Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39312e302f32342d3234203d3e20323132323338.roa
File: 3231322e33322e39312e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 8vEsIGvyj51UU6emEK5vMGx8gsA6ifx6WrPpp8Gks6w=
Subject key identifier: 9A:70:55:D5:2E:19:D3:91:7C:BA:17:BD:D2:AE:1B:16:E3:E2:AA:1E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D5A4C841F058AE4E26C99AF5B4AE4C3F382E7AD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39312e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 09 Oct 2025 09:07:30 +0000
ROA not before: Thu 09 Oct 2025 09:02:30 +0000
ROA not after: Thu 08 Oct 2026 09:07:30 +0000
asID: 212238
IP address blocks: 212.32.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 00:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:5a:4c:84:1f:05:8a:e4:e2:6c:99:af:5b:4a:e4:c3:f3:82:e7:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 09:02:30 2025 GMT
Not After : Oct 8 09:07:30 2026 GMT
Subject: CN=9A7055D52E19D3917CBA17BDD2AE1B16E3E2AA1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:75:fb:f4:2e:c0:91:05:c1:76:f7:dd:a4:bc:
0d:03:3a:b0:a7:78:ef:f7:21:0b:0e:68:07:cc:bc:
20:fa:89:22:17:5c:04:5a:d9:cb:38:74:e7:eb:41:
e0:37:9f:5c:62:9f:7e:26:86:c1:81:fb:cf:df:f9:
c3:0e:d2:9a:22:e3:02:b1:64:7e:de:8d:ed:be:39:
19:a4:41:21:4c:aa:80:7e:b0:7d:5c:58:8a:59:e1:
c0:af:1d:23:02:2d:f3:81:06:3a:9f:6a:97:c8:80:
c8:49:b8:00:fc:64:28:25:15:80:f3:8c:a1:df:ae:
f2:a6:ea:e0:f7:f3:53:9f:bb:12:c5:34:a3:21:ee:
1e:28:94:80:5e:2f:15:a5:8c:8f:8b:7a:bf:e5:c8:
d9:ae:8d:ba:8e:0d:b5:a3:fa:ee:2a:7a:29:81:6a:
63:70:6e:ae:56:39:aa:47:34:7d:a3:08:d6:54:8d:
d6:5d:b5:15:9d:c2:c8:6f:eb:66:ca:21:5d:d6:6c:
c0:45:c8:97:ce:5e:a4:11:3e:3a:dd:e3:61:9b:ea:
c4:c5:e2:82:d0:61:83:dc:fb:49:81:62:5f:7f:02:
f3:e7:04:0c:ea:91:ae:02:16:35:28:2d:ec:f7:a0:
1f:9c:33:a4:9c:00:ea:0d:45:08:b9:95:15:07:cd:
94:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:70:55:D5:2E:19:D3:91:7C:BA:17:BD:D2:AE:1B:16:E3:E2:AA:1E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e33322e39312e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.32.91.0/24
Signature Algorithm: sha256WithRSAEncryption
21:d3:62:11:fe:c2:f2:8e:a8:d4:07:c7:b4:45:e5:53:83:4c:
f9:6d:07:6c:ec:c5:ec:6d:01:d9:bd:16:16:9a:64:83:ab:50:
f6:f9:4b:92:2e:cb:ad:5c:27:44:85:12:4e:b5:e5:e3:05:bc:
85:77:0f:16:3d:a1:27:c4:49:38:b0:73:0d:22:0c:e7:d4:86:
f7:07:d9:c8:66:0e:36:0f:17:0d:56:b4:f4:03:6c:31:af:73:
17:1d:24:88:88:fc:7e:8a:fb:71:8b:93:a9:15:6f:27:1e:f2:
0b:73:23:c1:52:d9:e2:e4:21:f6:7e:f6:a2:d0:ae:bb:b2:a0:
01:d3:b5:c2:06:3f:93:8f:e0:4a:c9:9c:13:00:b8:3e:2a:62:
cf:c2:b9:48:05:8c:e1:94:13:ed:ba:2f:a9:30:52:a7:8b:4d:
ec:a3:f6:ab:f6:52:2a:b0:94:96:10:3f:6b:d6:b7:80:f8:c1:
54:04:3e:71:5d:de:be:12:57:cc:fc:c4:c9:78:34:a5:01:1b:
61:56:b2:30:84:b3:8d:9e:54:b9:f6:21:77:8c:ce:24:41:cf:
20:61:ea:2d:6e:d2:30:b4:bc:91:fd:1a:f7:d1:eb:85:9a:85:
8b:b3:de:71:fb:96:a6:85:c0:82:03:22:53:a8:47:7f:b0:49:
2e:88:32:77
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDVpMhB8FiuTibJmvW0rkw/OC560wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDkwOTAyMzBaFw0yNjEwMDgwOTA3MzBaMDMxMTAvBgNV
BAMTKDlBNzA1NUQ1MkUxOUQzOTE3Q0JBMTdCREQyQUUxQjE2RTNFMkFBMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGdfv0LsCRBcF2992kvA0DOrCn
eO/3IQsOaAfMvCD6iSIXXARa2cs4dOfrQeA3n1xin34mhsGB+8/f+cMO0poi4wKx
ZH7eje2+ORmkQSFMqoB+sH1cWIpZ4cCvHSMCLfOBBjqfapfIgMhJuAD8ZCglFYDz
jKHfrvKm6uD381OfuxLFNKMh7h4olIBeLxWljI+Ler/lyNmujbqODbWj+u4qeimB
amNwbq5WOapHNH2jCNZUjdZdtRWdwshv62bKIV3WbMBFyJfOXqQRPjrd42Gb6sTF
4oLQYYPc+0mBYl9/AvPnBAzqka4CFjUoLez3oB+cM6ScAOoNRQi5lRUHzZQvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmnBV1S4Z05F8uhe90q4bFuPiqh4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzMzMyMmUzOTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1CBbMA0GCSqGSIb3DQEBCwUAA4IBAQAh02IR/sLyjqjUB8e0ReVTg0z5bQds7MXs
bQHZvRYWmmSDq1D2+UuSLsutXCdEhRJOteXjBbyFdw8WPaEnxEk4sHMNIgzn1Ib3
B9nIZg42DxcNVrT0A2wxr3MXHSSIiPx+ivtxi5OpFW8nHvILcyPBUtni5CH2fvai
0K67sqAB07XCBj+Tj+BKyZwTALg+KmLPwrlIBYzhlBPtui+pMFKni03so/ar9lIq
sJSWED9r1reA+MFUBD5xXd6+ElfM/MTJeDSlARthVrIwhLONnlS59iF3jM4kQc8g
YeotbtIwtLyR/Rr30euFmoWLs95x+5amhcCCAyJTqEd/sEkuiDJ3
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:29:09 2025 by rpki-client