Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232342e302f32312d3234203d3e203230333236.roa
File: 3231372e3231372e3232342e302f32312d3234203d3e203230333236.roa (raw, json)
Hash identifier: J8M+ZvY4wTCICf7big0bmKh69pMowZdKSeojx0a31ho=
Subject key identifier: F9:59:B3:3A:B0:4C:F6:66:C2:4A:7D:71:5B:E4:C5:58:6A:75:F8:DD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4E37A93EC937693030AED7B321B5FE645B224FD2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232342e302f32312d3234203d3e203230333236.roa
Signing time: Tue 09 Sep 2025 08:53:37 +0000
ROA not before: Tue 09 Sep 2025 08:48:37 +0000
ROA not after: Tue 08 Sep 2026 08:53:37 +0000
asID: 20326
IP address blocks: 217.217.224.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 00:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:37:a9:3e:c9:37:69:30:30:ae:d7:b3:21:b5:fe:64:5b:22:4f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 9 08:48:37 2025 GMT
Not After : Sep 8 08:53:37 2026 GMT
Subject: CN=F959B33AB04CF666C24A7D715BE4C5586A75F8DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:99:79:c6:00:aa:97:82:e9:cf:63:f9:9b:a5:
e1:9f:ab:ce:98:7d:53:d2:42:cd:05:d0:88:2c:1f:
67:9c:41:ae:74:2f:c9:bb:37:94:db:c3:be:cd:f2:
b8:89:cb:35:c1:0f:c1:1b:5c:d9:a1:8a:63:5e:e1:
51:0d:ba:93:9f:e0:14:d9:ef:d2:e9:ca:37:c5:79:
58:6d:34:9b:71:6d:8d:d6:79:7b:0e:40:08:0b:b9:
37:52:ff:d8:9f:1c:05:0c:b5:39:36:ff:08:75:05:
8a:51:d9:24:95:44:72:41:35:12:ca:cf:c5:ff:05:
ef:db:16:01:02:f8:68:72:86:a7:e4:4a:ce:90:0b:
c8:1b:33:36:c7:04:14:ab:92:31:df:ee:3c:1b:b4:
b3:3e:fb:1c:3e:f4:5b:7c:eb:c8:4a:ee:a8:ca:e4:
37:fd:95:73:23:1b:ac:2f:88:de:65:71:02:14:f5:
7c:36:b1:a2:b5:e2:ce:18:dc:08:68:97:60:91:78:
7d:de:81:8d:ff:14:0a:15:76:b1:34:b4:80:6c:2c:
1a:2e:00:6d:13:dd:a7:58:f9:40:61:b3:e9:34:1a:
45:b8:f5:d2:5c:af:a1:b2:37:76:25:10:45:bc:27:
ff:4c:f0:f8:51:49:e5:66:33:fe:3e:9f:88:c7:67:
1f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:59:B3:3A:B0:4C:F6:66:C2:4A:7D:71:5B:E4:C5:58:6A:75:F8:DD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3232342e302f32312d3234203d3e203230333236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.224.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:ff:86:07:ee:da:47:67:52:de:f9:77:26:8e:7b:96:37:f0:
5a:35:99:94:a9:ab:6b:1a:84:ba:9d:ad:ad:78:e6:54:10:ae:
1f:05:25:54:93:5f:df:f0:5a:0b:1a:c6:a2:27:2e:6f:27:7a:
c3:b1:36:99:21:b6:69:99:ff:e6:18:ef:f0:e6:fb:88:39:31:
56:95:97:f6:89:64:7e:e4:48:9e:04:e2:d1:8c:9a:0f:d8:ff:
e2:4b:e4:4c:8d:80:79:13:36:a4:89:48:7c:44:1e:5d:e4:5b:
3b:5c:02:48:7f:c0:c1:05:dc:64:d5:4d:12:5f:9b:f0:71:91:
af:9d:37:a3:46:51:63:cc:5b:97:68:dc:84:0d:3d:26:62:3c:
8c:d8:78:e2:ae:8d:5d:74:a5:71:86:c5:3c:16:84:bf:01:05:
6f:fe:5b:3f:07:c9:12:f3:54:36:6a:6f:61:d5:65:ba:5b:75:
a0:ed:8e:db:61:42:5f:47:66:74:7a:0b:8f:3c:7a:09:2d:8b:
fd:0d:33:ce:88:3a:66:ab:25:a6:d4:da:0e:00:5b:34:17:09:
ba:1c:e8:86:1d:0f:8b:c0:98:3d:00:be:46:51:d5:de:66:fd:
ec:d0:84:08:d7:d3:09:c0:3e:e8:a7:03:4d:a3:4e:23:ce:88:
57:b9:b4:4b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTjepPsk3aTAwrtezIbX+ZFsiT9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MDkwODQ4MzdaFw0yNjA5MDgwODUzMzdaMDMxMTAvBgNV
BAMTKEY5NTlCMzNBQjA0Q0Y2NjZDMjRBN0Q3MTVCRTRDNTU4NkE3NUY4REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZmXnGAKqXgunPY/mbpeGfq86Y
fVPSQs0F0IgsH2ecQa50L8m7N5Tbw77N8riJyzXBD8EbXNmhimNe4VENupOf4BTZ
79LpyjfFeVhtNJtxbY3WeXsOQAgLuTdS/9ifHAUMtTk2/wh1BYpR2SSVRHJBNRLK
z8X/Be/bFgEC+GhyhqfkSs6QC8gbMzbHBBSrkjHf7jwbtLM++xw+9Ft868hK7qjK
5Df9lXMjG6wviN5lcQIU9Xw2saK14s4Y3Ahol2CReH3egY3/FAoVdrE0tIBsLBou
AG0T3adY+UBhs+k0GkW49dJcr6GyN3YlEEW8J/9M8PhRSeVmM/4+n4jHZx/PAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+VmzOrBM9mbCSn1xW+TFWGp1+N0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzIzNDJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDMyMzAzMzMyMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPZ2eAwDQYJKoZIhvcNAQELBQADggEBAF//hgfu2kdnUt75dyaOe5Y38Fo1mZSp
q2sahLqdra145lQQrh8FJVSTX9/wWgsaxqInLm8nesOxNpkhtmmZ/+YY7/Dm+4g5
MVaVl/aJZH7kSJ4E4tGMmg/Y/+JL5EyNgHkTNqSJSHxEHl3kWztcAkh/wMEF3GTV
TRJfm/Bxka+dN6NGUWPMW5do3IQNPSZiPIzYeOKujV10pXGGxTwWhL8BBW/+Wz8H
yRLzVDZqb2HVZbpbdaDtjtthQl9HZnR6C488egkti/0NM86IOmarJabU2g4AWzQX
Cboc6IYdD4vAmD0AvkZR1d5m/ezQhAjX0wnAPuinA02jTiPOiFe5tEs=
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:10:31 2025 by rpki-client