Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232312e302f32342d3234203d3e2033323537.roa
File: 3231372e3231372e3232312e302f32342d3234203d3e2033323537.roa (raw, json)
Hash identifier: 4o+raAHYMDaeTRMQAtjSalZUIYSpAmAbTwTmeGVy6nY=
Subject key identifier: 53:DD:56:F3:1A:03:09:7B:7E:0F:5F:05:8A:7F:D4:B8:89:F5:A6:D0
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 01DE476AB11BBB3C71B3621736BD6CC270109442
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232312e302f32342d3234203d3e2033323537.roa
Signing time: Thu 04 Sep 2025 07:03:24 +0000
ROA not before: Thu 04 Sep 2025 06:58:24 +0000
ROA not after: Thu 03 Sep 2026 07:03:24 +0000
asID: 3257
IP address blocks: 217.217.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:de:47:6a:b1:1b:bb:3c:71:b3:62:17:36:bd:6c:c2:70:10:94:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 4 06:58:24 2025 GMT
Not After : Sep 3 07:03:24 2026 GMT
Subject: CN=53DD56F31A03097B7E0F5F058A7FD4B889F5A6D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6f:a4:cf:54:8b:77:ed:c9:d6:31:ea:27:70:
0e:60:67:61:9c:c8:89:e0:90:37:61:2a:2b:17:d3:
e3:98:54:37:c5:72:85:1d:a7:c4:06:dd:f4:23:64:
8f:24:3f:ac:64:38:4f:af:04:f7:80:86:26:33:af:
d9:f0:94:f6:91:92:04:c2:52:c1:28:ca:12:32:03:
cc:3b:09:fc:f9:61:5d:d6:bf:2c:9f:0a:0e:5d:60:
ca:41:d0:0e:ae:10:88:5e:e5:bf:09:55:7b:19:ff:
7e:2f:8d:15:00:8d:79:e5:9e:d2:c5:9c:55:f8:bc:
a5:3a:f7:a4:5f:5b:13:cb:b8:6a:65:88:83:f1:be:
f4:90:b2:68:87:c7:c6:b3:ad:60:44:79:fb:04:bf:
03:94:f0:bc:aa:d9:47:64:33:d8:13:a2:5e:e5:b4:
82:6a:a1:b0:ec:66:7e:78:84:40:f3:a3:b6:a6:18:
f9:d3:92:90:6d:e5:08:a9:fb:1c:4d:18:19:7b:15:
43:e1:fc:82:72:aa:cc:a7:b8:a4:3b:b5:13:9a:78:
1d:87:f3:15:13:fd:e2:d8:01:76:79:f4:54:16:b0:
de:49:95:c2:23:c8:39:16:3c:36:1f:62:85:eb:0c:
ae:76:31:01:5d:32:be:ea:77:92:6c:43:e1:1f:b5:
63:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DD:56:F3:1A:03:09:7B:7E:0F:5F:05:8A:7F:D4:B8:89:F5:A6:D0
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232312e302f32342d3234203d3e2033323537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.221.0/24
Signature Algorithm: sha256WithRSAEncryption
33:fa:ed:d9:b1:77:f9:43:03:37:fc:09:53:41:a0:30:f9:73:
ff:c2:66:ee:70:85:e7:28:8e:5b:59:41:c9:9f:1c:f1:71:76:
3c:8f:08:da:2c:d1:62:8c:9a:db:74:b9:46:42:96:03:6a:12:
ad:be:93:7c:18:8d:7e:5a:ec:d3:89:10:23:02:9d:51:34:ae:
f6:11:87:84:0a:9c:93:bf:6a:38:3a:6c:9e:c2:0c:98:5e:a5:
7a:0a:69:4b:e2:1a:d0:49:d4:68:89:d2:a3:7e:0f:5c:0a:06:
64:29:eb:a9:0d:77:a0:2f:e9:9c:66:15:c9:6b:8b:6e:7e:84:
b1:76:9e:25:f0:ad:af:68:28:c2:45:9c:e5:54:3f:b1:94:ba:
2b:e9:7f:5d:57:c0:b4:95:9a:cd:28:d4:30:e5:a1:57:bf:c1:
f6:86:8f:ee:45:76:9e:74:27:fb:b7:d7:57:07:e8:b8:37:74:
e1:20:69:4d:e6:68:76:22:50:d7:36:cd:29:2a:73:ee:6e:73:
09:ec:40:2a:8f:e1:41:d4:25:07:50:28:3f:a2:2b:0f:41:58:
2f:56:ec:a4:68:67:86:4a:6e:fc:71:bf:85:f9:54:0e:5c:ec:
1c:26:b4:92:69:15:88:1f:ed:ba:23:9c:69:02:83:63:f5:42:
1b:5d:28:37
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUAd5HarEbuzxxs2IXNr1swnAQlEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDQwNjU4MjRaFw0yNjA5MDMwNzAzMjRaMDMxMTAvBgNV
BAMTKDUzREQ1NkYzMUEwMzA5N0I3RTBGNUYwNThBN0ZENEI4ODlGNUE2RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSb6TPVIt37cnWMeoncA5gZ2Gc
yIngkDdhKisX0+OYVDfFcoUdp8QG3fQjZI8kP6xkOE+vBPeAhiYzr9nwlPaRkgTC
UsEoyhIyA8w7Cfz5YV3WvyyfCg5dYMpB0A6uEIhe5b8JVXsZ/34vjRUAjXnlntLF
nFX4vKU696RfWxPLuGpliIPxvvSQsmiHx8azrWBEefsEvwOU8Lyq2UdkM9gTol7l
tIJqobDsZn54hEDzo7amGPnTkpBt5Qip+xxNGBl7FUPh/IJyqsynuKQ7tROaeB2H
8xUT/eLYAXZ59FQWsN5JlcIjyDkWPDYfYoXrDK52MQFdMr7qd5JsQ+EftWOZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUU91W8xoDCXt+D18Fin/UuIn1ptAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzIzNTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dndMA0GCSqGSIb3DQEBCwUAA4IBAQAz+u3ZsXf5QwM3/AlTQaAw+XP/wmbucIXn
KI5bWUHJnxzxcXY8jwjaLNFijJrbdLlGQpYDahKtvpN8GI1+WuzTiRAjAp1RNK72
EYeECpyTv2o4OmyewgyYXqV6CmlL4hrQSdRoidKjfg9cCgZkKeupDXegL+mcZhXJ
a4tufoSxdp4l8K2vaCjCRZzlVD+xlLor6X9dV8C0lZrNKNQw5aFXv8H2ho/uRXae
dCf7t9dXB+i4N3ThIGlN5mh2IlDXNs0pKnPubnMJ7EAqj+FB1CUHUCg/oisPQVgv
VuykaGeGSm78cb+F+VQOXOwcJrSSaRWIH+26I5xpAoNj9UIbXSg3
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:52:05 2025 by rpki-client