Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230352e302f32342d3234203d3e2033323537.roa
File: 3231372e3231372e3230352e302f32342d3234203d3e2033323537.roa (raw, json)
Hash identifier: /OyG6XQRLPPI5yZFctcrMx/fiBrW4skrkAtCXrSsLHY=
Subject key identifier: CE:ED:3D:F8:34:26:76:56:48:F8:25:91:9B:A8:47:EC:44:2F:F5:FF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3511B839F3DD877967E6B13518EBAE7E1C4FEF50
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230352e302f32342d3234203d3e2033323537.roa
Signing time: Thu 04 Sep 2025 07:03:35 +0000
ROA not before: Thu 04 Sep 2025 06:58:35 +0000
ROA not after: Thu 03 Sep 2026 07:03:35 +0000
asID: 3257
IP address blocks: 217.217.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:11:b8:39:f3:dd:87:79:67:e6:b1:35:18:eb:ae:7e:1c:4f:ef:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 4 06:58:35 2025 GMT
Not After : Sep 3 07:03:35 2026 GMT
Subject: CN=CEED3DF83426765648F825919BA847EC442FF5FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f7:7f:67:a6:f4:0b:67:38:68:68:23:d6:c5:
cd:7d:6c:5f:54:55:b7:77:03:c3:93:8b:69:e9:e6:
85:40:cd:fe:8b:01:85:e0:6b:cd:2b:90:ed:5f:7a:
f0:c6:b5:03:47:24:e3:92:67:f5:3d:5a:56:66:be:
9f:86:0b:7e:59:e2:c0:64:ff:f8:fe:b5:60:08:a0:
6e:e2:70:0f:55:74:69:22:75:7a:1e:5a:4a:1c:56:
1f:83:00:00:af:fd:0f:00:be:7b:57:92:80:fd:fa:
75:b6:21:c8:74:70:d5:43:43:81:1d:9c:07:8a:03:
89:5f:8d:5f:d7:66:c2:86:ca:f5:e4:e0:34:0d:54:
4d:13:7c:04:c0:17:55:81:5d:66:63:a2:79:6f:c1:
6a:a7:34:95:8f:80:e4:62:af:06:63:00:a6:96:b8:
02:15:b7:7f:7a:74:08:ce:e3:3b:12:62:78:3c:af:
70:1a:e5:b9:77:72:02:f3:04:71:89:f2:40:7d:d5:
77:0d:b7:22:f6:9c:0e:fb:f9:7b:45:f9:87:9b:f9:
98:c4:f4:a8:e2:19:96:6d:25:df:7b:d1:9e:45:8d:
6c:31:4a:01:5a:65:dd:62:93:51:da:3e:51:95:49:
e3:94:6b:ad:2b:c2:a3:52:12:df:c4:ac:90:44:1a:
55:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:ED:3D:F8:34:26:76:56:48:F8:25:91:9B:A8:47:EC:44:2F:F5:FF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230352e302f32342d3234203d3e2033323537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.205.0/24
Signature Algorithm: sha256WithRSAEncryption
69:9d:65:ef:aa:be:16:b3:f4:f2:b8:a6:ae:90:f4:a5:7a:eb:
3c:08:13:dd:a5:61:c5:21:9e:d0:bd:1c:a8:43:04:82:a9:5c:
de:ff:f8:99:d4:9c:ee:a0:bb:75:2d:39:a9:96:78:39:2c:9e:
77:a7:a4:fc:4d:d8:d7:7d:67:69:66:f7:47:73:7e:55:13:87:
3c:5c:53:31:f6:e3:63:76:3b:00:70:d0:cf:c9:4d:ee:f0:88:
06:c4:b5:6a:c3:91:68:0c:f7:30:89:20:21:b7:56:e9:e0:91:
b4:32:35:5c:8f:4f:97:f7:af:b6:35:2a:ba:5e:2f:35:6d:8b:
4a:81:04:a3:2b:cc:b4:8f:cb:5a:78:00:bd:c0:88:61:7e:1a:
62:83:bd:88:c3:85:32:1f:cd:51:eb:f6:95:75:25:15:f4:36:
d9:74:e1:c2:5a:a6:0b:b1:ec:22:fa:53:b7:86:60:ca:cd:17:
8c:b8:37:c4:7f:4d:6e:7e:3a:1f:01:40:b1:94:21:af:d9:7e:
e2:ae:d4:86:f1:9d:11:36:a6:1c:4d:42:0f:92:1c:6a:65:9b:
9d:70:cf:1f:3d:4b:06:8e:62:bf:c8:ff:a1:c6:75:7b:bd:5c:
43:17:1c:c4:58:59:89:0e:06:18:ac:20:86:d1:17:bd:23:2d:
b8:85:43:af
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNRG4OfPdh3ln5rE1GOuufhxP71AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDQwNjU4MzVaFw0yNjA5MDMwNzAzMzVaMDMxMTAvBgNV
BAMTKENFRUQzREY4MzQyNjc2NTY0OEY4MjU5MTlCQTg0N0VDNDQyRkY1RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg939npvQLZzhoaCPWxc19bF9U
Vbd3A8OTi2np5oVAzf6LAYXga80rkO1fevDGtQNHJOOSZ/U9WlZmvp+GC35Z4sBk
//j+tWAIoG7icA9VdGkidXoeWkocVh+DAACv/Q8AvntXkoD9+nW2Ich0cNVDQ4Ed
nAeKA4lfjV/XZsKGyvXk4DQNVE0TfATAF1WBXWZjonlvwWqnNJWPgORirwZjAKaW
uAIVt396dAjO4zsSYng8r3Aa5bl3cgLzBHGJ8kB91XcNtyL2nA77+XtF+Yeb+ZjE
9KjiGZZtJd970Z5FjWwxSgFaZd1ik1HaPlGVSeOUa60rwqNSEt/ErJBEGlUNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzu09+DQmdlZI+CWRm6hH7EQv9f8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dnNMA0GCSqGSIb3DQEBCwUAA4IBAQBpnWXvqr4Ws/TyuKaukPSleus8CBPdpWHF
IZ7QvRyoQwSCqVze//iZ1JzuoLt1LTmplng5LJ53p6T8TdjXfWdpZvdHc35VE4c8
XFMx9uNjdjsAcNDPyU3u8IgGxLVqw5FoDPcwiSAht1bp4JG0MjVcj0+X96+2NSq6
Xi81bYtKgQSjK8y0j8taeAC9wIhhfhpig72Iw4UyH81R6/aVdSUV9DbZdOHCWqYL
sewi+lO3hmDKzReMuDfEf01ufjofAUCxlCGv2X7irtSG8Z0RNqYcTUIPkhxqZZud
cM8fPUsGjmK/yP+hxnV7vVxDFxzEWFmJDgYYrCCG0Re9Iy24hUOv
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:51:15 2025 by rpki-client