Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33302e302f32342d3234203d3e20323030363336.roa
File: 3231372e3231372e33302e302f32342d3234203d3e20323030363336.roa (raw, json)
Hash identifier: WNHgZzoFBuQF20/i0w/0Zs/vO8FSDlLmjD3LGOPcgrU=
Subject key identifier: 16:53:96:6A:84:17:72:1B:78:23:34:1A:AC:B4:A7:A0:3F:04:3F:9F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6987E5EBCA65D42F0ABEA2E11C73A801D04DC1CB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33302e302f32342d3234203d3e20323030363336.roa
Signing time: Mon 28 Jul 2025 09:36:58 +0000
ROA not before: Mon 28 Jul 2025 09:31:58 +0000
ROA not after: Mon 27 Jul 2026 09:36:58 +0000
asID: 200636
IP address blocks: 217.217.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:87:e5:eb:ca:65:d4:2f:0a:be:a2:e1:1c:73:a8:01:d0:4d:c1:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 28 09:31:58 2025 GMT
Not After : Jul 27 09:36:58 2026 GMT
Subject: CN=1653966A8417721B7823341AACB4A7A03F043F9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f0:f7:71:cf:ac:cb:a5:4a:f7:88:f6:a0:98:
33:81:bb:e5:d1:c6:9d:0a:e4:73:69:f3:e5:18:b2:
c8:f0:ad:ae:5a:e5:4e:d6:2c:37:3f:9f:61:b7:7b:
83:e5:09:b4:eb:59:c4:3c:97:a3:f0:26:62:48:29:
66:ef:fc:7e:49:21:6c:52:b1:af:4b:47:12:42:f3:
8f:85:91:f4:ba:81:2d:49:3b:c6:2a:2a:f4:72:22:
c9:60:e8:4b:06:3c:ae:45:11:c8:bf:3d:b6:8f:76:
b1:d2:1f:ba:19:94:2d:9d:fc:82:c5:f4:42:a3:03:
17:f1:10:d1:43:ef:45:fb:34:4f:79:8b:c4:d5:16:
a6:f6:11:67:4b:26:b4:da:a7:7c:9d:77:30:89:9d:
b6:02:7c:ab:37:1d:40:54:fe:72:60:39:b1:3f:40:
5d:be:4d:7b:9e:fb:30:76:c4:f3:15:e7:26:66:ae:
ea:e5:31:d5:df:28:21:22:7b:d4:e4:82:cf:0c:64:
f7:cb:6f:bd:4b:7b:40:c1:b6:32:dd:b5:08:02:d9:
2c:c4:ad:00:8f:a0:f4:ae:4e:27:a1:be:46:05:74:
cb:a4:6d:4a:3f:9d:3c:e2:72:a2:f1:3c:2f:53:ba:
3c:18:41:f3:22:b2:54:a6:a1:ec:be:de:78:a6:8c:
ea:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:53:96:6A:84:17:72:1B:78:23:34:1A:AC:B4:A7:A0:3F:04:3F:9F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33302e302f32342d3234203d3e20323030363336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.30.0/24
Signature Algorithm: sha256WithRSAEncryption
52:b7:ff:a3:95:fa:eb:89:a4:1a:c6:e7:4e:bc:82:e6:cc:9c:
41:9b:8c:23:4b:a2:20:23:2a:49:bc:96:bf:b0:2b:3d:52:f0:
e1:ec:bf:04:f2:e8:50:3e:a2:d4:fe:42:5b:62:17:5b:f7:91:
2c:d3:4b:14:44:12:28:f2:35:12:5c:6e:97:12:c4:b3:9c:8a:
e8:db:fd:90:21:fe:32:bc:9f:13:a8:f4:7c:a0:3b:41:21:55:
5d:46:75:4d:8c:45:b4:a9:52:90:2a:68:f7:f2:d8:11:aa:c4:
fa:0a:85:48:fa:76:5d:90:d8:bd:d6:37:83:c9:c9:3e:af:9c:
c1:4b:7a:82:8a:0d:ea:33:7d:5e:81:ca:2f:49:87:f4:c7:71:
14:64:bb:64:02:1e:2a:07:35:39:d5:4f:c4:b5:fe:ab:0f:e6:
a3:8b:43:e8:f0:60:67:46:38:02:ce:89:69:d0:f7:d4:71:a0:
5d:ba:a3:d7:98:b5:9c:96:78:4e:91:40:1b:a8:57:86:87:45:
cf:db:44:84:78:86:9c:12:f8:4c:c0:8d:f0:7a:99:99:14:8c:
fa:66:81:66:50:b1:64:f4:c9:a4:c3:d9:9b:0c:35:8e:e1:9a:
39:76:52:c8:dd:f7:ef:c6:f4:a0:36:e7:58:e6:71:0a:8e:04:
8e:bc:06:2e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaYfl68pl1C8KvqLhHHOoAdBNwcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjgwOTMxNThaFw0yNjA3MjcwOTM2NThaMDMxMTAvBgNV
BAMTKDE2NTM5NjZBODQxNzcyMUI3ODIzMzQxQUFDQjRBN0EwM0YwNDNGOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU8Pdxz6zLpUr3iPagmDOBu+XR
xp0K5HNp8+UYssjwra5a5U7WLDc/n2G3e4PlCbTrWcQ8l6PwJmJIKWbv/H5JIWxS
sa9LRxJC84+FkfS6gS1JO8YqKvRyIslg6EsGPK5FEci/PbaPdrHSH7oZlC2d/ILF
9EKjAxfxENFD70X7NE95i8TVFqb2EWdLJrTap3yddzCJnbYCfKs3HUBU/nJgObE/
QF2+TXue+zB2xPMV5yZmrurlMdXfKCEie9Tkgs8MZPfLb71Le0DBtjLdtQgC2SzE
rQCPoPSuTiehvkYFdMukbUo/nTzicqLxPC9TujwYQfMislSmoey+3nimjOp9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFlOWaoQXcht4IzQarLSnoD8EP58wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzNjMzMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADZ2R4wDQYJKoZIhvcNAQELBQADggEBAFK3/6OV+uuJpBrG5068gubMnEGbjCNL
oiAjKkm8lr+wKz1S8OHsvwTy6FA+otT+QltiF1v3kSzTSxREEijyNRJcbpcSxLOc
iujb/ZAh/jK8nxOo9HygO0EhVV1GdU2MRbSpUpAqaPfy2BGqxPoKhUj6dl2Q2L3W
N4PJyT6vnMFLeoKKDeozfV6Byi9Jh/THcRRku2QCHioHNTnVT8S1/qsP5qOLQ+jw
YGdGOALOiWnQ99RxoF26o9eYtZyWeE6RQBuoV4aHRc/bRIR4hpwS+EzAjfB6mZkU
jPpmgWZQsWT0yaTD2ZsMNY7hmjl2Usjd9+/G9KA251jmcQqOBI68Bi4=
-----END CERTIFICATE-----
Generated at Wed Aug 6 07:54:09 2025 by rpki-client