Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36342e302f32342d3234203d3e20323132323338.roa
File: 3231322e39372e36342e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: NQ0rFkjd1PaXPZMICsCJq8zuph1R6v/TEnCakhRkGrI=
Subject key identifier: 4C:AD:7D:A4:4B:FD:E1:47:9F:C0:A3:C1:0F:9F:6F:E9:AD:2B:FD:B5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2BAD2458F5C75F7D6CC7687CA211EF6B8F632045
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36342e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 28 Aug 2025 20:49:50 +0000
ROA not before: Thu 28 Aug 2025 20:44:50 +0000
ROA not after: Thu 27 Aug 2026 20:49:50 +0000
asID: 212238
IP address blocks: 212.97.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ad:24:58:f5:c7:5f:7d:6c:c7:68:7c:a2:11:ef:6b:8f:63:20:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 20:44:50 2025 GMT
Not After : Aug 27 20:49:50 2026 GMT
Subject: CN=4CAD7DA44BFDE1479FC0A3C10F9F6FE9AD2BFDB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e2:d4:7b:d3:f3:18:78:f2:6d:6c:ca:c3:be:
5e:37:4f:24:88:17:b1:2e:58:d6:8b:fe:72:31:f0:
39:93:ca:a2:e2:80:2d:a8:f9:41:85:70:cf:ba:1d:
c0:1c:ee:96:79:76:9c:eb:ad:89:26:3d:45:b1:36:
35:ef:6a:06:98:a2:e7:51:b8:ff:67:71:f9:eb:a9:
fa:70:81:c3:46:01:38:f4:f0:ae:18:8f:7d:1e:ec:
ec:48:cb:55:25:99:62:ec:c1:4a:48:da:84:67:19:
1d:8f:5a:86:bc:12:ed:59:48:39:1f:26:f7:20:8b:
21:b4:47:99:17:c3:d0:c5:44:17:08:50:2e:58:5c:
9c:76:44:7d:43:72:1f:a0:ab:53:ad:16:9b:0c:18:
c2:52:ca:e8:0f:f5:36:47:c0:5c:fd:63:e8:e4:1d:
54:7e:7e:b9:df:df:14:9a:dc:a6:b2:fc:55:4e:0d:
c9:46:6b:e7:84:bc:ff:14:d9:84:85:cb:a5:ef:fc:
2c:1b:78:e6:96:bd:2e:ec:15:8e:42:f3:2f:3d:84:
4b:65:54:71:39:2d:80:18:ea:eb:9f:86:86:f8:0d:
86:fa:d6:26:79:7b:66:dd:aa:d9:57:e6:72:6d:f1:
3d:d4:60:61:da:e3:d2:b3:bf:b2:e7:32:22:5e:a0:
13:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AD:7D:A4:4B:FD:E1:47:9F:C0:A3:C1:0F:9F:6F:E9:AD:2B:FD:B5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36342e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.64.0/24
Signature Algorithm: sha256WithRSAEncryption
76:72:c5:c4:21:d0:8b:d1:c8:f5:a2:00:9c:a1:76:e2:d4:9b:
bb:b7:1c:8d:09:50:70:93:56:90:6d:fa:1b:35:43:26:36:03:
64:e0:95:2c:82:e4:4f:ca:7d:8b:1a:cc:d6:db:2d:03:3b:34:
3e:e9:1d:b8:bc:2d:00:c9:cb:6d:72:71:fe:33:f6:67:4d:4a:
8c:d9:62:25:e1:37:07:9c:47:6c:6d:49:fc:6d:45:ed:d6:f2:
39:7e:a3:01:7f:07:bf:75:26:d5:8a:ea:fe:db:a7:ab:7c:ee:
0e:ec:a8:3a:4a:72:97:7b:55:f1:12:8e:0a:82:80:5c:80:46:
95:e5:3b:c9:7b:f6:24:bf:0f:88:cc:31:7f:7d:4f:99:98:63:
30:bc:86:c9:42:0b:ed:f4:82:02:0c:e6:43:bd:86:71:bf:dd:
b3:52:03:75:be:b5:03:20:b9:b2:93:c3:5e:8f:50:c7:69:a5:
ac:89:ab:b1:96:e2:65:e1:88:71:12:ff:be:9c:f7:d2:12:05:
e6:fe:6a:d4:f6:25:b5:a1:61:d2:81:19:95:08:7e:7b:d8:b9:
aa:51:62:bd:c0:43:b8:4b:2c:6c:63:5a:c8:a3:1c:45:a5:73:
9a:94:8e:ab:0d:c1:62:17:3a:dc:f3:a9:9f:b0:33:fb:b4:17:
f4:c3:e0:14
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUK60kWPXHX31sx2h8ohHva49jIEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjgyMDQ0NTBaFw0yNjA4MjcyMDQ5NTBaMDMxMTAvBgNV
BAMTKDRDQUQ3REE0NEJGREUxNDc5RkMwQTNDMTBGOUY2RkU5QUQyQkZEQjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC44tR70/MYePJtbMrDvl43TySI
F7EuWNaL/nIx8DmTyqLigC2o+UGFcM+6HcAc7pZ5dpzrrYkmPUWxNjXvagaYoudR
uP9ncfnrqfpwgcNGATj08K4Yj30e7OxIy1UlmWLswUpI2oRnGR2PWoa8Eu1ZSDkf
JvcgiyG0R5kXw9DFRBcIUC5YXJx2RH1Dch+gq1OtFpsMGMJSyugP9TZHwFz9Y+jk
HVR+frnf3xSa3Kay/FVODclGa+eEvP8U2YSFy6Xv/CwbeOaWvS7sFY5C8y89hEtl
VHE5LYAY6uufhob4DYb61iZ5e2bdqtlX5nJt8T3UYGHa49Kzv7LnMiJeoBMpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTK19pEv94UefwKPBD59v6a0r/bUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFAMA0GCSqGSIb3DQEBCwUAA4IBAQB2csXEIdCL0cj1ogCcoXbi1Ju7txyNCVBw
k1aQbfobNUMmNgNk4JUsguRPyn2LGszW2y0DOzQ+6R24vC0AycttcnH+M/ZnTUqM
2WIl4TcHnEdsbUn8bUXt1vI5fqMBfwe/dSbViur+26erfO4O7Kg6SnKXe1XxEo4K
goBcgEaV5TvJe/Ykvw+IzDF/fU+ZmGMwvIbJQgvt9IICDOZDvYZxv92zUgN1vrUD
ILmyk8Nej1DHaaWsiauxluJl4YhxEv++nPfSEgXm/mrU9iW1oWHSgRmVCH572Lmq
UWK9wEO4SyxsY1rIoxxFpXOalI6rDcFiFzrc86mfsDP7tBf0w+AU
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:52:59 2025 by rpki-client