Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3136302e302f32312d3231203d3e203136353039.roa
File: 3231372e3231372e3136302e302f32312d3231203d3e203136353039.roa (raw, json)
Hash identifier: +S3qi9cKdHjKc4NrdM6/gbIh2Sn68fYJ17j0MXU0HT8=
Subject key identifier: 1B:D1:88:13:3F:2E:6D:2E:36:06:D2:B4:FB:26:A6:93:1F:93:A6:4A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 187008CEDBC69822DFDC76B1DB463D62FC7E0D84
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3136302e302f32312d3231203d3e203136353039.roa
Signing time: Tue 05 Aug 2025 11:34:57 +0000
ROA not before: Tue 05 Aug 2025 11:29:57 +0000
ROA not after: Tue 04 Aug 2026 11:34:57 +0000
asID: 16509
IP address blocks: 217.217.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 03:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:70:08:ce:db:c6:98:22:df:dc:76:b1:db:46:3d:62:fc:7e:0d:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 5 11:29:57 2025 GMT
Not After : Aug 4 11:34:57 2026 GMT
Subject: CN=1BD188133F2E6D2E3606D2B4FB26A6931F93A64A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c2:95:5c:c9:b5:57:0d:cc:67:7a:f2:2e:a9:
70:b6:09:75:da:e0:6d:f8:90:99:c6:30:fb:48:48:
a2:77:bb:4f:d7:5e:a8:52:98:2d:90:13:ca:ba:2c:
55:35:32:9f:c8:dc:ad:12:4d:cd:19:3c:6a:73:3e:
a2:03:28:8c:d6:0b:0d:a3:4f:3b:7d:bc:c6:18:e5:
ce:18:fa:aa:57:45:fa:4d:02:0d:15:9d:e3:dc:00:
9d:01:03:d0:aa:d1:c3:45:e1:42:a1:b1:cc:32:e2:
5a:cb:06:8e:fc:44:1f:c6:08:90:22:b6:59:9a:7a:
e5:57:e2:dc:8c:63:dd:ad:ef:7d:10:f1:b0:94:ce:
4d:4a:f5:20:b0:ec:25:6d:e5:1a:2a:14:d4:0b:0b:
39:ef:20:6e:13:07:3a:00:06:28:f7:74:0f:c9:53:
3e:50:49:0e:ed:93:8a:6e:8f:62:16:c4:3a:1c:ad:
e8:85:53:32:ae:07:c6:99:db:b0:8b:de:0f:b9:0e:
0f:f5:d8:69:c5:6d:b7:ed:29:76:da:2b:d3:f0:b4:
67:c3:cb:f7:c1:30:97:f2:79:41:2e:e5:77:4e:30:
d6:33:62:39:e0:f5:36:4b:f6:58:5c:93:c9:81:8a:
b5:50:58:ab:9e:e6:68:7b:b0:ff:5f:0b:5d:78:6c:
23:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D1:88:13:3F:2E:6D:2E:36:06:D2:B4:FB:26:A6:93:1F:93:A6:4A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3136302e302f32312d3231203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.160.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:09:af:bc:34:37:ba:81:18:3b:e2:a4:d6:9e:2b:0d:98:a8:
ca:47:8d:a4:2f:29:a6:32:a1:ca:19:79:b8:c2:d0:9b:15:2a:
d6:e7:34:29:ea:e9:78:b6:64:ec:13:1b:8f:ee:3c:6f:08:d8:
19:17:dc:19:7c:2e:fb:9f:a7:e4:56:db:e7:a4:5e:65:8b:72:
ad:c7:af:98:c4:ce:3f:d8:df:2d:af:ce:db:02:74:9a:ca:c3:
6a:27:d6:13:4f:c6:37:03:08:55:dd:85:17:f2:5f:15:2f:e8:
5e:69:21:14:c6:f7:69:1c:14:58:47:6d:4b:c6:2c:f6:45:bd:
66:7c:23:ab:67:c7:22:55:b1:f4:5a:cc:68:01:84:f4:d5:e2:
03:28:9a:93:12:cf:a1:20:f5:de:1f:22:a6:7d:0d:23:28:cc:
15:49:84:50:32:28:d8:11:5f:e1:e1:7c:59:b7:3c:d8:4b:45:
6b:d9:41:ff:b3:d7:00:1d:7d:d4:9b:bc:f4:c4:eb:6e:fb:7e:
24:33:4a:1a:8f:92:2d:31:b1:91:8a:23:48:85:b6:08:e0:63:
6d:80:bb:e5:55:5b:36:26:32:87:54:3c:ba:78:39:7b:40:90:
65:2a:24:d3:77:93:ae:db:a1:0b:9c:2a:3c:fc:e9:e4:28:ae:
e0:71:8c:20
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGHAIztvGmCLf3Hax20Y9Yvx+DYQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MDUxMTI5NTdaFw0yNjA4MDQxMTM0NTdaMDMxMTAvBgNV
BAMTKDFCRDE4ODEzM0YyRTZEMkUzNjA2RDJCNEZCMjZBNjkzMUY5M0E2NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfwpVcybVXDcxnevIuqXC2CXXa
4G34kJnGMPtISKJ3u0/XXqhSmC2QE8q6LFU1Mp/I3K0STc0ZPGpzPqIDKIzWCw2j
Tzt9vMYY5c4Y+qpXRfpNAg0VnePcAJ0BA9Cq0cNF4UKhscwy4lrLBo78RB/GCJAi
tlmaeuVX4tyMY92t730Q8bCUzk1K9SCw7CVt5RoqFNQLCznvIG4TBzoABij3dA/J
Uz5QSQ7tk4puj2IWxDocreiFUzKuB8aZ27CL3g+5Dg/12GnFbbftKXbaK9PwtGfD
y/fBMJfyeUEu5XdOMNYzYjng9TZL9lhck8mBirVQWKue5mh7sP9fC114bCMzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUG9GIEz8ubS42BtK0+yamkx+TpkowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzYzMDJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPZ2aAwDQYJKoZIhvcNAQELBQADggEBAHsJr7w0N7qBGDvipNaeKw2YqMpHjaQv
KaYyocoZebjC0JsVKtbnNCnq6Xi2ZOwTG4/uPG8I2BkX3Bl8Lvufp+RW2+ekXmWL
cq3Hr5jEzj/Y3y2vztsCdJrKw2on1hNPxjcDCFXdhRfyXxUv6F5pIRTG92kcFFhH
bUvGLPZFvWZ8I6tnxyJVsfRazGgBhPTV4gMompMSz6Eg9d4fIqZ9DSMozBVJhFAy
KNgRX+HhfFm3PNhLRWvZQf+z1wAdfdSbvPTE6277fiQzShqPki0xsZGKI0iFtgjg
Y22Au+VVWzYmModUPLp4OXtAkGUqJNN3k67boQucKjz86eQoruBxjCA=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:51 2025 by rpki-client