Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233332e302f32342d3234203d3e20323134363534.roa
File: 38322e3133392e3233332e302f32342d3234203d3e20323134363534.roa (raw, json)
Hash identifier: GvrYtJTvsyNBFvjWMCeb1+8WE6ARGYSSdqqGkL66pGI=
Subject key identifier: B0:B9:A0:67:08:0D:29:FB:BC:5E:4B:6D:6B:A0:BE:1F:65:99:03:77
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 568244A7F784FEFF91686E2F640C9DF27B1DAA94
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233332e302f32342d3234203d3e20323134363534.roa
Signing time: Thu 04 Sep 2025 10:40:05 +0000
ROA not before: Thu 04 Sep 2025 10:35:05 +0000
ROA not after: Thu 03 Sep 2026 10:40:05 +0000
asID: 214654
IP address blocks: 82.139.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:82:44:a7:f7:84:fe:ff:91:68:6e:2f:64:0c:9d:f2:7b:1d:aa:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:05 2025 GMT
Not After : Sep 3 10:40:05 2026 GMT
Subject: CN=B0B9A067080D29FBBC5E4B6D6BA0BE1F65990377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1c:4f:d4:c6:f6:cf:3f:cc:86:26:d9:1f:29:
15:a8:9f:f7:45:4b:7f:d8:88:30:92:fa:11:92:78:
f8:d7:1a:09:41:26:78:98:05:6d:ca:81:1a:aa:80:
1c:45:d0:d1:d2:5c:15:62:63:47:94:04:01:63:53:
e8:db:62:65:99:cb:3f:ca:9a:77:bf:88:e8:24:12:
ec:20:52:32:73:96:40:47:90:9c:35:2b:a6:9f:98:
8b:e6:f3:f8:25:5f:57:9a:29:5c:d8:b8:66:f5:fa:
9c:e7:13:d5:5e:22:dd:9d:43:1a:97:cb:7f:3d:53:
bc:a5:31:f3:f0:2c:23:d2:86:07:8a:ad:5b:be:46:
fe:b5:85:41:3e:c6:0e:14:af:aa:1f:2d:3c:7a:17:
b4:84:fc:2b:4c:31:9f:29:67:be:b6:47:1c:cc:52:
2e:dc:3f:04:4a:0e:14:27:48:ef:a7:b2:8b:51:08:
b1:a3:fb:bf:83:7d:cf:61:e2:c0:cc:91:29:bc:19:
85:34:c9:f8:e2:e3:42:11:84:19:36:f3:4e:95:bf:
87:07:a8:34:57:d3:fb:da:3c:69:66:3a:00:7c:ea:
7d:33:89:41:1b:75:01:bc:3c:5c:85:0b:ca:59:48:
8c:7f:9a:6d:1c:6a:60:e5:1f:f7:61:31:72:3f:80:
e8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:B9:A0:67:08:0D:29:FB:BC:5E:4B:6D:6B:A0:BE:1F:65:99:03:77
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233332e302f32342d3234203d3e20323134363534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.233.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:66:39:b0:75:d0:e7:35:f4:92:b5:02:4d:55:8a:cb:11:5a:
8c:0c:d8:9c:75:28:a0:2b:27:d1:91:80:83:aa:89:52:18:60:
96:f5:e0:a5:c3:38:45:4c:7a:0f:97:74:93:df:7f:02:2e:70:
b8:92:31:54:45:29:94:a3:10:35:17:f7:c5:7f:45:1c:a8:ef:
18:b5:42:2f:d5:c4:d3:80:20:ed:57:fe:86:1d:cc:a7:1b:6c:
b3:16:1a:37:47:e3:3c:0c:17:17:4d:52:c6:7f:c8:62:45:1f:
f3:ca:82:e8:a5:b3:dc:bd:12:9b:1a:61:64:f1:5f:93:80:12:
42:47:ce:e3:0e:22:c7:e1:98:c6:f5:02:4f:8e:3c:59:a2:ac:
82:0e:e1:ad:24:e4:6e:88:14:e7:1d:ee:ab:38:d5:45:19:b7:
1e:09:a5:e7:4a:95:3a:ae:f4:12:4b:fd:9c:ab:0f:69:52:71:
3b:76:5b:2d:46:96:46:52:5d:f6:ee:e6:85:30:5c:6e:79:ef:
b6:ad:15:eb:6f:b8:88:81:c6:7e:de:b5:47:3d:06:6e:1b:b9:
dc:85:ab:51:e0:36:d4:d4:78:5d:50:e0:20:f6:a3:f1:2e:d3:
6c:19:8b:e8:7a:d6:cd:f2:92:28:60:ba:5f:1b:0b:69:83:bd:
cf:31:c0:f8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVoJEp/eE/v+RaG4vZAyd8nsdqpQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDVaFw0yNjA5MDMxMDQwMDVaMDMxMTAvBgNV
BAMTKEIwQjlBMDY3MDgwRDI5RkJCQzVFNEI2RDZCQTBCRTFGNjU5OTAzNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwHE/UxvbPP8yGJtkfKRWon/dF
S3/YiDCS+hGSePjXGglBJniYBW3KgRqqgBxF0NHSXBViY0eUBAFjU+jbYmWZyz/K
mne/iOgkEuwgUjJzlkBHkJw1K6afmIvm8/glX1eaKVzYuGb1+pznE9VeIt2dQxqX
y389U7ylMfPwLCPShgeKrVu+Rv61hUE+xg4Ur6ofLTx6F7SE/CtMMZ8pZ762RxzM
Ui7cPwRKDhQnSO+nsotRCLGj+7+Dfc9h4sDMkSm8GYU0yfji40IRhBk2806Vv4cH
qDRX0/vaPGlmOgB86n0ziUEbdQG8PFyFC8pZSIx/mm0camDlH/dhMXI/gOgVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsLmgZwgNKfu8Xktta6C+H2WZA3cwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzgzMjJlMzEzMzM5MmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNjM1MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSi+kwDQYJKoZIhvcNAQELBQADggEBAA9mObB10Oc19JK1Ak1VissRWowM2Jx1
KKArJ9GRgIOqiVIYYJb14KXDOEVMeg+XdJPffwIucLiSMVRFKZSjEDUX98V/RRyo
7xi1Qi/VxNOAIO1X/oYdzKcbbLMWGjdH4zwMFxdNUsZ/yGJFH/PKguils9y9Epsa
YWTxX5OAEkJHzuMOIsfhmMb1Ak+OPFmirIIO4a0k5G6IFOcd7qs41UUZtx4JpedK
lTqu9BJL/ZyrD2lScTt2Wy1GlkZSXfbu5oUwXG5577atFetvuIiBxn7etUc9Bm4b
udyFq1HgNtTUeF1Q4CD2o/Eu02wZi+h61s3ykihgul8bC2mDvc8xwPg=
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:55:32 2025 by rpki-client