Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233382e302f32342d3234203d3e20323132323338.roa
File: 38352e3139302e3233382e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: SX8eK4p0KyWByzvDTIB77TptdiyCWqoudCJUyAv6yTU=
Subject key identifier: 0C:90:F9:9B:D0:7F:93:E0:FD:E4:B9:91:CC:B1:70:00:ED:67:1C:4C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 33578823DAD86C1A5AF01C35B05073BD572C08BE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233382e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 03 Jul 2025 19:58:14 +0000
ROA not before: Thu 03 Jul 2025 19:53:14 +0000
ROA not after: Thu 02 Jul 2026 19:58:14 +0000
asID: 212238
IP address blocks: 85.190.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:57:88:23:da:d8:6c:1a:5a:f0:1c:35:b0:50:73:bd:57:2c:08:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 3 19:53:14 2025 GMT
Not After : Jul 2 19:58:14 2026 GMT
Subject: CN=0C90F99BD07F93E0FDE4B991CCB17000ED671C4C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f6:c1:23:23:f2:39:57:1b:94:63:96:b7:72:
bd:bc:98:6e:2a:f6:c1:f2:e8:ee:2e:76:63:d9:8b:
6b:ef:27:58:a9:16:13:cc:ee:45:2a:6b:26:b6:99:
42:e0:81:9a:ba:cd:b3:5d:64:dd:27:75:29:37:4e:
20:8f:0f:72:02:85:06:a5:d0:73:cc:4b:8e:49:0b:
3f:ad:4d:fe:8b:25:78:3e:3f:21:e3:a3:49:1a:ba:
11:63:3b:36:71:81:e2:14:e4:58:f6:c8:7c:f8:2f:
7d:9a:3d:62:75:11:7d:68:68:aa:5e:f7:a3:f4:03:
37:36:8e:99:cd:e1:4c:a9:82:78:95:4d:18:e7:3f:
65:0f:52:1e:74:76:3d:25:23:4b:bd:08:d0:db:bc:
53:1f:9b:d9:cf:e1:77:a1:1d:95:b9:da:5f:06:d9:
65:5a:dc:7c:f3:8f:3c:a8:a8:f0:7d:31:aa:71:44:
0b:07:7a:23:d6:c6:3c:25:d2:b7:cf:20:45:b2:4e:
6f:8a:6c:04:ff:84:f3:bb:62:f2:15:be:05:ff:8b:
99:34:c4:b6:02:e9:cf:73:50:dd:e7:96:44:cc:0c:
87:47:67:e5:58:23:9c:17:43:2d:1a:27:2b:e2:a7:
78:13:ca:2d:ae:f9:c1:20:c1:5a:e0:00:ec:c7:34:
ba:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:90:F9:9B:D0:7F:93:E0:FD:E4:B9:91:CC:B1:70:00:ED:67:1C:4C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233382e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.238.0/24
Signature Algorithm: sha256WithRSAEncryption
14:c7:be:c6:99:cf:ba:54:62:d4:4c:bd:9d:12:98:72:ee:60:
d7:95:13:0e:2f:a3:98:61:88:4c:bc:84:48:81:e5:46:cd:ce:
5b:19:cf:8e:c8:da:bb:45:45:a7:79:f0:a9:c7:8f:8d:3d:3a:
cf:91:14:8c:2f:09:0b:fa:ce:20:d9:05:df:b9:f3:91:17:a2:
fb:0b:bc:20:76:67:87:45:6c:39:74:db:da:b4:24:82:f6:56:
43:e4:4d:4d:62:50:14:56:0c:6a:b0:04:d9:7d:4d:74:96:6c:
12:1f:d9:f7:b7:f1:8d:d8:77:19:55:16:bd:df:08:f9:45:c0:
44:56:82:3b:5a:3d:11:cb:3d:db:79:ae:92:ab:07:b6:ea:b8:
c0:c4:2f:54:17:81:80:15:bf:a3:9e:99:60:a8:05:0b:a4:13:
6c:a5:e8:12:b4:21:8f:99:ba:b8:25:01:5e:8a:61:64:61:d6:
e3:ff:56:23:88:8a:d6:85:92:55:19:65:b7:f1:83:3f:ad:7f:
29:d6:5a:67:7f:6f:44:94:8c:2d:d1:15:d6:4d:b8:df:4b:51:
41:35:8c:c7:bc:85:f3:01:b1:6d:5e:47:a8:b4:ad:88:d6:0c:
9a:ed:05:0d:ff:f8:6f:75:09:36:bd:43:6f:bd:e1:8e:82:c6:
0b:95:59:d6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUM1eII9rYbBpa8Bw1sFBzvVcsCL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA3MDMxOTUzMTRaFw0yNjA3MDIxOTU4MTRaMDMxMTAvBgNV
BAMTKDBDOTBGOTlCRDA3RjkzRTBGREU0Qjk5MUNDQjE3MDAwRUQ2NzFDNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR9sEjI/I5VxuUY5a3cr28mG4q
9sHy6O4udmPZi2vvJ1ipFhPM7kUqaya2mULggZq6zbNdZN0ndSk3TiCPD3IChQal
0HPMS45JCz+tTf6LJXg+PyHjo0kauhFjOzZxgeIU5Fj2yHz4L32aPWJ1EX1oaKpe
96P0Azc2jpnN4UypgniVTRjnP2UPUh50dj0lI0u9CNDbvFMfm9nP4XehHZW52l8G
2WVa3HzzjzyoqPB9MapxRAsHeiPWxjwl0rfPIEWyTm+KbAT/hPO7YvIVvgX/i5k0
xLYC6c9zUN3nlkTMDIdHZ+VYI5wXQy0aJyvip3gTyi2u+cEgwVrgAOzHNLptAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDJD5m9B/k+D95LmRzLFwAO1nHEwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvu4wDQYJKoZIhvcNAQELBQADggEBABTHvsaZz7pUYtRMvZ0SmHLuYNeVEw4v
o5hhiEy8hEiB5UbNzlsZz47I2rtFRad58KnHj409Os+RFIwvCQv6ziDZBd+585EX
ovsLvCB2Z4dFbDl029q0JIL2VkPkTU1iUBRWDGqwBNl9TXSWbBIf2fe38Y3YdxlV
Fr3fCPlFwERWgjtaPRHLPdt5rpKrB7bquMDEL1QXgYAVv6OemWCoBQukE2yl6BK0
IY+ZurglAV6KYWRh1uP/ViOIitaFklUZZbfxgz+tfynWWmd/b0SUjC3RFdZNuN9L
UUE1jMe8hfMBsW1eR6i0rYjWDJrtBQ3/+G91CTa9Q2+94Y6CxguVWdY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:56:47 2025 by rpki-client