Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3136382e302f32312d3231203d3e203136353039.roa
File: 3231372e3231372e3136382e302f32312d3231203d3e203136353039.roa (raw, json)
Hash identifier: 70kt5s57qR3/1aAxf44AUpWa/uGchj+w07CIVbpzBrk=
Subject key identifier: 7C:C3:4F:DA:FA:23:24:7F:DC:A1:39:74:EC:08:0F:33:91:A0:96:EC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5D815E272C4E96C24043864E16E704C3EC71C337
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3136382e302f32312d3231203d3e203136353039.roa
Signing time: Tue 05 Aug 2025 11:35:10 +0000
ROA not before: Tue 05 Aug 2025 11:30:10 +0000
ROA not after: Tue 04 Aug 2026 11:35:10 +0000
asID: 16509
IP address blocks: 217.217.168.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 03:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:81:5e:27:2c:4e:96:c2:40:43:86:4e:16:e7:04:c3:ec:71:c3:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 5 11:30:10 2025 GMT
Not After : Aug 4 11:35:10 2026 GMT
Subject: CN=7CC34FDAFA23247FDCA13974EC080F3391A096EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c3:5d:39:79:c2:3a:92:ea:d1:0b:22:52:2b:
04:9e:c3:d7:b8:f7:1a:28:0c:74:e0:aa:fe:08:d7:
71:78:55:de:69:72:b7:d6:27:4d:12:d7:e9:39:c6:
7b:a7:4e:e3:ef:7d:ea:ae:bf:5f:43:87:d4:3d:3e:
c1:d6:d8:61:2b:32:28:55:4b:ca:d7:3e:c4:11:34:
b5:dd:ec:e1:fe:98:b4:96:4f:28:7d:3a:66:13:69:
b9:af:80:6a:51:c9:1e:04:41:34:86:a4:17:77:23:
ed:26:82:0c:9d:65:f8:d6:68:51:b0:3d:8b:21:c2:
fb:70:53:64:e0:7d:47:25:1a:38:23:a6:04:59:73:
e5:dd:6e:c9:49:40:07:05:f0:65:e9:9f:96:7e:57:
5d:26:45:8a:71:f9:88:85:eb:f5:cb:c7:2b:06:63:
e8:8e:ff:46:41:18:71:dc:9c:07:e2:be:0f:1b:7e:
24:05:3a:2f:b0:2b:92:60:f0:29:39:c2:7d:03:ac:
92:15:1d:62:de:41:f7:f1:df:98:2c:52:6c:3b:dd:
64:33:d1:07:8b:b8:91:b9:71:a0:bc:ec:89:e5:7d:
aa:82:9c:fe:ee:7a:ed:2d:aa:d1:02:83:a3:9b:69:
49:5b:f5:d2:d8:33:d3:9f:4a:b2:91:64:43:91:5b:
7e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C3:4F:DA:FA:23:24:7F:DC:A1:39:74:EC:08:0F:33:91:A0:96:EC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3136382e302f32312d3231203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.168.0/21
Signature Algorithm: sha256WithRSAEncryption
22:b3:fa:48:1c:83:ae:7b:e4:9d:86:c2:11:c5:36:22:e6:f4:
7d:b3:11:a3:05:f5:64:3e:1e:23:fd:b9:e5:0f:10:50:d7:b2:
e7:c9:d6:8b:94:10:df:27:7a:4e:4f:cd:bc:4b:c5:41:7f:03:
cc:42:ee:81:93:6c:1c:d7:72:ad:9d:9f:4d:84:30:d1:58:4c:
6b:a2:03:8c:25:bd:a9:45:89:83:aa:69:25:4d:61:67:15:5b:
e5:54:b9:3b:6a:4a:0b:10:95:c7:f6:9d:71:ff:1e:29:f1:9d:
f2:bb:26:d1:27:5b:53:d1:d0:35:cc:8e:76:1a:ca:e7:2c:d3:
7c:bd:39:f7:28:0c:58:dd:7f:69:eb:cb:f1:ca:22:87:13:ad:
b2:64:c7:e1:6f:36:1a:87:08:9b:16:e0:13:cd:e0:3b:46:96:
cd:a5:00:4d:a0:6b:d2:5f:d2:f8:a6:a1:09:05:9e:c9:59:b2:
b4:cc:e6:1a:53:ce:ed:7c:66:d8:52:d6:d3:6d:f7:47:fa:dd:
db:f3:87:8f:a9:bd:7b:da:03:9b:fc:7f:bf:c3:4a:ea:92:b5:
e0:2d:25:e0:91:a2:36:45:65:1f:c1:dd:cd:7d:8a:d1:a4:23:
59:48:f9:44:b6:5b:31:c4:b5:dd:dd:72:23:ac:63:6a:18:39:
1a:be:de:2e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXYFeJyxOlsJAQ4ZOFucEw+xxwzcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MDUxMTMwMTBaFw0yNjA4MDQxMTM1MTBaMDMxMTAvBgNV
BAMTKDdDQzM0RkRBRkEyMzI0N0ZEQ0ExMzk3NEVDMDgwRjMzOTFBMDk2RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJw105ecI6kurRCyJSKwSew9e4
9xooDHTgqv4I13F4Vd5pcrfWJ00S1+k5xnunTuPvfequv19Dh9Q9PsHW2GErMihV
S8rXPsQRNLXd7OH+mLSWTyh9OmYTabmvgGpRyR4EQTSGpBd3I+0mggydZfjWaFGw
PYshwvtwU2TgfUclGjgjpgRZc+XdbslJQAcF8GXpn5Z+V10mRYpx+YiF6/XLxysG
Y+iO/0ZBGHHcnAfivg8bfiQFOi+wK5Jg8Ck5wn0DrJIVHWLeQffx35gsUmw73WQz
0QeLuJG5caC87InlfaqCnP7ueu0tqtECg6ObaUlb9dLYM9OfSrKRZEORW37VAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUfMNP2vojJH/coTl07AgPM5GgluwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzYzODJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPZ2agwDQYJKoZIhvcNAQELBQADggEBACKz+kgcg6575J2GwhHFNiLm9H2zEaMF
9WQ+HiP9ueUPEFDXsufJ1ouUEN8nek5PzbxLxUF/A8xC7oGTbBzXcq2dn02EMNFY
TGuiA4wlvalFiYOqaSVNYWcVW+VUuTtqSgsQlcf2nXH/HinxnfK7JtEnW1PR0DXM
jnYayucs03y9OfcoDFjdf2nry/HKIocTrbJkx+FvNhqHCJsW4BPN4DtGls2lAE2g
a9Jf0vimoQkFnslZsrTM5hpTzu18ZthS1tNt90f63dvzh4+pvXvaA5v8f7/DSuqS
teAtJeCRojZFZR/B3c19itGkI1lI+US2WzHEtd3dciOsY2oYORq+3i4=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:40 2025 by rpki-client