Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139332e302f32342d3234203d3e2033323537.roa
File: 3231372e3231372e3139332e302f32342d3234203d3e2033323537.roa (raw, json)
Hash identifier: +2ExB4s4jDfSsPRCSN6ehgVCPBCa/+96YWLTrVPM/l4=
Subject key identifier: 21:46:E9:1E:24:93:E1:74:83:DB:CB:2C:A1:8A:98:63:AE:38:C5:74
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 27CB4FAF54B44312CA13C26E27D4B66A917BF9C2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139332e302f32342d3234203d3e2033323537.roa
Signing time: Thu 04 Sep 2025 07:03:44 +0000
ROA not before: Thu 04 Sep 2025 06:58:44 +0000
ROA not after: Thu 03 Sep 2026 07:03:44 +0000
asID: 3257
IP address blocks: 217.217.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:cb:4f:af:54:b4:43:12:ca:13:c2:6e:27:d4:b6:6a:91:7b:f9:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 4 06:58:44 2025 GMT
Not After : Sep 3 07:03:44 2026 GMT
Subject: CN=2146E91E2493E17483DBCB2CA18A9863AE38C574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3d:f1:09:f2:d7:62:40:47:c2:35:ef:2d:b8:
86:7e:b6:ab:fb:be:3e:dc:43:63:22:e8:62:ee:d2:
ee:70:8f:de:9a:9f:be:ef:02:e7:ee:50:32:75:c4:
af:05:fd:3b:d4:3d:61:c0:61:ac:84:68:ce:12:fa:
8f:ee:d1:64:23:77:41:60:68:5b:57:fb:eb:79:bb:
33:48:22:f4:66:6c:37:7a:81:22:20:0e:13:d8:cd:
f1:0b:18:4d:cb:fc:f6:83:cf:f0:20:d0:58:1f:29:
5d:c7:32:84:d0:40:ed:e7:71:73:cf:1b:2d:cb:d5:
69:e4:cd:36:99:a9:b0:35:02:31:ce:e0:29:42:6f:
64:62:b0:ae:fb:3f:1b:39:d2:40:80:79:a1:c9:9b:
a3:5e:1b:42:c2:1e:ad:5b:c9:89:0c:a9:fe:a7:1a:
ce:8e:72:00:5c:6c:8a:4a:fb:a6:1b:4b:e9:6e:30:
57:5d:43:ec:17:4d:aa:31:d2:f1:47:af:19:3c:0c:
63:58:9b:80:1f:e1:fd:55:38:8f:af:53:6f:e7:c6:
ae:18:59:0e:9d:37:ba:83:be:de:27:87:96:f9:7e:
71:15:96:46:3c:f2:8d:40:a0:ac:ac:e8:32:bd:4b:
97:ab:fd:e4:7f:f5:f7:3c:31:8b:0c:68:c5:b0:7b:
e2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:46:E9:1E:24:93:E1:74:83:DB:CB:2C:A1:8A:98:63:AE:38:C5:74
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3139332e302f32342d3234203d3e2033323537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.193.0/24
Signature Algorithm: sha256WithRSAEncryption
89:9f:f3:cc:2e:67:7e:4a:a1:87:d2:f2:fe:40:ec:a7:f8:3e:
b0:db:a5:f5:22:41:75:9d:6d:0d:12:97:18:12:f1:bf:e7:7d:
b5:75:e8:35:e5:fc:e0:c9:96:e2:45:81:da:ff:1a:e4:e9:dd:
82:a4:33:40:7d:14:58:f4:5a:a0:98:13:00:89:a7:6a:c9:a7:
25:ef:8c:3c:a4:57:60:ff:2e:b1:16:44:60:e1:93:be:7b:19:
aa:bb:9b:e7:c0:7b:e4:ed:cb:2a:9e:3b:7f:cf:23:30:2c:fa:
5d:4c:06:50:d1:73:b9:ff:29:14:e0:9b:f4:c6:83:c9:47:b8:
f6:ae:74:6e:24:91:1d:a8:a5:2e:c6:0b:23:76:75:6e:04:55:
93:83:30:5a:4a:11:01:55:4b:6a:a0:9c:7c:8e:b1:27:7b:06:
cb:9c:ee:62:02:21:ea:22:bc:20:05:53:9b:ea:46:8e:b0:f7:
b2:d6:38:ff:98:69:22:06:59:7a:ba:2d:16:06:7b:4e:d1:c8:
23:2e:57:d0:18:33:cf:d8:72:62:9c:6f:27:cc:4e:47:f1:65:
8b:d6:71:7b:65:d3:ab:36:51:5b:14:01:08:3e:d9:76:8b:53:
3a:65:33:61:6c:1b:c0:89:16:4d:83:16:fb:02:f9:da:f3:ea:
57:6a:c1:b5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJ8tPr1S0QxLKE8JuJ9S2apF7+cIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDQwNjU4NDRaFw0yNjA5MDMwNzAzNDRaMDMxMTAvBgNV
BAMTKDIxNDZFOTFFMjQ5M0UxNzQ4M0RCQ0IyQ0ExOEE5ODYzQUUzOEM1NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKPfEJ8tdiQEfCNe8tuIZ+tqv7
vj7cQ2Mi6GLu0u5wj96an77vAufuUDJ1xK8F/TvUPWHAYayEaM4S+o/u0WQjd0Fg
aFtX++t5uzNIIvRmbDd6gSIgDhPYzfELGE3L/PaDz/Ag0FgfKV3HMoTQQO3ncXPP
Gy3L1WnkzTaZqbA1AjHO4ClCb2RisK77Pxs50kCAeaHJm6NeG0LCHq1byYkMqf6n
Gs6OcgBcbIpK+6YbS+luMFddQ+wXTaox0vFHrxk8DGNYm4Af4f1VOI+vU2/nxq4Y
WQ6dN7qDvt4nh5b5fnEVlkY88o1AoKys6DK9S5er/eR/9fc8MYsMaMWwe+INAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIUbpHiST4XSD28ssoYqYY644xXQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMx
MzkzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dnBMA0GCSqGSIb3DQEBCwUAA4IBAQCJn/PMLmd+SqGH0vL+QOyn+D6w26X1IkF1
nW0NEpcYEvG/5321deg15fzgyZbiRYHa/xrk6d2CpDNAfRRY9FqgmBMAiadqyacl
74w8pFdg/y6xFkRg4ZO+exmqu5vnwHvk7csqnjt/zyMwLPpdTAZQ0XO5/ykU4Jv0
xoPJR7j2rnRuJJEdqKUuxgsjdnVuBFWTgzBaShEBVUtqoJx8jrEnewbLnO5iAiHq
IrwgBVOb6kaOsPey1jj/mGkiBll6ui0WBntO0cgjLlfQGDPP2HJinG8nzE5H8WWL
1nF7ZdOrNlFbFAEIPtl2i1M6ZTNhbBvAiRZNgxb7Avna8+pXasG1
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:52:08 2025 by rpki-client