Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37312e302f32342d3234203d3e20323132323338.roa
File: 3231322e39372e37312e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: co37KjOmPsRve7VVxi/SpqgZUr9B+Ia4I4NBIzfOqAE=
Subject key identifier: 73:90:A7:89:52:86:63:5D:8F:89:05:60:7C:A8:AF:3F:B2:08:E3:73
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7277E45F01F9A58631448B1FAF99166F76926E07
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37312e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 28 Aug 2025 20:49:58 +0000
ROA not before: Thu 28 Aug 2025 20:44:58 +0000
ROA not after: Thu 27 Aug 2026 20:49:58 +0000
asID: 212238
IP address blocks: 212.97.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:77:e4:5f:01:f9:a5:86:31:44:8b:1f:af:99:16:6f:76:92:6e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 20:44:58 2025 GMT
Not After : Aug 27 20:49:58 2026 GMT
Subject: CN=7390A7895286635D8F8905607CA8AF3FB208E373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:75:cf:db:03:71:6d:0f:73:be:75:9c:c8:3a:
5f:b0:b0:4c:13:b8:b2:83:bc:81:0c:d7:ff:ec:2c:
d2:52:ba:6b:63:a5:63:ed:49:09:16:e2:fa:06:59:
f5:5a:3b:89:2b:57:e6:8b:97:6f:20:3e:00:e4:49:
be:23:c8:e4:fa:2e:df:bc:1d:f8:75:38:af:0f:e0:
f5:24:85:ce:2c:af:7a:ec:70:a2:fd:88:6b:86:c2:
52:b7:79:bc:91:a8:2f:93:c2:db:28:29:5c:a1:1a:
3e:c0:c4:d5:45:30:0a:9c:8e:47:cc:cb:63:86:c0:
02:a4:3e:a3:e5:48:6a:5c:5e:5d:3e:d2:75:da:0e:
e8:79:17:62:32:5a:3d:97:ad:da:6f:59:0f:29:eb:
ce:ed:1a:5b:3f:4a:cf:ee:84:c0:a9:ce:e1:25:ab:
2f:96:7b:88:b0:1f:4c:0b:a2:a4:f5:e6:18:d6:0e:
87:a5:5c:c4:ec:f0:4e:de:8a:8f:4f:e4:85:70:e3:
d2:a8:5d:4a:0d:73:3d:50:ad:7b:35:95:c1:21:af:
a8:a5:b6:3b:82:af:91:1d:08:c6:f1:e2:9f:e3:0c:
5b:fb:ad:b0:df:e9:b0:f4:2c:58:ff:bc:6d:56:0e:
fc:40:c0:8d:3f:fe:ff:b9:a2:75:99:c9:01:c9:fc:
50:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:90:A7:89:52:86:63:5D:8F:89:05:60:7C:A8:AF:3F:B2:08:E3:73
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37312e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.97.71.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:76:9b:95:58:e0:60:f0:b3:b1:f9:2c:e4:7e:21:34:1a:35:
46:7c:36:5a:e9:60:d0:dc:fc:67:a6:63:e8:d0:7c:3b:9a:95:
56:15:db:cd:8d:80:0c:8e:58:b1:9b:e8:23:0e:ea:87:b0:28:
17:8b:bd:ce:25:e1:a5:65:71:68:6a:e2:10:f7:26:f8:e6:a2:
90:29:5a:75:e6:df:9a:c3:3e:9d:b8:75:fc:df:d7:77:e0:16:
e3:e8:28:20:ed:d2:62:9e:e4:2c:90:88:bc:68:62:6d:f9:09:
7b:b0:ca:3f:bd:fd:7c:9e:18:15:57:4d:dd:ea:65:78:da:1b:
bd:62:54:1d:6b:74:00:11:56:a4:91:2f:8d:fe:f6:2d:f2:b7:
b6:3c:c2:00:07:7f:b5:5f:5b:4b:7b:2e:de:44:22:25:90:2a:
6e:43:11:b7:a4:a2:f0:0a:17:ae:85:57:82:9c:0f:2d:19:3d:
e2:72:a9:e3:93:01:6c:12:f2:95:15:31:b9:98:f4:44:18:e9:
a3:84:54:46:c1:27:81:fb:af:cb:94:fd:ca:5f:37:ee:1a:a9:
33:2b:63:93:c2:d5:10:3b:5a:a8:4a:56:66:13:ad:3a:32:84:
7e:81:81:01:9a:1b:b4:f0:de:88:e4:29:0f:36:52:03:71:93:
e8:d7:8c:f0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcnfkXwH5pYYxRIsfr5kWb3aSbgcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjgyMDQ0NThaFw0yNjA4MjcyMDQ5NThaMDMxMTAvBgNV
BAMTKDczOTBBNzg5NTI4NjYzNUQ4Rjg5MDU2MDdDQThBRjNGQjIwOEUzNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcdc/bA3FtD3O+dZzIOl+wsEwT
uLKDvIEM1//sLNJSumtjpWPtSQkW4voGWfVaO4krV+aLl28gPgDkSb4jyOT6Lt+8
Hfh1OK8P4PUkhc4sr3rscKL9iGuGwlK3ebyRqC+TwtsoKVyhGj7AxNVFMAqcjkfM
y2OGwAKkPqPlSGpcXl0+0nXaDuh5F2IyWj2XrdpvWQ8p687tGls/Ss/uhMCpzuEl
qy+We4iwH0wLoqT15hjWDoelXMTs8E7eio9P5IVw49KoXUoNcz1QrXs1lcEhr6il
tjuCr5EdCMbx4p/jDFv7rbDf6bD0LFj/vG1WDvxAwI0//v+5onWZyQHJ/FADAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUc5CniVKGY12PiQVgfKivP7II43MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNzMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1GFHMA0GCSqGSIb3DQEBCwUAA4IBAQCOdpuVWOBg8LOx+SzkfiE0GjVGfDZa6WDQ
3PxnpmPo0Hw7mpVWFdvNjYAMjlixm+gjDuqHsCgXi73OJeGlZXFoauIQ9yb45qKQ
KVp15t+awz6duHX839d34Bbj6Cgg7dJinuQskIi8aGJt+Ql7sMo/vf18nhgVV03d
6mV42hu9YlQda3QAEVakkS+N/vYt8re2PMIAB3+1X1tLey7eRCIlkCpuQxG3pKLw
CheuhVeCnA8tGT3icqnjkwFsEvKVFTG5mPREGOmjhFRGwSeB+6/LlP3KXzfuGqkz
K2OTwtUQO1qoSlZmE606MoR+gYEBmhu08N6I5CkPNlIDcZPo14zw
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:52:55 2025 by rpki-client