Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33312e302f32342d3234203d3e203136353039.roa
File: 3231372e3231372e33312e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: 0j6tHLNA2UgYQw0P+JLkz4HFZuSVRJsanpPzSzl1160=
Subject key identifier: D9:A2:29:F8:66:CA:D3:A0:4D:9F:09:FA:F9:0E:35:B7:C9:0D:C7:24
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 53DE9E699E3F3F8EDB8F693C4ACF493FE2F9EF53
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33312e302f32342d3234203d3e203136353039.roa
Signing time: Thu 07 Aug 2025 07:53:47 +0000
ROA not before: Thu 07 Aug 2025 07:48:47 +0000
ROA not after: Thu 06 Aug 2026 07:53:47 +0000
asID: 16509
IP address blocks: 217.217.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 03:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:de:9e:69:9e:3f:3f:8e:db:8f:69:3c:4a:cf:49:3f:e2:f9:ef:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 7 07:48:47 2025 GMT
Not After : Aug 6 07:53:47 2026 GMT
Subject: CN=D9A229F866CAD3A04D9F09FAF90E35B7C90DC724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a4:cf:34:f7:e8:b3:86:10:82:a3:f3:b3:f9:
e6:9b:09:c0:02:9d:b1:9a:7c:e0:82:0c:fa:a1:12:
d8:bd:5d:ac:58:8c:f7:64:99:dc:91:08:54:c4:9f:
24:d5:e2:bf:12:f5:90:a3:7a:5d:4b:af:6d:1c:82:
d4:55:9e:d1:d3:8b:38:13:da:60:99:10:a5:f7:7f:
00:1a:a0:3e:6d:e2:e6:ae:e3:3a:45:e5:aa:83:59:
1d:4a:9d:5a:f4:63:83:c0:85:d2:9f:fc:08:ce:cf:
31:f6:58:ce:54:33:c7:45:2d:8c:24:17:90:ab:d3:
81:db:cd:10:91:b9:89:a6:ed:31:68:89:1f:aa:ea:
c1:0d:e1:98:09:a2:72:ae:7a:6e:30:cd:dd:45:79:
5c:15:e1:5b:6f:e2:bc:80:a4:7b:6b:b4:61:52:4f:
47:e7:54:09:8c:d1:ef:e1:be:bb:7f:59:a3:41:a8:
e2:4a:56:c0:6b:11:08:41:ef:2f:40:cd:96:a8:af:
08:72:72:e5:17:8f:ac:42:48:2f:bc:40:62:67:5e:
c2:ed:13:78:5f:1d:a1:45:c2:78:25:66:d3:93:82:
f9:5b:bb:95:36:8c:24:c6:ca:e7:62:c9:d1:7a:3c:
62:16:25:cd:07:d8:2b:34:d4:9e:8e:53:89:52:62:
93:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A2:29:F8:66:CA:D3:A0:4D:9F:09:FA:F9:0E:35:B7:C9:0D:C7:24
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33312e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.31.0/24
Signature Algorithm: sha256WithRSAEncryption
60:d5:9d:bd:4a:13:d1:f0:c5:a7:78:e6:4d:42:8b:e2:1e:73:
bc:7a:6f:95:80:8a:e3:1f:b8:15:91:95:f2:6f:32:55:b4:f0:
b2:6e:5e:e3:24:1b:22:40:76:c3:df:d7:97:40:64:03:37:3a:
51:07:4a:3c:34:73:15:8c:23:81:59:d9:2f:9e:e5:90:9e:6e:
e2:25:0f:32:90:bc:f8:8f:e1:52:1d:9c:89:9d:1f:87:08:33:
13:7d:2a:67:01:a1:69:89:bd:97:6f:fc:7a:24:d0:fe:6a:ca:
9a:19:48:92:61:b9:3d:3a:92:ed:14:b4:11:00:7e:6c:79:c0:
8f:00:30:46:2f:e7:68:c7:1f:90:24:92:a1:b0:d9:38:c6:2d:
4f:42:e8:cc:8a:cd:93:8a:c5:1c:a4:17:42:69:af:90:b2:ca:
34:2a:f4:a3:47:c3:fe:84:71:15:1a:74:75:c4:1a:53:c2:d0:
78:85:a3:e7:5d:2a:5f:f9:75:79:11:93:f6:e7:4e:7d:bc:69:
80:a0:7c:92:d6:0f:ff:a2:14:e2:01:37:0e:6c:0d:b5:cc:76:
85:ba:39:b2:06:18:34:a6:3e:2d:b5:44:88:42:fe:7c:b1:6e:
c8:c0:2f:43:13:41:8b:4f:3e:e7:98:00:d9:8c:8d:da:37:9a:
57:5d:1f:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUU96eaZ4/P47bj2k8Ss9JP+L571MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MDcwNzQ4NDdaFw0yNjA4MDYwNzUzNDdaMDMxMTAvBgNV
BAMTKEQ5QTIyOUY4NjZDQUQzQTA0RDlGMDlGQUY5MEUzNUI3QzkwREM3MjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLpM809+izhhCCo/Oz+eabCcAC
nbGafOCCDPqhEti9XaxYjPdkmdyRCFTEnyTV4r8S9ZCjel1Lr20cgtRVntHTizgT
2mCZEKX3fwAaoD5t4uau4zpF5aqDWR1KnVr0Y4PAhdKf/AjOzzH2WM5UM8dFLYwk
F5Cr04HbzRCRuYmm7TFoiR+q6sEN4ZgJonKuem4wzd1FeVwV4Vtv4ryApHtrtGFS
T0fnVAmM0e/hvrt/WaNBqOJKVsBrEQhB7y9AzZaorwhycuUXj6xCSC+8QGJnXsLt
E3hfHaFFwnglZtOTgvlbu5U2jCTGyudiydF6PGIWJc0H2Cs01J6OU4lSYpMVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2aIp+GbK06BNnwn6+Q41t8kNxyQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dkfMA0GCSqGSIb3DQEBCwUAA4IBAQBg1Z29ShPR8MWneOZNQoviHnO8em+VgIrj
H7gVkZXybzJVtPCybl7jJBsiQHbD39eXQGQDNzpRB0o8NHMVjCOBWdkvnuWQnm7i
JQ8ykLz4j+FSHZyJnR+HCDMTfSpnAaFpib2Xb/x6JND+asqaGUiSYbk9OpLtFLQR
AH5secCPADBGL+doxx+QJJKhsNk4xi1PQujMis2TisUcpBdCaa+Qsso0KvSjR8P+
hHEVGnR1xBpTwtB4haPnXSpf+XV5EZP25059vGmAoHyS1g//ohTiATcObA21zHaF
ujmyBhg0pj4ttUSIQv58sW7IwC9DE0GLTz7nmADZjI3aN5pXXR/H
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:43:36 2025 by rpki-client