Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3136382e302f32312d3234203d3e203230333236.roa
File: 3231372e3231362e3136382e302f32312d3234203d3e203230333236.roa (raw, json)
Hash identifier: ZDJ63kVezd2EiRCAtK2mZLWFNrjDv86nQENR1TjPQ+o=
Subject key identifier: 2F:6F:E1:C4:3A:6D:DF:15:93:A4:29:C6:CA:DA:17:99:3B:74:C2:AB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3A5A508AD017845A8045EA518FAA486FAFBF7F6E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3136382e302f32312d3234203d3e203230333236.roa
Signing time: Mon 13 Oct 2025 10:07:01 +0000
ROA not before: Mon 13 Oct 2025 10:02:01 +0000
ROA not after: Mon 12 Oct 2026 10:07:01 +0000
asID: 20326
IP address blocks: 217.216.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 00:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:5a:50:8a:d0:17:84:5a:80:45:ea:51:8f:aa:48:6f:af:bf:7f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 13 10:02:01 2025 GMT
Not After : Oct 12 10:07:01 2026 GMT
Subject: CN=2F6FE1C43A6DDF1593A429C6CADA17993B74C2AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:0a:b5:27:f8:8f:ed:0b:9b:09:dc:fd:de:f2:
3e:ca:3d:31:51:29:95:b6:d7:de:0d:43:7f:df:66:
f3:96:b6:95:d6:bd:d3:19:bf:78:4f:e6:0e:9a:a7:
f3:9e:a2:37:24:30:d9:11:37:a6:0b:93:a4:d0:ae:
72:bb:56:87:b6:3c:15:e7:73:7b:da:d1:14:21:d6:
be:ae:f5:13:11:d5:70:16:0c:a3:bf:a9:a3:0e:2c:
84:b1:35:fe:16:4b:50:39:91:ed:97:92:08:7c:74:
94:f5:31:32:70:86:9b:3f:67:91:60:7d:e7:f4:6d:
a4:a5:bb:ed:3c:ce:91:69:d4:73:64:06:e6:45:2c:
6c:ce:96:86:37:21:e1:4a:5a:2d:1b:ac:18:fb:7e:
6b:2b:2c:6d:e5:34:db:ea:70:9d:ab:85:d6:89:9a:
38:f8:63:62:dd:b3:a9:a0:78:98:9f:e4:94:1e:d8:
b5:49:74:7c:cc:77:6e:b9:35:d2:d2:9a:76:3f:c2:
81:15:4b:4f:ac:c3:04:54:57:bf:16:54:29:88:08:
3b:c5:96:fc:5c:86:41:00:ad:92:51:56:52:19:0d:
8c:6e:2e:99:06:d6:f0:78:6d:ad:f8:94:2b:44:02:
ec:c0:4f:90:ff:ec:5d:7d:20:91:fb:d4:7f:c6:4e:
30:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:6F:E1:C4:3A:6D:DF:15:93:A4:29:C6:CA:DA:17:99:3B:74:C2:AB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3136382e302f32312d3234203d3e203230333236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.168.0/21
Signature Algorithm: sha256WithRSAEncryption
6b:e4:c8:37:9b:93:7d:81:49:14:ec:2a:71:a5:c5:67:02:a0:
5a:19:60:33:93:d7:48:44:64:a9:27:da:06:2e:41:bc:e6:36:
ac:35:97:a2:76:e9:e8:90:4c:db:17:d4:56:20:52:0e:f1:70:
3a:e6:22:f2:f0:9e:99:8e:bd:7d:22:b2:5b:3a:31:78:51:e7:
67:e9:3c:d8:d8:12:3d:71:0e:70:cc:b7:5e:87:aa:62:4c:16:
1d:83:84:56:1f:0b:7a:0f:79:e1:e5:9a:73:3c:f5:35:0c:f9:
3d:57:40:a8:fc:a8:26:15:6e:cc:c5:c7:f2:ea:a6:f4:c1:b9:
34:a8:ad:ac:b5:e6:46:36:45:47:e4:80:7b:aa:e0:2f:7a:3f:
c2:95:cc:9e:79:5d:c0:e7:cf:9c:2e:cd:ba:7e:d6:56:c9:98:
c2:14:8d:b2:e4:81:54:8e:18:1e:7d:03:73:2d:73:10:0a:97:
6d:0b:47:ff:a8:82:88:48:82:39:ee:3e:51:41:c3:05:ea:05:
48:9e:23:ea:d9:d2:0b:04:45:62:78:ed:2e:85:26:68:4e:18:
ba:c5:e6:00:99:c7:34:a9:7e:23:44:54:11:61:73:84:9b:69:
34:3c:a3:d5:ba:3b:c3:ca:60:db:c6:0d:55:d8:1a:26:81:1c:
55:45:61:e8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOlpQitAXhFqARepRj6pIb6+/f24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMTMxMDAyMDFaFw0yNjEwMTIxMDA3MDFaMDMxMTAvBgNV
BAMTKDJGNkZFMUM0M0E2RERGMTU5M0E0MjlDNkNBREExNzk5M0I3NEMyQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDICrUn+I/tC5sJ3P3e8j7KPTFR
KZW2194NQ3/fZvOWtpXWvdMZv3hP5g6ap/OeojckMNkRN6YLk6TQrnK7Voe2PBXn
c3va0RQh1r6u9RMR1XAWDKO/qaMOLISxNf4WS1A5ke2Xkgh8dJT1MTJwhps/Z5Fg
fef0baSlu+08zpFp1HNkBuZFLGzOloY3IeFKWi0brBj7fmsrLG3lNNvqcJ2rhdaJ
mjj4Y2Lds6mgeJif5JQe2LVJdHzMd265NdLSmnY/woEVS0+swwRUV78WVCmICDvF
lvxchkEArZJRVlIZDYxuLpkG1vB4ba34lCtEAuzAT5D/7F19IJH71H/GTjCFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUL2/hxDpt3xWTpCnGytoXmTt0wqswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzYzODJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzAzMzMyMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPZ2KgwDQYJKoZIhvcNAQELBQADggEBAGvkyDebk32BSRTsKnGlxWcCoFoZYDOT
10hEZKkn2gYuQbzmNqw1l6J26eiQTNsX1FYgUg7xcDrmIvLwnpmOvX0isls6MXhR
52fpPNjYEj1xDnDMt16HqmJMFh2DhFYfC3oPeeHlmnM89TUM+T1XQKj8qCYVbszF
x/LqpvTBuTSoray15kY2RUfkgHuq4C96P8KVzJ55XcDnz5wuzbp+1lbJmMIUjbLk
gVSOGB59A3MtcxAKl20LR/+ogohIgjnuPlFBwwXqBUieI+rZ0gsERWJ47S6FJmhO
GLrF5gCZxzSpfiNEVBFhc4SbaTQ8o9W6O8PKYNvGDVXYGiaBHFVFYeg=
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:10:32 2025 by rpki-client