Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3136342e302f32322d3233203d3e20323134363339.roa
File: 3231372e3231362e3136342e302f32322d3233203d3e20323134363339.roa (raw, json)
Hash identifier: qgyzYgIrkBhMQn7Cu0mtH27WQf8kCnuQZUk3WvBpxfc=
Subject key identifier: E7:C6:F4:29:A0:56:B6:A4:26:E9:3F:83:80:D0:DA:14:5C:04:B2:97
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 20595F2307996CC69AC77B537BFA1549BD3E47A5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3136342e302f32322d3233203d3e20323134363339.roa
Signing time: Tue 21 Oct 2025 10:11:45 +0000
ROA not before: Tue 21 Oct 2025 10:06:45 +0000
ROA not after: Tue 20 Oct 2026 10:11:45 +0000
asID: 214639
IP address blocks: 217.216.164.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Nov 2025 06:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:59:5f:23:07:99:6c:c6:9a:c7:7b:53:7b:fa:15:49:bd:3e:47:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 21 10:06:45 2025 GMT
Not After : Oct 20 10:11:45 2026 GMT
Subject: CN=E7C6F429A056B6A426E93F8380D0DA145C04B297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cf:39:45:7b:4c:ab:0c:09:62:33:de:69:6e:
da:15:44:87:dc:09:8e:05:ed:44:0b:36:76:fa:5e:
13:a6:dc:31:2b:40:f2:e9:f8:d0:a3:c5:9b:9b:6b:
5c:50:69:25:70:31:70:1e:2c:61:21:a4:fc:8e:66:
cd:02:fd:8d:d0:cf:01:13:a2:c1:29:ac:5a:23:85:
cc:42:0e:31:aa:93:10:41:93:2f:8c:fc:28:78:f2:
20:60:25:a1:f0:4d:9b:ff:c0:00:5f:c8:8b:ad:4f:
2b:9c:54:55:40:da:b0:36:ce:84:d1:76:4b:41:fb:
2a:e5:fa:32:e1:43:c3:20:f2:46:88:a9:e9:df:5e:
2f:9a:4a:a7:4c:bb:54:c0:c6:25:12:9e:a8:b0:14:
d0:53:d3:e4:56:63:f3:ca:02:7f:17:45:3a:de:5f:
fe:1f:12:fd:2f:43:39:41:59:d4:63:08:b0:63:3d:
c9:36:69:1e:6f:51:14:55:fd:82:65:5d:25:ed:57:
ca:f2:e0:05:ff:0a:8e:16:7d:43:3a:a9:11:38:0c:
e6:4d:88:81:10:b8:51:be:01:6f:73:0f:d0:1e:8a:
c2:79:9d:5f:ac:4d:13:f9:23:17:1c:a0:e6:d1:c3:
0f:7f:ac:96:bd:77:8b:34:a4:1f:7d:30:25:86:55:
eb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:C6:F4:29:A0:56:B6:A4:26:E9:3F:83:80:D0:DA:14:5C:04:B2:97
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3136342e302f32322d3233203d3e20323134363339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.164.0/22
Signature Algorithm: sha256WithRSAEncryption
08:52:e9:0c:7b:25:4a:ab:3c:80:39:94:3b:9e:77:52:1b:52:
9b:db:b5:e7:49:51:31:6d:f3:02:cd:f1:46:74:1c:06:9e:50:
7e:b9:59:1a:80:a4:54:8a:93:6e:4b:55:2d:f1:9f:2c:fa:ed:
3c:a8:f2:13:5f:c8:0d:bd:ff:ba:ee:db:16:af:5e:3f:18:a5:
55:a4:f5:a4:7a:44:1b:72:20:11:74:f3:9c:ae:be:be:21:35:
97:35:76:ed:d1:33:15:a7:2f:05:3b:ed:c5:17:d2:6c:37:48:
e8:87:6c:f8:d0:5b:15:50:c7:77:9d:1c:be:7c:19:97:c3:eb:
39:87:59:2e:d3:0d:e8:f9:86:8d:de:e0:ae:2b:19:d7:e3:7e:
07:ee:8f:75:ff:2e:3a:c7:d5:0c:83:83:8e:99:53:c7:70:94:
ec:25:e1:ae:d4:dc:43:e6:af:b9:4b:ed:7e:7e:81:47:c9:6a:
5a:d3:00:cb:ee:1e:01:93:ed:d3:ca:f9:51:96:5b:64:50:6a:
dc:55:a5:a9:e4:06:0a:f3:8d:64:ec:a4:3f:fa:2b:dd:95:9d:
91:89:8b:8f:7e:0a:04:83:84:32:ab:8f:0a:ff:ea:3c:fc:9e:
11:cf:e3:05:7f:86:fc:88:5b:68:21:e0:c6:cf:f4:3a:03:83:
24:96:34:23
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIFlfIweZbMaax3tTe/oVSb0+R6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMjExMDA2NDVaFw0yNjEwMjAxMDExNDVaMDMxMTAvBgNV
BAMTKEU3QzZGNDI5QTA1NkI2QTQyNkU5M0Y4MzgwRDBEQTE0NUMwNEIyOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnzzlFe0yrDAliM95pbtoVRIfc
CY4F7UQLNnb6XhOm3DErQPLp+NCjxZuba1xQaSVwMXAeLGEhpPyOZs0C/Y3QzwET
osEprFojhcxCDjGqkxBBky+M/Ch48iBgJaHwTZv/wABfyIutTyucVFVA2rA2zoTR
dktB+yrl+jLhQ8Mg8kaIqenfXi+aSqdMu1TAxiUSnqiwFNBT0+RWY/PKAn8XRTre
X/4fEv0vQzlBWdRjCLBjPck2aR5vURRV/YJlXSXtV8ry4AX/Co4WfUM6qRE4DOZN
iIEQuFG+AW9zD9AeisJ5nV+sTRP5IxccoObRww9/rJa9d4s0pB99MCWGVevlAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU58b0KaBWtqQm6T+DgNDaFFwEspcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzYzNDJlMzAyZjMyMzIyZDMyMzMyMDNkM2UyMDMyMzEzNDM2MzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAtnYpDANBgkqhkiG9w0BAQsFAAOCAQEACFLpDHslSqs8gDmUO553UhtSm9u1
50lRMW3zAs3xRnQcBp5QfrlZGoCkVIqTbktVLfGfLPrtPKjyE1/IDb3/uu7bFq9e
PxilVaT1pHpEG3IgEXTznK6+viE1lzV27dEzFacvBTvtxRfSbDdI6Ids+NBbFVDH
d50cvnwZl8PrOYdZLtMN6PmGjd7grisZ1+N+B+6Pdf8uOsfVDIODjplTx3CU7CXh
rtTcQ+avuUvtfn6BR8lqWtMAy+4eAZPt08r5UZZbZFBq3FWlqeQGCvONZOykP/or
3ZWdkYmLj34KBIOEMquPCv/qPPyeEc/jBX+G/IhbaCHgxs/0OgODJJY0Iw==
-----END CERTIFICATE-----
Generated at Sun Nov 2 15:38:27 2025 by rpki-client