:3f:
60:18:7a:3b:53:bc:53:41:e6:e3:59:c7:2d:d1:4e:
62:27:da:6e:a8:65:df:a7:f3:a4:2f:36:8d:68:a3:
e6:da:4d:9b:fc:06:12:82:c1:6e:66:9a:8f:ff:29:
b8:78:bb:b0:8a:23:7c:26:24:f1:cb:b3:34:59:f0:
9c:2b:99:f8:8e:07:f8:89:95:be:f0:fd:81:65:53:
1a:fc:a8:c8:09:52:89:be:00:01:92:7c:68:eb:f9:
40:97:6a:dc:11:c2:e2:bb:0c:b8:e8:9c:19:8d:6b:
c6:31:41:7c:20:67:56:11:95:5e:c7:86:ad:32:ec:
35:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:3E:96:1B:86:52:DB:5B:BE:13:2D:67:E5:73:40:38:BD:C3:95:77
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e38322e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.82.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:96:1c:c0:1e:51:b7:a6:8f:21:e5:60:fa:3a:e3:29:8e:e9:
6f:1b:82:f4:62:c5:ea:4c:00:17:af:06:6c:b8:7a:a4:a1:e0:
50:c7:5a:3b:ca:2f:2d:9d:c4:95:f0:32:b1:98:e3:9d:91:ec:
ea:52:74:ae:aa:54:c4:23:d9:95:ab:e4:e3:ef:21:0b:b9:6f:
c1:70:5c:10:ec:19:7d:fb:d7:c2:cf:8c:de:29:81:26:4d:7e:
76:89:e9:5b:6d:d9:f5:d3:c2:31:0b:a0:f0:e7:a8:f6:81:e2:
44:a1:0c:3a:b3:12:d8:f7:18:c6:10:bf:25:16:37:a7:a6:b2:
66:cd:66:b0:0c:85:a4:e0:b7:a6:12:ea:4b:9c:b3:d6:26:ce:
01:4c:8c:c5:9d:08:6a:53:4d:c3:bd:06:a2:6a:f6:a2:95:71:
cb:66:ca:c3:14:8c:6b:c4:3b:8d:3d:30:61:b8:c1:4b:d1:de:
e4:aa:95:23:45:29:57:5a:cb:ed:8b:a7:53:19:f5:d6:3d:5a:
52:99:ed:37:5a:52:e2:8a:63:c6:91:72:45:c1:65:f2:f5:f1:
23:2b:0a:52:d9:8f:5a:e7:72:9a:f3:ed:e8:09:dc:70:c5:99:
8c:ad:01:15:da:c9:c6:3d:36:19:82:a0:da:3e:50:aa:13:15:
1d:dd:bc:a0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYH1FFRz0Hb0DoRxjKcUFCiOluIwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDkwOTAyMjJaFw0yNjEwMDgwOTA3MjJaMDMxMTAvBgNV
BAMTKDFEM0U5NjFCODY1MkRCNUJCRTEzMkQ2N0U1NzM0MDM4QkRDMzk1NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA0BslwOkSnATkDBxvrIlc8U3K
N5WvIQi4EIxFUCgCp3r+6uvSXOmkopx3ZGseYo80VoJ/v46Ufxls18ctX4YVKWx3
nh00oksiLxo6ZGLnKfy+Uy8HTx2voV6LQ5vymvG/vV/ryotoIzUlxbzLFUybWE3q
oZCeYxeV8pWDikJ+/h1hohEqP2AYejtTvFNB5uNZxy3RTmIn2m6oZd+n86QvNo1o
o+baTZv8BhKCwW5mmo//Kbh4u7CKI3wmJPHLszRZ8JwrmfiOB/iJlb7w/YFlUxr8
qMgJUom+AAGSfGjr+UCXatwRwuK7DLjonBmNa8YxQXwgZ1YRlV7Hhq0y7DVrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHT6WG4ZS21u+Ey1n5XNAOL3DlXcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzODMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBSMA0GCSqGSIb3DQEBCwUAA4IBAQCPlhzAHlG3po8h5WD6OuMpjulvG4L0YsXq
TAAXrwZsuHqkoeBQx1o7yi8tncSV8DKxmOOdkezqUnSuqlTEI9mVq+Tj7yELuW/B
cFwQ7Bl9+9fCz4zeKYEmTX52ielbbdn108IxC6Dw56j2geJEoQw6sxLY9xjGEL8l
FjenprJmzWawDIWk4LemEupLnLPWJs4BTIzFnQhqU03DvQaiavailXHLZsrDFIxr
xDuNPTBhuMFL0d7kqpUjRSlXWsvti6dTGfXWPVpSme03WlLiimPGkXJFwWXy9fEj
KwpS2Y9a53Ka8+3oCdxwxZmMrQEV2snGPTYZgqDaPlCqExUd3byg
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:29:08 2025 by rpki-client