Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230362e302f32342d3234203d3e2033323537.roa
File: 3231372e3231372e3230362e302f32342d3234203d3e2033323537.roa (raw, json)
Hash identifier: 3hvS0k5nh7RTXBFuv5+Ht3rB6llIR1iVb4+eTIy+RTw=
Subject key identifier: DC:72:80:32:DC:35:83:12:3E:5E:08:16:9A:46:3C:15:2D:7E:8E:81
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 011E64503633E14099F83A0F688E56EE683D77E9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230362e302f32342d3234203d3e2033323537.roa
Signing time: Thu 04 Sep 2025 07:03:34 +0000
ROA not before: Thu 04 Sep 2025 06:58:34 +0000
ROA not after: Thu 03 Sep 2026 07:03:34 +0000
asID: 3257
IP address blocks: 217.217.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 18:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:1e:64:50:36:33:e1:40:99:f8:3a:0f:68:8e:56:ee:68:3d:77:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 4 06:58:34 2025 GMT
Not After : Sep 3 07:03:34 2026 GMT
Subject: CN=DC728032DC3583123E5E08169A463C152D7E8E81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:39:31:f7:55:8c:64:9c:b2:5f:85:bb:26:b6:
5c:bc:3e:c1:25:88:26:a0:10:7e:43:60:db:fa:bf:
49:f6:c7:12:4a:1c:3a:90:cb:e7:4c:37:6d:96:89:
93:91:0e:c6:ac:c2:31:10:93:f6:0f:a9:bf:aa:5e:
32:c9:73:af:3e:98:22:3e:95:14:3f:af:6c:a5:08:
20:44:bd:17:5a:34:f5:85:cc:3c:f0:d2:96:65:1f:
a2:51:e0:47:01:7c:fc:a3:0c:68:6d:1b:65:07:e5:
de:bb:7a:07:40:7e:15:b1:24:17:61:d9:0a:c4:e8:
14:c5:19:8e:b8:86:53:c8:be:61:a6:13:9f:46:fa:
4e:d3:c5:7a:93:1b:64:5f:71:b5:17:ee:db:7f:0a:
c0:73:9e:d1:85:6b:7c:7f:73:b2:b3:83:a3:3f:28:
38:a4:7f:ae:59:94:22:59:dc:bb:2c:16:a4:ee:2a:
c9:a8:62:6d:9d:2d:8c:ce:46:07:a9:1f:68:57:67:
30:c1:d8:19:00:86:e6:e4:f2:c9:52:ba:5c:35:b9:
99:fc:22:c5:c6:1a:74:14:f8:bb:a7:df:17:ce:39:
3c:8a:dc:0b:ff:21:36:42:92:3c:bc:07:e7:97:dc:
52:8c:c5:fc:33:d9:e1:f9:cf:c4:36:15:0d:49:c2:
9f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:72:80:32:DC:35:83:12:3E:5E:08:16:9A:46:3C:15:2D:7E:8E:81
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230362e302f32342d3234203d3e2033323537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.206.0/24
Signature Algorithm: sha256WithRSAEncryption
25:15:0e:d7:87:c8:e0:5d:93:f0:1a:a7:ab:75:20:2a:96:28:
b7:a5:b1:77:42:6f:4b:09:2a:b0:8b:25:60:19:a9:eb:6d:c1:
3c:85:2b:1f:ff:2c:be:62:19:6c:13:f6:53:a6:b1:a6:44:ec:
02:a8:85:1d:1c:8e:81:db:e8:5c:eb:ba:76:3e:30:6a:40:1d:
ba:c5:45:18:9d:33:01:e9:f0:4c:db:fe:4b:ad:c5:d4:65:e6:
d9:47:c1:ef:2b:30:55:cd:19:88:8e:a2:d3:c5:e4:e4:e7:fe:
8b:c2:23:30:81:c7:96:0f:ca:af:26:a1:e1:cd:62:60:8c:92:
d4:3f:a2:79:05:2b:a3:93:5e:85:d4:5a:d7:a1:98:ad:90:91:
41:e8:31:67:94:e0:46:4f:80:d9:94:3b:44:ef:c6:67:2b:33:
f4:a2:8e:08:09:eb:65:71:2c:12:e7:1d:cf:95:6e:1f:c3:e4:
c8:6e:cd:c1:20:3c:bb:41:5e:ca:ba:87:09:9c:64:34:94:bd:
c3:af:29:61:77:02:1d:82:9a:4f:b5:84:6d:4f:bd:98:7e:03:
a2:71:a9:9b:ba:35:dd:b9:a0:60:55:92:bb:b8:ca:04:4d:63:
2a:0c:2d:09:61:0e:b8:d3:e7:ba:ad:d8:7e:79:b8:41:29:a8:
84:74:48:63
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAR5kUDYz4UCZ+DoPaI5W7mg9d+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDQwNjU4MzRaFw0yNjA5MDMwNzAzMzRaMDMxMTAvBgNV
BAMTKERDNzI4MDMyREMzNTgzMTIzRTVFMDgxNjlBNDYzQzE1MkQ3RThFODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmOTH3VYxknLJfhbsmtly8PsEl
iCagEH5DYNv6v0n2xxJKHDqQy+dMN22WiZORDsaswjEQk/YPqb+qXjLJc68+mCI+
lRQ/r2ylCCBEvRdaNPWFzDzw0pZlH6JR4EcBfPyjDGhtG2UH5d67egdAfhWxJBdh
2QrE6BTFGY64hlPIvmGmE59G+k7TxXqTG2RfcbUX7tt/CsBzntGFa3x/c7Kzg6M/
KDikf65ZlCJZ3LssFqTuKsmoYm2dLYzORgepH2hXZzDB2BkAhubk8slSulw1uZn8
IsXGGnQU+Lun3xfOOTyK3Av/ITZCkjy8B+eX3FKMxfwz2eH5z8Q2FQ1Jwp9rAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3HKAMtw1gxI+XggWmkY8FS1+joEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dnOMA0GCSqGSIb3DQEBCwUAA4IBAQAlFQ7Xh8jgXZPwGqerdSAqlii3pbF3Qm9L
CSqwiyVgGanrbcE8hSsf/yy+YhlsE/ZTprGmROwCqIUdHI6B2+hc67p2PjBqQB26
xUUYnTMB6fBM2/5LrcXUZebZR8HvKzBVzRmIjqLTxeTk5/6LwiMwgceWD8qvJqHh
zWJgjJLUP6J5BSujk16F1FrXoZitkJFB6DFnlOBGT4DZlDtE78ZnKzP0oo4ICetl
cSwS5x3PlW4fw+TIbs3BIDy7QV7KuocJnGQ0lL3DrylhdwIdgppPtYRtT72YfgOi
cambujXduaBgVZK7uMoETWMqDC0JYQ640+e6rdh+ebhBKaiEdEhj
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:51:15 2025 by rpki-client