Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33312e302f32342d3234203d3e203230343733.roa
File: 3231372e3231372e33312e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: HUFaJX+Yv0F33xoU1tqPrkyInRaiZN/1LYgPFli6S6A=
Subject key identifier: 18:BA:CB:E0:4D:EA:39:1B:D2:4D:10:70:1F:93:A3:D8:46:4A:B7:E7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 21353507BD52EA710C32CF2238FAF8327CF03227
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33312e302f32342d3234203d3e203230343733.roa
Signing time: Fri 25 Jul 2025 18:44:38 +0000
ROA not before: Fri 25 Jul 2025 18:39:38 +0000
ROA not after: Fri 24 Jul 2026 18:44:38 +0000
asID: 20473
IP address blocks: 217.217.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:07:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:35:35:07:bd:52:ea:71:0c:32:cf:22:38:fa:f8:32:7c:f0:32:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 25 18:39:38 2025 GMT
Not After : Jul 24 18:44:38 2026 GMT
Subject: CN=18BACBE04DEA391BD24D10701F93A3D8464AB7E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7a:bb:9a:d9:52:cc:96:d6:12:30:35:01:85:
cb:ce:db:35:cf:6c:39:66:1a:73:c7:73:fd:bb:46:
e4:24:3c:53:35:44:90:b7:7c:ec:7c:1b:fd:f6:e7:
d3:69:30:81:4f:d5:28:39:61:14:ba:99:bd:03:28:
cd:d4:4b:f6:62:38:fc:af:e5:ef:c9:bc:8b:ae:ac:
2b:a3:3f:4c:fa:35:92:e4:3a:94:1f:33:66:a3:df:
63:97:53:67:31:37:6e:0c:c5:d6:7a:00:37:16:48:
5e:cc:ef:0b:47:1d:59:17:ed:54:5a:1d:4f:5a:a4:
fd:d1:74:c3:b2:e7:c2:50:f5:1a:51:4f:47:f7:a2:
53:48:c2:b3:7b:10:f2:32:73:86:a9:c8:8a:13:da:
ab:e5:fe:a8:db:92:ce:25:10:97:63:9b:eb:99:6b:
64:79:8b:c3:0b:4a:21:3d:9a:92:f7:d5:2d:c9:36:
1f:34:5a:c2:24:a8:4e:a3:37:e0:a5:6a:74:6d:a3:
35:bc:2c:db:67:dd:bc:5c:c6:4c:ed:64:1e:dc:41:
0a:75:08:9d:c4:77:7d:4f:34:05:0f:09:fb:bd:b2:
bd:0c:85:f6:04:2c:45:1e:1b:ac:39:3e:f3:4b:5a:
6b:07:c6:ba:00:c5:79:38:b1:7d:b9:c6:56:d0:ff:
4d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:BA:CB:E0:4D:EA:39:1B:D2:4D:10:70:1F:93:A3:D8:46:4A:B7:E7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231372e33312e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.217.31.0/24
Signature Algorithm: sha256WithRSAEncryption
28:96:32:7c:bb:4d:c3:3d:cd:4c:51:16:57:5b:39:fd:35:79:
bb:64:89:1f:5e:ea:c9:41:ec:be:64:c7:f1:f0:ea:60:a0:39:
3e:33:c3:01:da:dc:87:72:c3:fa:f2:05:b0:7e:ec:5d:ee:45:
24:93:4f:8a:75:be:22:f4:39:e0:09:61:a9:7a:2e:d1:3c:ef:
37:01:69:1b:5b:38:f1:20:24:9a:9d:12:9c:70:78:1b:1c:4e:
22:bb:a1:1b:de:3d:7d:4e:67:96:84:4b:7c:99:d8:22:90:46:
fd:48:46:dd:bd:87:fc:da:25:e6:b1:55:6a:f9:a6:d5:9f:83:
07:81:5a:8c:87:d7:b2:f3:2a:a0:dc:8e:6d:c8:53:92:33:53:
20:17:03:52:2b:cc:62:b1:d2:50:9a:e2:70:50:a5:b9:ed:a2:
71:a2:84:79:a6:ae:b2:79:e9:e2:b5:50:ff:b3:7a:79:2e:88:
e5:e0:94:b7:a7:9f:85:70:6b:99:a9:d0:de:3c:4e:e2:21:71:
9c:95:7e:28:83:60:9d:41:a9:d0:91:ad:01:24:e0:59:35:da:
dd:c3:f9:74:dd:99:f5:40:d1:2c:45:b0:51:ab:4c:e0:df:74:
1f:4d:1c:76:ef:31:ac:50:c9:55:a4:e5:9a:80:71:44:34:f4:
ba:9a:16:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUITU1B71S6nEMMs8iOPr4MnzwMicwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MjUxODM5MzhaFw0yNjA3MjQxODQ0MzhaMDMxMTAvBgNV
BAMTKDE4QkFDQkUwNERFQTM5MUJEMjREMTA3MDFGOTNBM0Q4NDY0QUI3RTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUerua2VLMltYSMDUBhcvO2zXP
bDlmGnPHc/27RuQkPFM1RJC3fOx8G/3259NpMIFP1Sg5YRS6mb0DKM3US/ZiOPyv
5e/JvIuurCujP0z6NZLkOpQfM2aj32OXU2cxN24MxdZ6ADcWSF7M7wtHHVkX7VRa
HU9apP3RdMOy58JQ9RpRT0f3olNIwrN7EPIyc4apyIoT2qvl/qjbks4lEJdjm+uZ
a2R5i8MLSiE9mpL31S3JNh80WsIkqE6jN+ClanRtozW8LNtn3bxcxkztZB7cQQp1
CJ3Ed31PNAUPCfu9sr0MhfYELEUeG6w5PvNLWmsHxroAxXk4sX25xlbQ/03PAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUGLrL4E3qORvSTRBwH5Oj2EZKt+cwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzcyZTMz
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
2dkfMA0GCSqGSIb3DQEBCwUAA4IBAQAoljJ8u03DPc1MURZXWzn9NXm7ZIkfXurJ
Qey+ZMfx8OpgoDk+M8MB2tyHcsP68gWwfuxd7kUkk0+Kdb4i9DngCWGpei7RPO83
AWkbWzjxICSanRKccHgbHE4iu6Eb3j19TmeWhEt8mdgikEb9SEbdvYf82iXmsVVq
+abVn4MHgVqMh9ey8yqg3I5tyFOSM1MgFwNSK8xisdJQmuJwUKW57aJxooR5pq6y
eenitVD/s3p5Lojl4JS3p5+FcGuZqdDePE7iIXGclX4og2CdQanQka0BJOBZNdrd
w/l03Zn1QNEsRbBRq0zg33QfTRx27zGsUMlVpOWagHFENPS6mhY5
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:40:22 2025 by rpki-client