Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3130342e302f32342d3234203d3e20313336373837.roa
File: 3231372e3231362e3130342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: xdBihi2u8/GUAoomL8oHznI5/vswpltc/s/OTVoXUBY=
Subject key identifier: CB:F5:AA:3D:4F:63:B8:FA:FE:8E:4F:4B:44:67:A6:0D:B9:9C:CA:9B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3615985030B60EAF45C7FF7167B4CF533252ED06
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3130342e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Oct 2025 12:14:19 +0000
ROA not before: Mon 27 Oct 2025 12:09:19 +0000
ROA not after: Mon 26 Oct 2026 12:14:19 +0000
asID: 136787
IP address blocks: 217.216.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:15:98:50:30:b6:0e:af:45:c7:ff:71:67:b4:cf:53:32:52:ed:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 12:09:19 2025 GMT
Not After : Oct 26 12:14:19 2026 GMT
Subject: CN=CBF5AA3D4F63B8FAFE8E4F4B4467A60DB99CCA9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1b:7f:54:91:5d:43:b4:3f:8c:7f:67:55:19:
40:52:18:05:3c:2e:2c:50:15:2c:18:ef:ea:8f:b0:
97:25:b6:f8:9a:48:7b:f1:85:1e:21:94:86:50:0a:
2b:71:5f:ae:9e:57:5c:9f:28:a9:6c:76:3e:6f:f5:
44:1b:80:ee:7b:bf:56:26:dd:0e:43:3e:ee:61:1c:
1e:08:4a:78:88:23:e8:32:91:7d:4a:3a:87:b3:f2:
0e:f7:c3:83:01:bf:be:7c:88:78:fc:71:a9:a7:cc:
b1:ba:39:36:83:1f:48:f7:bb:c1:d0:30:e7:0f:d8:
4e:3d:c7:28:01:dd:c5:bf:d8:59:60:02:22:e3:12:
2d:85:98:7b:3e:22:b8:7f:a8:d2:cd:7c:ed:04:d9:
95:09:e9:a4:02:04:0f:04:f1:f0:cd:c4:f5:f9:7c:
00:56:75:fd:7b:7f:58:2f:8c:02:a8:99:cc:dd:e0:
3c:d1:28:76:87:f5:30:63:c5:a5:70:72:0b:f2:e3:
b0:7c:20:1c:bd:33:79:8f:f5:52:6c:04:b8:e5:5e:
bd:a3:be:67:b3:bb:71:e0:87:94:23:52:41:bc:9a:
21:81:9a:48:23:fa:5e:cb:c1:da:c4:72:a3:91:27:
6c:b9:be:ad:36:91:3c:b9:01:ce:49:39:4c:e3:05:
bd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F5:AA:3D:4F:63:B8:FA:FE:8E:4F:4B:44:67:A6:0D:B9:9C:CA:9B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3130342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.216.104.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:b9:39:b4:c9:e0:a6:7e:02:44:31:bb:76:ca:41:4e:26:69:
b9:21:2a:36:85:d6:e8:5d:33:24:6c:3c:ba:9b:d1:19:27:66:
d1:93:9f:fb:91:a7:ba:a0:6a:4d:bf:be:29:5c:ce:af:05:65:
31:b6:91:ad:8b:20:4f:a1:39:4f:b1:e8:00:17:c3:eb:ef:99:
0a:c9:5d:55:09:6f:36:0f:f5:81:03:dd:08:b6:a0:55:66:f6:
36:91:c5:6d:07:c0:e2:99:75:5e:f0:32:ac:db:e3:0e:b0:e3:
df:0a:e5:9e:d3:eb:2b:14:b0:2b:5e:16:98:a4:57:69:39:02:
6d:b6:9b:6d:21:3c:18:ef:5d:ea:86:5e:a6:59:1a:9f:e0:53:
4b:5e:5f:7a:28:4b:1c:32:3b:de:05:58:2c:75:8e:9e:e8:54:
e6:6f:d1:ad:1d:a0:94:21:fb:cd:e3:17:4d:c5:bd:f6:cd:20:
a5:c1:ef:64:82:ef:92:dc:24:b5:96:b6:ea:35:cd:5b:37:a6:
f5:23:12:22:70:36:40:bb:b8:6c:5c:d7:59:c9:07:71:53:0e:
72:a2:4e:92:82:ff:19:2c:a8:d8:40:2e:99:54:ef:f0:70:0b:
d1:77:e8:8d:e2:de:c8:37:17:a0:06:c6:87:38:d9:5d:fa:de:
57:45:e4:06
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNhWYUDC2Dq9Fx/9xZ7TPUzJS7QYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMjcxMjA5MTlaFw0yNjEwMjYxMjE0MTlaMDMxMTAvBgNV
BAMTKENCRjVBQTNENEY2M0I4RkFGRThFNEY0QjQ0NjdBNjBEQjk5Q0NBOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0G39UkV1DtD+Mf2dVGUBSGAU8
LixQFSwY7+qPsJcltviaSHvxhR4hlIZQCitxX66eV1yfKKlsdj5v9UQbgO57v1Ym
3Q5DPu5hHB4ISniII+gykX1KOoez8g73w4MBv758iHj8camnzLG6OTaDH0j3u8HQ
MOcP2E49xygB3cW/2FlgAiLjEi2FmHs+Irh/qNLNfO0E2ZUJ6aQCBA8E8fDNxPX5
fABWdf17f1gvjAKomczd4DzRKHaH9TBjxaVwcgvy47B8IBy9M3mP9VJsBLjlXr2j
vmezu3Hgh5QjUkG8miGBmkgj+l7LwdrEcqORJ2y5vq02kTy5Ac5JOUzjBb1xAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUy/WqPU9juPr+jk9LRGemDbmcypswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx
MzAzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnYaDANBgkqhkiG9w0BAQsFAAOCAQEAn7k5tMngpn4CRDG7dspBTiZpuSEq
NoXW6F0zJGw8upvRGSdm0ZOf+5GnuqBqTb++KVzOrwVlMbaRrYsgT6E5T7HoABfD
6++ZCsldVQlvNg/1gQPdCLagVWb2NpHFbQfA4pl1XvAyrNvjDrDj3wrlntPrKxSw
K14WmKRXaTkCbbabbSE8GO9d6oZeplkan+BTS15feihLHDI73gVYLHWOnuhU5m/R
rR2glCH7zeMXTcW99s0gpcHvZILvktwktZa26jXNWzem9SMSInA2QLu4bFzXWckH
cVMOcqJOkoL/GSyo2EAumVTv8HAL0XfojeLeyDcXoAbGhzjZXfreV0XkBg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 19:51:15 2025 by rpki-client