Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231342e302f32342d3234203d3e2033323537.roa
File: 3231372e3231372e3231342e302f32342d3234203d3e2033323537.roa (raw, json)
Hash identifier: BYnql/aEI51un4jol0GRCflHFcklDEhkF3ens/yS87o=
Subject key identifier: 65:33:DA:02:38:3F:81:55:17:54:79:06:2F:40:01:8C:A8:BE:EB:9E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 41A84CB137EFE96069EBEEC9B6D508227907EF59
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231342e302f32342d3234203d3e2033323537.roa
Signing time: Thu 04 Sep 2025 07:03:29 +0000
ROA not before: Thu 04 Sep 2025 06:58:29 +0000
ROA not after: Thu 03 Sep 2026 07:03:29 +0000
asID: 3257
IP address blocks: 217.217.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:a8:4c:b1:37:ef:e9:60:69:eb:ee:c9:b6:d5:08:22:79:07:ef:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 4 06:58:29 2025 GMT
Not After : Sep 3 07:03:29 2026 GMT
Subject: CN=6533DA02383F8155175479062F40018CA8BEEB9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:22:91:ab:64:07:6f:eb:df:80:31:5e:2e:4a:
ae:31:ca:4f:a1:08:af:dd:21:c8:31:7a:af:c3:c7:
00:a3:6c:50:1f:64:6d:da:65:7e:c9:8b:fe:39:90:
74:12:ef:cc:c3:89:79:5d:a0:66:d2:54:82:37:0d:
8f:b4:98:dd:2a:74:da:6d:a6:0f:ae:65:e2:54:69:
a3:49:fb:e6:7b:32:fd:0d:dd:12:b8:55:9e:51:f6:
4f:9f:e5:fa:64:8c:e7:5d:35:c1:35:f1:33:04:31:
29:3e:db:7a:29:27:b1:7e:38:40:2a:ed:66:77:96:
36:f2:ab:18:20:72:65:7c:16:93:68:d6:04:2a:5e:
c8:b5:e9:08:7e:fa:65:98:3b:4a:d2:4b:fa:58:f1:
1c:8d:4e:17:95:6c:00:e1:bd:62:38:40:83:5f:36:
c4:0d:fb:70:13:44:09:cc:a3:74:93:20:1a:24:af:
44:77:08:6d:5d:3d:33:3d:07:31:4e:74:d6:f7:ed:
a7:f9:79:ef:5f:7c:c8:68:d7:7a:5c:38:e3:b4:d5:
13:9e:90:19:b4:9d:0b:b1:b5:0c:a0:0f:b3:e2:91:
d0:05:3f:7a:cc:a6:d1:a1:f8:b9:80:60:2e:33:a4:
e8:12:80:e9:53:04:0a:cc:db:51:6e:28:24:88:6c:
19:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:33:DA:02:38:3F:81:55:17:54:79:06:2F:40:01:8C:A8:BE:EB:9E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3231342e302f32342d3234203d3e2033323537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.214.0/24
Signature Algorithm: sha256WithRSAEncryption
52:64:29:46:93:13:bd:03:bc:4e:5b:32:22:4c:21:4d:23:4f:
13:3c:9f:c2:6f:dd:9c:52:a4:a0:58:c1:1c:6f:55:ad:da:03:
58:05:62:90:f7:6c:d8:0c:e8:eb:a1:73:da:71:00:2c:0b:87:
a7:7c:ec:20:46:f7:dd:c7:f2:2b:8c:b6:10:75:5c:3a:58:be:
d9:a4:46:06:c8:7f:c8:f7:f2:32:24:9d:34:7f:a0:a6:06:58:
b9:ca:05:ff:28:29:92:08:79:1b:74:09:16:05:95:4a:3f:f3:
f8:02:92:f5:bd:72:2e:bd:1f:dd:cd:a6:55:8d:53:7b:f2:0f:
66:6b:30:a8:db:54:f1:0b:0b:48:34:04:78:f4:93:84:4a:36:
32:a4:1e:4c:7a:56:32:28:8e:f5:83:b9:6e:df:8e:dd:14:6d:
40:a9:77:f4:b9:c2:38:27:f8:d9:1e:78:47:9e:16:39:4f:9d:
09:31:b8:f6:1e:9f:9c:53:e6:32:f3:68:78:2d:b4:ed:89:21:
96:82:74:2f:67:68:18:d2:95:e2:a2:f1:ee:db:9b:58:f4:5d:
e2:8b:3e:8a:fa:f8:0e:43:47:d1:bf:81:9c:c2:6c:60:e7:8b:
ee:36:41:73:ce:4a:3e:93:9e:7a:c7:9a:d2:ee:d4:f3:02:65:
d2:2c:9e:d9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQahMsTfv6WBp6+7JttUIInkH71kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDQwNjU4MjlaFw0yNjA5MDMwNzAzMjlaMDMxMTAvBgNV
BAMTKDY1MzNEQTAyMzgzRjgxNTUxNzU0NzkwNjJGNDAwMThDQThCRUVCOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpIpGrZAdv69+AMV4uSq4xyk+h
CK/dIcgxeq/DxwCjbFAfZG3aZX7Ji/45kHQS78zDiXldoGbSVII3DY+0mN0qdNpt
pg+uZeJUaaNJ++Z7Mv0N3RK4VZ5R9k+f5fpkjOddNcE18TMEMSk+23opJ7F+OEAq
7WZ3ljbyqxggcmV8FpNo1gQqXsi16Qh++mWYO0rSS/pY8RyNTheVbADhvWI4QINf
NsQN+3ATRAnMo3STIBokr0R3CG1dPTM9BzFOdNb37af5ee9ffMho13pcOOO01ROe
kBm0nQuxtQygD7PikdAFP3rMptGh+LmAYC4zpOgSgOlTBArM21FuKCSIbBlJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZTPaAjg/gVUXVHkGL0ABjKi+654wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dnWMA0GCSqGSIb3DQEBCwUAA4IBAQBSZClGkxO9A7xOWzIiTCFNI08TPJ/Cb92c
UqSgWMEcb1Wt2gNYBWKQ92zYDOjroXPacQAsC4enfOwgRvfdx/IrjLYQdVw6WL7Z
pEYGyH/I9/IyJJ00f6CmBli5ygX/KCmSCHkbdAkWBZVKP/P4ApL1vXIuvR/dzaZV
jVN78g9mazCo21TxCwtINAR49JOESjYypB5MelYyKI71g7lu347dFG1AqXf0ucI4
J/jZHnhHnhY5T50JMbj2Hp+cU+Yy82h4LbTtiSGWgnQvZ2gY0pXiovHu25tY9F3i
iz6K+vgOQ0fRv4Gcwmxg54vuNkFzzko+k556x5rS7tTzAmXSLJ7Z
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:52:02 2025 by rpki-client