Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234342e302f32342d3234203d3e20323136323533.roa
File: 3231372e3231372e3234342e302f32342d3234203d3e20323136323533.roa (raw, json)
Hash identifier: jscBpkw9b4WdGFOKJMcndz/PUwCnPMBzum6jUnEXdVg=
Subject key identifier: 07:0B:DF:29:F0:73:AC:22:40:0D:F0:89:C8:04:25:07:5F:00:C2:C1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 380FB52C3FF065F633D27FF97BB5F96B5CA72455
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234342e302f32342d3234203d3e20323136323533.roa
Signing time: Thu 31 Jul 2025 18:41:31 +0000
ROA not before: Thu 31 Jul 2025 18:36:31 +0000
ROA not after: Thu 30 Jul 2026 18:41:31 +0000
asID: 216253
IP address blocks: 217.217.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:0f:b5:2c:3f:f0:65:f6:33:d2:7f:f9:7b:b5:f9:6b:5c:a7:24:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 31 18:36:31 2025 GMT
Not After : Jul 30 18:41:31 2026 GMT
Subject: CN=070BDF29F073AC22400DF089C80425075F00C2C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a5:15:a9:1c:9c:34:be:0d:6d:e6:d6:5e:4d:
da:97:bc:aa:a9:d5:6b:4a:51:99:39:36:61:70:bc:
2f:16:22:d2:2e:e3:6e:c4:1b:c1:b9:ab:c4:f6:4a:
15:a9:6e:df:5a:7e:24:64:e0:ab:0b:ca:49:e7:e6:
7e:d8:48:98:f0:52:47:a3:f3:1a:72:2d:c0:66:48:
35:8b:37:34:d9:f4:93:59:f6:23:f9:8c:70:4f:2d:
db:8a:1a:1e:d3:1f:97:dd:d6:28:0c:fd:b5:34:0a:
ec:a9:62:b1:2a:78:6c:91:d5:6a:8c:a9:23:2d:38:
36:59:a8:7a:7a:c2:f5:d9:6c:68:95:d3:10:ec:54:
87:1d:76:14:af:ca:55:b8:40:1e:31:77:23:de:ad:
a6:44:69:f2:90:91:4f:75:5f:51:88:b9:18:4d:03:
7e:35:a6:7d:98:d9:7b:30:c6:d4:f3:33:5d:11:d6:
f9:72:a0:9c:a1:05:b7:37:a4:4e:b0:ed:2f:02:4a:
1c:fc:c4:04:3a:45:4b:30:af:56:87:d8:fd:bc:b4:
0d:03:37:49:71:ad:30:eb:45:1d:4f:54:89:ba:b3:
49:66:a8:55:a1:a9:cf:0f:97:a7:f2:68:1e:7f:40:
cc:36:0d:b3:dc:1b:71:8d:c9:c3:ae:a9:a3:82:93:
77:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0B:DF:29:F0:73:AC:22:40:0D:F0:89:C8:04:25:07:5F:00:C2:C1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e3234342e302f32342d3234203d3e20323136323533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.244.0/24
Signature Algorithm: sha256WithRSAEncryption
71:ce:d8:30:7d:91:c6:a8:6a:5f:f7:46:fa:0c:4c:4a:78:51:
d4:a9:51:36:96:12:75:ba:b2:9d:c7:61:b0:08:99:86:b3:c1:
fb:81:ab:c8:6d:19:ec:fa:a7:d8:7a:34:23:3b:b8:c4:b7:dd:
7d:40:88:1e:05:ad:20:bc:4f:7d:e7:f7:e3:61:a0:db:e0:e8:
9d:7d:f6:0d:43:3e:00:9f:79:92:9b:6b:2c:cc:ba:fc:ab:56:
11:9f:e5:5d:0d:29:f8:ff:a2:04:ba:50:a0:96:3e:85:2a:97:
04:79:85:c2:61:7e:6f:40:b2:96:80:16:58:39:a2:ed:98:75:
5d:21:9e:05:4a:5b:b9:b0:d1:08:5a:77:84:57:84:9c:53:1e:
0b:48:f4:ec:8a:4e:ea:fd:71:e4:7d:51:18:7a:33:e7:c4:c1:
f5:03:29:78:12:46:5f:d7:43:de:a5:06:bf:ea:50:3c:88:a2:
c9:f6:c9:60:c5:de:1b:ab:71:63:7b:de:3a:4e:49:59:99:bf:
71:20:fc:29:01:e5:eb:5f:78:54:f9:04:dc:23:08:ea:19:fe:
5b:0b:40:5e:a4:ac:23:ab:37:aa:1e:8f:2b:b3:b6:62:50:b1:
9c:88:0c:ea:e6:c6:92:ed:7e:16:76:6f:2d:58:59:07:3b:01:
23:c7:60:66
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOA+1LD/wZfYz0n/5e7X5a1ynJFUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MzExODM2MzFaFw0yNjA3MzAxODQxMzFaMDMxMTAvBgNV
BAMTKDA3MEJERjI5RjA3M0FDMjI0MDBERjA4OUM4MDQyNTA3NUYwMEMyQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8pRWpHJw0vg1t5tZeTdqXvKqp
1WtKUZk5NmFwvC8WItIu427EG8G5q8T2ShWpbt9afiRk4KsLyknn5n7YSJjwUkej
8xpyLcBmSDWLNzTZ9JNZ9iP5jHBPLduKGh7TH5fd1igM/bU0CuypYrEqeGyR1WqM
qSMtODZZqHp6wvXZbGiV0xDsVIcddhSvylW4QB4xdyPeraZEafKQkU91X1GIuRhN
A341pn2Y2XswxtTzM10R1vlyoJyhBbc3pE6w7S8CShz8xAQ6RUswr1aH2P28tA0D
N0lxrTDrRR1PVIm6s0lmqFWhqc8Pl6fyaB5/QMw2DbPcG3GNycOuqaOCk3ctAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUBwvfKfBzrCJADfCJyAQlB18AwsEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMy
MzQzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNjMyMzUzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEANnZ9DANBgkqhkiG9w0BAQsFAAOCAQEAcc7YMH2RxqhqX/dG+gxMSnhR1KlR
NpYSdbqyncdhsAiZhrPB+4GryG0Z7Pqn2Ho0Izu4xLfdfUCIHgWtILxPfef342Gg
2+DonX32DUM+AJ95kptrLMy6/KtWEZ/lXQ0p+P+iBLpQoJY+hSqXBHmFwmF+b0Cy
loAWWDmi7Zh1XSGeBUpbubDRCFp3hFeEnFMeC0j07IpO6v1x5H1RGHoz58TB9QMp
eBJGX9dD3qUGv+pQPIiiyfbJYMXeG6txY3veOk5JWZm/cSD8KQHl6194VPkE3CMI
6hn+WwtAXqSsI6s3qh6PK7O2YlCxnIgM6ubGku1+FnZvLVhZBzsBI8dgZg==
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:12:22 2025 by rpki-client