Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3232342e302f32342d3234203d3e203531323032.roa
File: 38322e3133392e3232342e302f32342d3234203d3e203531323032.roa (raw, json)
Hash identifier: NFELAxbAsbQ3TOnXrteeQGdnKivNmqVE/LI/v79clRg=
Subject key identifier: 4D:52:10:70:3D:F9:1C:0D:E0:B8:86:E7:01:1E:CB:6B:A0:AF:D8:CC
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 77035FCF5487CE07E32A27864AB8296751152753
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3232342e302f32342d3234203d3e203531323032.roa
Signing time: Thu 04 Sep 2025 10:40:06 +0000
ROA not before: Thu 04 Sep 2025 10:35:06 +0000
ROA not after: Thu 03 Sep 2026 10:40:06 +0000
asID: 51202
IP address blocks: 82.139.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:03:5f:cf:54:87:ce:07:e3:2a:27:86:4a:b8:29:67:51:15:27:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:06 2025 GMT
Not After : Sep 3 10:40:06 2026 GMT
Subject: CN=4D5210703DF91C0DE0B886E7011ECB6BA0AFD8CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0f:e2:b2:a4:4c:d8:1a:17:6a:8f:b8:48:96:
c9:5a:3d:27:fc:b4:4a:dc:02:fe:2c:c3:87:6c:32:
70:1a:27:e3:76:b1:67:8b:f5:9f:91:14:d6:56:1f:
d2:63:c9:ce:4e:4e:72:08:3f:1a:f3:a4:92:d7:57:
d9:16:85:42:0f:ca:4b:51:d1:fe:dc:a9:a5:49:d1:
ef:3b:3e:dd:93:e5:37:0b:3d:a5:00:f2:82:86:61:
4b:bd:75:6c:5f:24:59:f6:21:50:e8:a9:62:fc:76:
d6:99:81:ee:a1:47:fc:16:aa:c5:3a:1e:a1:1e:63:
20:e1:b1:ee:bd:15:68:bb:e5:3d:34:0d:7b:62:4a:
1b:d1:a6:ae:68:42:37:d4:d7:25:49:3a:9b:97:52:
56:20:e1:5d:d0:d9:6d:76:26:ed:c0:5f:70:0c:ad:
cc:f1:32:f5:87:16:48:73:6d:18:ee:b3:2c:8a:84:
66:9c:13:44:35:e0:33:cb:72:bb:92:02:34:89:d1:
33:90:3a:f1:57:16:f2:8b:dd:e1:d2:2f:5e:89:30:
95:70:21:2b:0b:5d:ed:1e:86:da:f0:c0:88:5c:69:
2a:4c:61:a7:e3:19:3f:e2:a7:40:17:e0:0a:e6:49:
4f:18:d2:d2:57:94:b3:fe:92:37:5f:a0:69:3d:71:
bc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:52:10:70:3D:F9:1C:0D:E0:B8:86:E7:01:1E:CB:6B:A0:AF:D8:CC
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3232342e302f32342d3234203d3e203531323032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.224.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:3d:95:ed:4a:d3:2c:55:19:6f:02:0e:8b:14:f0:0b:a3:08:
cc:75:f7:d6:30:53:a7:a9:cf:d1:4b:8b:62:bf:ba:0c:eb:ae:
12:bd:a0:db:cf:f0:c6:20:3c:b1:77:67:86:6d:fc:be:6a:1d:
58:ff:a5:c1:f1:2b:d2:82:ae:88:3a:f9:ad:07:b2:dc:b5:b1:
6a:21:a5:26:4a:85:9b:cb:74:31:63:31:d1:38:a9:61:4d:2d:
b6:26:fc:c7:76:32:63:54:31:92:ef:3f:52:48:42:b1:6b:05:
0b:6f:d8:f6:c7:96:54:e5:fe:3a:d9:58:5c:88:c8:c6:6f:8a:
3d:02:07:47:49:59:a3:98:88:ce:70:8b:77:61:e4:34:5f:09:
95:c5:d0:43:d3:de:ba:1f:12:23:87:d9:3a:85:93:37:46:3a:
f6:37:0e:0d:ee:eb:3d:11:f1:e9:99:0f:07:c6:41:74:5e:06:
ab:42:07:65:3f:81:2a:31:4b:b3:06:99:b1:9d:0a:cd:6b:80:
dc:1f:67:a1:44:50:7a:ae:9b:d5:4d:d0:b1:4f:fe:8c:82:c8:
71:ea:cc:87:19:12:28:30:62:02:17:6a:2c:6e:38:f9:0a:6a:
0c:31:9b:ef:c0:58:99:03:8e:5f:37:73:11:ad:68:a5:f6:19:
ff:5e:c1:0d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdwNfz1SHzgfjKieGSrgpZ1EVJ1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDZaFw0yNjA5MDMxMDQwMDZaMDMxMTAvBgNV
BAMTKDRENTIxMDcwM0RGOTFDMERFMEI4ODZFNzAxMUVDQjZCQTBBRkQ4Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD6D+KypEzYGhdqj7hIlslaPSf8
tErcAv4sw4dsMnAaJ+N2sWeL9Z+RFNZWH9Jjyc5OTnIIPxrzpJLXV9kWhUIPyktR
0f7cqaVJ0e87Pt2T5TcLPaUA8oKGYUu9dWxfJFn2IVDoqWL8dtaZge6hR/wWqsU6
HqEeYyDhse69FWi75T00DXtiShvRpq5oQjfU1yVJOpuXUlYg4V3Q2W12Ju3AX3AM
rczxMvWHFkhzbRjusyyKhGacE0Q14DPLcruSAjSJ0TOQOvFXFvKL3eHSL16JMJVw
ISsLXe0ehtrwwIhcaSpMYafjGT/ip0AX4ArmSU8Y0tJXlLP+kjdfoGk9cbydAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTVIQcD35HA3guIbnAR7La6Cv2MwwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzgzMjJlMzEzMzM5MmUzMjMy
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMxMzIzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UovgMA0GCSqGSIb3DQEBCwUAA4IBAQB7PZXtStMsVRlvAg6LFPALowjMdffWMFOn
qc/RS4tiv7oM664SvaDbz/DGIDyxd2eGbfy+ah1Y/6XB8SvSgq6IOvmtB7LctbFq
IaUmSoWby3QxYzHROKlhTS22JvzHdjJjVDGS7z9SSEKxawULb9j2x5ZU5f462Vhc
iMjGb4o9AgdHSVmjmIjOcIt3YeQ0XwmVxdBD0966HxIjh9k6hZM3Rjr2Nw4N7us9
EfHpmQ8HxkF0XgarQgdlP4EqMUuzBpmxnQrNa4DcH2ehRFB6rpvVTdCxT/6Mgshx
6syHGRIoMGICF2osbjj5CmoMMZvvwFiZA45fN3MRrWil9hn/XsEN
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:25 2025 by rpki-client