Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139322e302f32342d3234203d3e2033323537.roa
File: 3231372e3231372e3139322e302f32342d3234203d3e2033323537.roa (raw, json)
Hash identifier: S6MgeIKkftCgQJqXFLbm7CSLubdb7AXAoD9TTCUbqQk=
Subject key identifier: 21:FB:AA:3C:94:BA:98:5E:2E:6B:34:55:54:7B:34:72:01:FE:F3:90
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0B6AE6C62FFA60730ABB7E4BE63643416546D3B9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139322e302f32342d3234203d3e2033323537.roa
Signing time: Thu 04 Sep 2025 07:03:45 +0000
ROA not before: Thu 04 Sep 2025 06:58:45 +0000
ROA not after: Thu 03 Sep 2026 07:03:45 +0000
asID: 3257
IP address blocks: 217.217.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:6a:e6:c6:2f:fa:60:73:0a:bb:7e:4b:e6:36:43:41:65:46:d3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 4 06:58:45 2025 GMT
Not After : Sep 3 07:03:45 2026 GMT
Subject: CN=21FBAA3C94BA985E2E6B3455547B347201FEF390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:38:f2:a1:db:3c:7a:23:0a:d9:2a:21:93:5f:
fb:49:58:f8:83:b8:76:85:c8:99:17:f1:01:99:29:
70:14:b2:da:7c:51:16:c2:76:6e:c7:b5:ee:29:30:
44:88:28:06:0e:70:84:2f:e1:8b:13:cc:f4:f2:e2:
58:7a:f5:c7:01:b0:83:5e:a3:19:b1:e9:b4:86:18:
7a:1e:16:7e:ed:37:ac:99:c9:86:60:07:78:3a:ed:
af:5a:29:95:b4:2e:62:60:df:a5:6f:a7:73:98:d9:
02:da:55:82:40:df:dc:ae:cd:01:ce:e5:cb:6b:c6:
2f:cb:78:2e:b3:a7:22:d4:1f:fb:bd:09:51:25:22:
41:16:29:f0:16:80:08:0b:89:4c:c9:80:ac:11:59:
7a:ec:2b:34:4c:f2:97:ed:3c:db:20:54:2a:ed:6a:
a9:54:d8:fd:a5:f9:4d:4b:f3:92:1c:04:b7:a3:78:
0c:e5:ab:25:cf:f2:77:40:81:e4:f1:4b:c4:69:d2:
fa:24:ec:0c:c2:de:b2:e3:3b:08:f6:9c:94:ac:b9:
bd:50:d1:a1:88:a0:91:8f:3b:4d:59:4d:6a:92:30:
ca:94:b7:4a:50:dd:be:0e:5f:20:38:de:40:17:a2:
ff:45:fe:cf:da:ef:45:e7:a6:b6:fb:fd:54:78:1a:
c1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FB:AA:3C:94:BA:98:5E:2E:6B:34:55:54:7B:34:72:01:FE:F3:90
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139322e302f32342d3234203d3e2033323537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.192.0/24
Signature Algorithm: sha256WithRSAEncryption
87:6a:8b:a0:8e:d6:6e:81:d8:e5:9d:5b:a4:51:35:74:2a:f5:
c2:b4:3c:8d:6a:0e:2a:cb:c9:73:5d:14:52:f3:f8:0c:7f:89:
7b:48:c3:1a:b7:7a:ec:9a:41:11:9f:97:ce:69:bc:5a:2d:b2:
0f:47:b9:21:a8:62:cd:cf:6b:c2:46:2a:83:d9:2c:37:71:9a:
c2:f6:f1:ac:fe:00:cf:b8:76:27:c6:b1:d1:3d:55:b1:ff:80:
fb:a8:d4:64:00:8d:27:92:46:19:82:86:fa:0a:b4:51:c9:2f:
28:01:b6:46:e0:fd:57:cb:17:2e:1c:be:8b:3a:06:4e:0f:3c:
f6:56:4a:29:e2:9d:cb:5e:be:2d:e1:7f:8e:9e:9b:bf:cf:b7:
98:0f:d9:59:e7:97:a9:25:8f:86:16:02:00:45:a2:60:54:f2:
59:68:cb:23:84:37:e7:5e:e3:d4:9d:16:94:80:85:a7:dc:b0:
f9:0d:ad:f0:e2:9b:8c:40:63:80:1b:48:d4:84:88:3f:cd:1f:
8a:92:7c:94:52:c1:f4:02:63:0e:55:66:ef:84:57:3d:67:ff:
c6:fd:55:60:c3:75:c0:31:25:dd:e5:2e:15:fc:58:b0:f1:76:
8e:fd:43:e5:5f:7b:09:ef:f3:b7:79:3c:56:3c:16:c8:e4:af:
fd:12:15:5e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUC2rmxi/6YHMKu35L5jZDQWVG07kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDQwNjU4NDVaFw0yNjA5MDMwNzAzNDVaMDMxMTAvBgNV
BAMTKDIxRkJBQTNDOTRCQTk4NUUyRTZCMzQ1NTU0N0IzNDcyMDFGRUYzOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpOPKh2zx6IwrZKiGTX/tJWPiD
uHaFyJkX8QGZKXAUstp8URbCdm7Hte4pMESIKAYOcIQv4YsTzPTy4lh69ccBsINe
oxmx6bSGGHoeFn7tN6yZyYZgB3g67a9aKZW0LmJg36Vvp3OY2QLaVYJA39yuzQHO
5ctrxi/LeC6zpyLUH/u9CVElIkEWKfAWgAgLiUzJgKwRWXrsKzRM8pftPNsgVCrt
aqlU2P2l+U1L85IcBLejeAzlqyXP8ndAgeTxS8Rp0vok7AzC3rLjOwj2nJSsub1Q
0aGIoJGPO01ZTWqSMMqUt0pQ3b4OXyA43kAXov9F/s/a70Xnprb7/VR4GsEvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIfuqPJS6mF4uazRVVHs0cgH+85AwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzkzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dnAMA0GCSqGSIb3DQEBCwUAA4IBAQCHaougjtZugdjlnVukUTV0KvXCtDyNag4q
y8lzXRRS8/gMf4l7SMMat3rsmkERn5fOabxaLbIPR7khqGLNz2vCRiqD2Sw3cZrC
9vGs/gDPuHYnxrHRPVWx/4D7qNRkAI0nkkYZgob6CrRRyS8oAbZG4P1XyxcuHL6L
OgZODzz2Vkop4p3LXr4t4X+Onpu/z7eYD9lZ55epJY+GFgIARaJgVPJZaMsjhDfn
XuPUnRaUgIWn3LD5Da3w4puMQGOAG0jUhIg/zR+KknyUUsH0AmMOVWbvhFc9Z//G
/VVgw3XAMSXd5S4V/Fiw8XaO/UPlX3sJ7/O3eTxWPBbI5K/9EhVe
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:44:38 2025 by rpki-client