Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232332e302f32342d3234203d3e203539343332.roa
File: 3231372e3231372e3232332e302f32342d3234203d3e203539343332.roa (raw, json)
Hash identifier: 8drbRyB+DMlM6UHYiRL6C2nvpjCqo1vyyAsNuZbY2m0=
Subject key identifier: 5E:D1:70:ED:BE:4E:FF:12:9C:77:4A:56:63:FA:35:87:3F:96:70:72
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1414305DACC668CB2574F7C65BFC908E18036FD8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232332e302f32342d3234203d3e203539343332.roa
Signing time: Tue 02 Sep 2025 11:35:39 +0000
ROA not before: Tue 02 Sep 2025 11:30:39 +0000
ROA not after: Tue 01 Sep 2026 11:35:39 +0000
asID: 59432
IP address blocks: 217.217.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:14:30:5d:ac:c6:68:cb:25:74:f7:c6:5b:fc:90:8e:18:03:6f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 2 11:30:39 2025 GMT
Not After : Sep 1 11:35:39 2026 GMT
Subject: CN=5ED170EDBE4EFF129C774A5663FA35873F967072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9e:76:8c:d2:c9:8f:4b:97:e3:2b:9f:e2:d5:
aa:f9:23:8f:d4:4a:dd:95:1f:79:fd:0b:46:9a:be:
72:a2:47:24:55:66:b2:72:36:fb:7f:bc:88:54:13:
02:8f:aa:dc:92:4a:12:b8:00:4b:80:c6:82:b3:03:
6d:a6:1d:10:0d:3e:1c:b9:a9:09:39:7e:84:91:cc:
5c:cb:1b:88:05:9a:21:e3:3b:19:ee:c0:48:a2:0e:
5c:f3:31:fb:d4:86:55:f8:7f:a4:13:97:0f:01:67:
05:4f:8f:8f:d7:5b:01:aa:97:1b:3f:95:b6:e6:19:
b7:d2:90:b3:07:38:fb:de:83:97:ce:ec:8f:2d:f0:
fe:47:a8:66:1e:9c:41:8d:38:f6:db:e5:f1:d0:ba:
71:13:7e:3e:99:56:79:15:f0:96:73:8d:d9:16:f5:
30:12:de:16:df:cc:be:c2:1d:37:57:e4:33:34:06:
c0:a7:f8:d7:89:fb:e2:9b:b7:ff:60:59:9e:2d:4f:
e8:cc:37:43:a0:ab:69:cd:ff:2f:fa:07:fb:62:3d:
61:ad:f2:f8:2e:f8:62:21:45:0d:45:18:77:77:31:
4a:a1:7b:02:93:be:60:bc:4b:00:5a:0b:70:12:8f:
92:95:20:39:3f:d2:dd:8f:9e:8a:90:47:77:7c:f6:
a3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D1:70:ED:BE:4E:FF:12:9C:77:4A:56:63:FA:35:87:3F:96:70:72
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232332e302f32342d3234203d3e203539343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.223.0/24
Signature Algorithm: sha256WithRSAEncryption
85:38:64:91:1b:1e:f2:85:b8:d2:ec:15:a4:79:fa:aa:25:52:
5f:93:69:7a:5c:e7:71:7c:14:d8:7b:f8:dc:f8:45:87:98:2c:
e0:21:5d:01:af:a0:1b:a0:dd:15:f1:51:98:55:cc:46:74:a7:
e2:9c:68:10:37:3e:6e:02:8f:07:e4:33:dd:f5:bf:a5:c3:1f:
f5:a9:3a:04:d0:b9:ca:be:3c:a0:cb:aa:f1:99:37:42:9f:5f:
59:dc:7d:59:52:8d:43:f8:61:c2:97:06:9c:31:99:6e:75:4f:
12:7c:a8:cf:ef:b0:8f:a5:c8:b4:b4:c5:68:6a:41:ce:bb:43:
2d:0a:2c:e5:8a:30:e1:d7:83:39:d1:8e:8e:9a:4b:ad:1f:83:
17:91:54:ea:58:28:23:b5:97:2a:c7:f8:b7:0b:2e:54:24:c0:
be:8a:97:4c:43:69:98:71:6d:4c:94:9a:04:de:ec:23:a4:36:
be:95:47:ac:b3:aa:07:74:ab:5f:2e:a2:ea:2c:82:e5:d3:fc:
9a:4b:1b:9a:90:f6:e2:2e:99:93:7a:e5:ad:0c:eb:d5:89:6c:
d7:6e:6e:39:ca:2e:c9:08:59:27:f6:41:48:4b:f6:d7:4d:77:
2e:62:f9:40:10:04:bf:98:9a:f2:bc:2a:64:73:98:90:da:db:
5f:f3:dc:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFBQwXazGaMsldPfGW/yQjhgDb9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDIxMTMwMzlaFw0yNjA5MDExMTM1MzlaMDMxMTAvBgNV
BAMTKDVFRDE3MEVEQkU0RUZGMTI5Qzc3NEE1NjYzRkEzNTg3M0Y5NjcwNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+nnaM0smPS5fjK5/i1ar5I4/U
St2VH3n9C0aavnKiRyRVZrJyNvt/vIhUEwKPqtySShK4AEuAxoKzA22mHRANPhy5
qQk5foSRzFzLG4gFmiHjOxnuwEiiDlzzMfvUhlX4f6QTlw8BZwVPj4/XWwGqlxs/
lbbmGbfSkLMHOPveg5fO7I8t8P5HqGYenEGNOPbb5fHQunETfj6ZVnkV8JZzjdkW
9TAS3hbfzL7CHTdX5DM0BsCn+NeJ++Kbt/9gWZ4tT+jMN0Ogq2nN/y/6B/tiPWGt
8vgu+GIhRQ1FGHd3MUqhewKTvmC8SwBaC3ASj5KVIDk/0t2PnoqQR3d89qM/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXtFw7b5O/xKcd0pWY/o1hz+WcHIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzIzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzkzNDMzMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2d8wDQYJKoZIhvcNAQELBQADggEBAIU4ZJEbHvKFuNLsFaR5+qolUl+TaXpc
53F8FNh7+Nz4RYeYLOAhXQGvoBug3RXxUZhVzEZ0p+KcaBA3Pm4CjwfkM931v6XD
H/WpOgTQucq+PKDLqvGZN0KfX1ncfVlSjUP4YcKXBpwxmW51TxJ8qM/vsI+lyLS0
xWhqQc67Qy0KLOWKMOHXgznRjo6aS60fgxeRVOpYKCO1lyrH+LcLLlQkwL6Kl0xD
aZhxbUyUmgTe7COkNr6VR6yzqgd0q18uouosguXT/JpLG5qQ9uIumZN65a0M69WJ
bNdubjnKLskIWSf2QUhL9tdNdy5i+UAQBL+YmvK8KmRzmJDa21/z3Bw=
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:35:24 2025 by rpki-client