Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232342e302f32302d3234203d3e203136353039.roa
File: 3231372e3231372e3232342e302f32302d3234203d3e203136353039.roa (raw, json)
Hash identifier: vVuwKiny0FiAL1w74k29wBITYU6Oz52fkZi5xwpzUt8=
Subject key identifier: 08:55:66:4C:48:FE:DC:BD:D9:25:85:3D:1E:23:CE:2B:54:83:3F:86
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4F235577EEE33D2E532CAE2161A9ABA3B8543519
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232342e302f32302d3234203d3e203136353039.roa
Signing time: Thu 07 Aug 2025 16:06:43 +0000
ROA not before: Thu 07 Aug 2025 16:01:43 +0000
ROA not after: Thu 06 Aug 2026 16:06:43 +0000
asID: 16509
IP address blocks: 217.217.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 03:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:23:55:77:ee:e3:3d:2e:53:2c:ae:21:61:a9:ab:a3:b8:54:35:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 7 16:01:43 2025 GMT
Not After : Aug 6 16:06:43 2026 GMT
Subject: CN=0855664C48FEDCBDD925853D1E23CE2B54833F86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:dc:41:a2:bc:b2:d6:0d:66:3c:3d:57:08:22:
87:46:3e:11:49:01:69:ed:46:93:a7:f6:84:88:18:
4c:16:5c:41:3f:e0:46:74:fb:03:3e:36:5f:f4:d1:
3e:d8:c0:cd:a7:42:db:83:4b:78:20:7f:b0:13:4b:
81:b8:6d:9a:f1:80:67:43:28:e5:e9:cd:80:2c:95:
ba:8e:d7:d0:76:66:04:63:50:11:dd:92:c9:a4:56:
3e:d0:91:dd:ab:aa:3f:a7:c7:98:18:41:c0:9b:20:
ec:3c:5a:27:3d:31:c9:d9:58:32:17:b2:63:d9:57:
fd:9c:1e:21:0d:a1:da:7b:bf:0c:08:c0:72:1c:14:
6d:43:45:d0:21:16:ec:b4:5d:b9:4a:f0:0f:dc:09:
fb:17:53:75:a9:22:01:61:4c:a6:12:62:79:cc:44:
69:19:3b:f3:fb:b3:55:b6:69:27:1e:9e:54:1b:f4:
4b:32:67:45:42:1c:fa:3f:65:b0:62:45:39:a4:5c:
58:74:ec:b7:a1:ad:a2:aa:20:d7:b6:b1:93:8e:01:
1f:0c:4a:0f:38:b4:85:6b:3d:65:ca:32:59:a2:25:
bc:c4:0f:5c:44:84:09:1e:81:af:7d:3d:08:32:a3:
d5:73:4e:c7:4d:b2:4b:a1:45:0c:69:06:94:ba:f4:
5f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:55:66:4C:48:FE:DC:BD:D9:25:85:3D:1E:23:CE:2B:54:83:3F:86
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232342e302f32302d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.224.0/20
Signature Algorithm: sha256WithRSAEncryption
77:be:1c:2a:66:1e:bc:a2:1e:a1:70:cd:bd:59:69:a1:4d:5a:
b9:17:0a:39:61:e9:c1:74:4d:62:37:11:b7:ff:37:30:13:c7:
de:2b:18:2a:fd:29:fc:a0:b9:43:a8:8a:42:4e:c0:8e:68:48:
04:da:7f:20:43:01:1c:47:fb:7b:1d:c7:e4:3f:55:f5:e1:4b:
f5:01:e3:2f:ca:04:16:60:ef:48:33:9e:b8:68:6b:bb:dd:e2:
86:f3:b7:eb:fd:b7:86:bd:76:cc:22:2d:6e:53:7e:8a:48:d9:
b1:fd:32:57:14:a8:06:26:f9:d8:9e:c9:c7:9e:89:07:62:69:
5e:7f:4b:2d:8a:14:7f:9e:9e:31:5e:b2:16:ef:ba:be:5b:6d:
2a:08:83:fd:fd:44:78:45:2d:3a:00:3c:39:42:7b:05:71:58:
ef:db:66:55:6f:cd:19:84:8b:6b:1c:98:72:5f:78:f6:8c:20:
d0:71:e8:04:24:5f:3f:8f:08:b6:32:ab:bd:7d:91:25:29:e0:
0f:38:41:16:53:e5:ba:f0:4b:ad:a1:9c:01:10:7d:f6:8c:74:
fd:2d:dd:78:77:44:a6:ae:d9:49:18:68:45:d3:ec:f3:05:79:
1e:e6:cd:d4:f5:c4:c8:14:01:0d:92:2d:a8:c5:52:a9:e8:f3:
0f:4d:12:09
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTyNVd+7jPS5TLK4hYamro7hUNRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MDcxNjAxNDNaFw0yNjA4MDYxNjA2NDNaMDMxMTAvBgNV
BAMTKDA4NTU2NjRDNDhGRURDQkREOTI1ODUzRDFFMjNDRTJCNTQ4MzNGODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC73EGivLLWDWY8PVcIIodGPhFJ
AWntRpOn9oSIGEwWXEE/4EZ0+wM+Nl/00T7YwM2nQtuDS3ggf7ATS4G4bZrxgGdD
KOXpzYAslbqO19B2ZgRjUBHdksmkVj7Qkd2rqj+nx5gYQcCbIOw8Wic9McnZWDIX
smPZV/2cHiENodp7vwwIwHIcFG1DRdAhFuy0XblK8A/cCfsXU3WpIgFhTKYSYnnM
RGkZO/P7s1W2aScenlQb9EsyZ0VCHPo/ZbBiRTmkXFh07LehraKqINe2sZOOAR8M
Sg84tIVrPWXKMlmiJbzED1xEhAkega99PQgyo9VzTsdNskuhRQxpBpS69F/pAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCFVmTEj+3L3ZJYU9HiPOK1SDP4YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzIzNDJlMzAyZjMyMzAyZDMyMzQyMDNkM2UyMDMxMzYzNTMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BATZ2eAwDQYJKoZIhvcNAQELBQADggEBAHe+HCpmHryiHqFwzb1ZaaFNWrkXCjlh
6cF0TWI3Ebf/NzATx94rGCr9KfyguUOoikJOwI5oSATafyBDARxH+3sdx+Q/VfXh
S/UB4y/KBBZg70gznrhoa7vd4obzt+v9t4a9dswiLW5TfopI2bH9MlcUqAYm+die
yceeiQdiaV5/Sy2KFH+enjFeshbvur5bbSoIg/39RHhFLToAPDlCewVxWO/bZlVv
zRmEi2scmHJfePaMINBx6AQkXz+PCLYyq719kSUp4A84QRZT5brwS62hnAEQffaM
dP0t3Xh3RKau2UkYaEXT7PMFeR7mzdT1xMgUAQ2SLajFUqno8w9NEgk=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:44:42 2025 by rpki-client