Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230372e302f32342d3234203d3e2033323537.roa
File: 3231372e3231372e3230372e302f32342d3234203d3e2033323537.roa (raw, json)
Hash identifier: UEROurwCUwDj8IJwwQXdi0E7SOrpA4cGwDvsvcv9ovw=
Subject key identifier: 14:C7:30:40:E2:13:F9:49:DD:38:04:A0:AC:93:27:79:28:1B:2D:C2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7276FFB2BEEFA59F40A83BDF9DC4D28CE4A2B91D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230372e302f32342d3234203d3e2033323537.roa
Signing time: Thu 04 Sep 2025 07:03:33 +0000
ROA not before: Thu 04 Sep 2025 06:58:33 +0000
ROA not after: Thu 03 Sep 2026 07:03:33 +0000
asID: 3257
IP address blocks: 217.217.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 18:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:76:ff:b2:be:ef:a5:9f:40:a8:3b:df:9d:c4:d2:8c:e4:a2:b9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 4 06:58:33 2025 GMT
Not After : Sep 3 07:03:33 2026 GMT
Subject: CN=14C73040E213F949DD3804A0AC932779281B2DC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ed:2d:a0:58:8c:70:66:9b:df:2e:4d:7e:a9:
e7:5f:11:9d:89:2b:b7:4c:bc:b6:fc:66:89:06:50:
30:e2:93:fd:3f:e6:25:80:de:59:62:32:69:49:b9:
26:48:d7:82:bb:67:ce:f9:09:ee:39:00:ab:da:46:
a4:9d:b1:3a:dc:ce:2d:7b:62:6c:c2:65:5c:67:1c:
48:85:b8:f3:04:12:3f:4a:08:bd:e6:21:e4:72:1c:
e9:0e:04:56:65:0f:72:ba:11:0b:c0:ba:ee:e5:86:
5d:83:24:27:eb:ac:9b:74:6c:a3:b7:2e:a0:50:59:
42:1d:78:0a:18:ff:03:6f:15:f0:82:f3:63:80:5c:
26:4d:b0:ea:78:9d:86:7c:4d:aa:e3:0d:da:b3:11:
b0:41:a0:90:b9:b9:66:c2:0c:e8:db:01:99:c0:80:
59:8a:1d:47:e6:9f:05:a5:f6:f7:b4:3d:04:c6:a9:
a2:56:3e:fb:cf:b4:7c:42:52:71:a1:3f:4e:08:a7:
f3:da:cc:85:d8:69:62:9c:ae:4a:ae:35:e9:14:87:
73:d6:b8:c8:e5:47:4c:1b:c8:88:6a:28:66:16:d8:
aa:67:0f:98:39:6d:69:98:bd:96:87:8e:29:34:7f:
ac:4d:f4:70:c4:28:5d:8d:91:cb:76:37:10:fe:20:
65:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C7:30:40:E2:13:F9:49:DD:38:04:A0:AC:93:27:79:28:1B:2D:C2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3230372e302f32342d3234203d3e2033323537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.207.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:dd:76:0f:0a:8e:a0:b0:b2:44:0c:ce:a6:50:eb:55:0f:eb:
d3:0c:69:35:82:84:77:13:2c:e0:b2:2a:6e:a1:16:6f:f5:01:
16:f7:9f:d6:30:0d:e8:86:be:1e:2d:55:38:2b:86:9f:13:a9:
14:e5:88:0b:d4:00:ba:b1:76:f8:f9:e0:93:91:de:b1:bc:c3:
07:da:dc:98:e0:a4:7d:2d:78:8b:4d:06:27:c6:35:9a:32:cb:
e7:e9:85:40:d0:53:b1:b7:cd:1f:2e:bd:a3:43:f6:2b:56:d9:
b8:d0:c6:42:bd:18:ea:0e:d9:63:6f:17:90:ec:46:bb:ee:84:
60:ff:b0:bf:5b:66:45:b5:15:29:c9:4c:b4:7d:68:b0:a1:fa:
80:3a:5e:d2:0b:fc:80:a7:88:34:31:74:da:f3:f8:09:98:cd:
24:70:af:50:84:8f:e9:bb:b9:71:02:37:b6:e9:71:72:da:55:
56:ea:80:2d:3b:1e:17:8c:8f:11:0b:a0:9a:e9:1a:7c:34:5f:
4d:29:95:78:87:dd:e1:3f:77:d4:9d:7a:67:a0:da:18:25:6a:
57:27:e7:91:51:09:97:4b:23:2a:fa:a9:b8:6a:a6:9d:e1:9a:
92:39:f3:35:40:ed:47:08:f2:28:c2:61:b0:22:a6:3a:5e:71:
0f:7a:49:23
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcnb/sr7vpZ9AqDvfncTSjOSiuR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDQwNjU4MzNaFw0yNjA5MDMwNzAzMzNaMDMxMTAvBgNV
BAMTKDE0QzczMDQwRTIxM0Y5NDlERDM4MDRBMEFDOTMyNzc5MjgxQjJEQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl7S2gWIxwZpvfLk1+qedfEZ2J
K7dMvLb8ZokGUDDik/0/5iWA3lliMmlJuSZI14K7Z875Ce45AKvaRqSdsTrczi17
YmzCZVxnHEiFuPMEEj9KCL3mIeRyHOkOBFZlD3K6EQvAuu7lhl2DJCfrrJt0bKO3
LqBQWUIdeAoY/wNvFfCC82OAXCZNsOp4nYZ8TarjDdqzEbBBoJC5uWbCDOjbAZnA
gFmKHUfmnwWl9ve0PQTGqaJWPvvPtHxCUnGhP04Ip/PazIXYaWKcrkquNekUh3PW
uMjlR0wbyIhqKGYW2KpnD5g5bWmYvZaHjik0f6xN9HDEKF2Nkct2NxD+IGX3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFMcwQOIT+UndOASgrJMneSgbLcIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dnPMA0GCSqGSIb3DQEBCwUAA4IBAQCg3XYPCo6gsLJEDM6mUOtVD+vTDGk1goR3
EyzgsipuoRZv9QEW95/WMA3ohr4eLVU4K4afE6kU5YgL1AC6sXb4+eCTkd6xvMMH
2tyY4KR9LXiLTQYnxjWaMsvn6YVA0FOxt80fLr2jQ/YrVtm40MZCvRjqDtljbxeQ
7Ea77oRg/7C/W2ZFtRUpyUy0fWiwofqAOl7SC/yAp4g0MXTa8/gJmM0kcK9QhI/p
u7lxAje26XFy2lVW6oAtOx4XjI8RC6Ca6Rp8NF9NKZV4h93hP3fUnXpnoNoYJWpX
J+eRUQmXSyMq+qm4aqad4ZqSOfM1QO1HCPIowmGwIqY6XnEPekkj
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:52:03 2025 by rpki-client