Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233332e302f32342d3234203d3e20323135333034.roa
File: 38322e3133392e3233332e302f32342d3234203d3e20323135333034.roa (raw, json)
Hash identifier: jfr576Zyw764gVRJW2VMmoVEwywimlo1PxVwPzIx0tk=
Subject key identifier: CF:D1:A2:28:6C:7D:0E:06:32:C4:37:48:26:E3:E4:74:E8:D2:EE:12
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 1DB4A520B48CA84A7B69DFA9A9DEDC7487BE2475
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233332e302f32342d3234203d3e20323135333034.roa
Signing time: Thu 04 Sep 2025 10:40:04 +0000
ROA not before: Thu 04 Sep 2025 10:35:04 +0000
ROA not after: Thu 03 Sep 2026 10:40:04 +0000
asID: 215304
IP address blocks: 82.139.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:b4:a5:20:b4:8c:a8:4a:7b:69:df:a9:a9:de:dc:74:87:be:24:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:04 2025 GMT
Not After : Sep 3 10:40:04 2026 GMT
Subject: CN=CFD1A2286C7D0E0632C4374826E3E474E8D2EE12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:57:9c:f7:77:76:45:0a:d2:c0:dc:40:d3:57:
1f:cf:75:40:5d:af:b8:11:fc:eb:c4:61:3d:e2:7b:
42:d0:45:b6:f2:59:64:03:cb:88:0a:cd:6c:88:c1:
32:97:32:aa:34:01:b7:1a:e6:4e:9b:fe:91:eb:c7:
bf:d4:f9:1a:37:fc:dc:39:4e:f1:5e:18:c6:bb:50:
88:65:fd:24:de:d8:7d:9b:1a:03:1e:bc:45:d0:5d:
54:29:a0:c1:df:f6:72:46:ae:09:c3:d6:10:af:07:
14:86:8f:97:69:a2:12:90:b1:67:d5:32:08:49:b9:
f8:4f:1d:c6:32:81:57:71:05:7c:6b:f7:79:08:e0:
8c:82:44:91:12:e3:62:92:f0:eb:de:e6:1a:68:43:
d6:e8:35:a8:93:cd:ee:7c:2d:f1:00:74:1e:08:68:
b7:5c:f8:bc:51:d9:3f:2a:ef:03:2c:62:2e:45:ab:
4b:74:3e:a4:07:21:86:6b:43:c0:61:65:2c:c6:53:
37:93:b8:57:43:6c:00:b1:e3:7b:d2:f8:75:d9:7d:
b9:df:a4:55:8a:b8:af:03:7f:9c:8f:0c:5c:29:32:
94:02:e4:34:43:a2:fd:a8:f2:f1:b3:26:c3:be:fc:
d2:5e:31:03:1f:92:6d:19:05:27:47:3e:d5:09:83:
86:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D1:A2:28:6C:7D:0E:06:32:C4:37:48:26:E3:E4:74:E8:D2:EE:12
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233332e302f32342d3234203d3e20323135333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.233.0/24
Signature Algorithm: sha256WithRSAEncryption
49:77:4e:c7:56:2b:88:d6:f7:37:59:c2:96:bd:51:33:8a:cc:
92:60:e4:2c:8f:24:27:29:e4:a5:37:c9:3f:37:84:4b:d4:56:
dd:02:21:2e:c2:99:58:d1:4c:75:31:92:e9:52:0e:bd:11:83:
0b:47:25:e7:9e:34:67:e1:eb:1b:73:a3:03:1c:ce:93:1d:38:
be:fb:27:7a:0e:dd:32:ef:60:c3:55:2b:09:e1:e7:59:e7:3f:
3b:da:c3:f4:66:bf:2a:c0:5e:88:1d:2d:b7:c0:a3:3f:37:d3:
52:f3:46:34:dc:fa:65:70:e7:18:56:22:08:e3:65:e3:30:df:
06:1a:bf:b7:97:ea:d3:4b:6d:d1:b2:94:2f:69:57:82:74:6e:
30:f9:29:ae:1c:13:8a:9b:1d:61:4a:ca:7d:25:d1:d4:46:34:
54:43:8e:4a:bd:88:95:35:fe:dd:80:23:88:67:ae:d6:99:88:
df:dd:fc:12:74:72:46:d5:c9:f8:d3:08:8c:91:c2:ce:51:e7:
27:47:54:87:2c:d6:fd:70:4a:21:d1:01:37:03:73:3f:61:3b:
0a:be:cc:52:bf:5e:4e:bc:e0:70:75:bd:6e:c6:2a:15:b8:1c:
22:bf:6d:e4:47:fc:51:23:cb:35:5e:25:33:9f:37:c6:77:4e:
55:c3:5e:c7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHbSlILSMqEp7ad+pqd7cdIe+JHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDRaFw0yNjA5MDMxMDQwMDRaMDMxMTAvBgNV
BAMTKENGRDFBMjI4NkM3RDBFMDYzMkM0Mzc0ODI2RTNFNDc0RThEMkVFMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuV5z3d3ZFCtLA3EDTVx/PdUBd
r7gR/OvEYT3ie0LQRbbyWWQDy4gKzWyIwTKXMqo0Abca5k6b/pHrx7/U+Ro3/Nw5
TvFeGMa7UIhl/STe2H2bGgMevEXQXVQpoMHf9nJGrgnD1hCvBxSGj5dpohKQsWfV
MghJufhPHcYygVdxBXxr93kI4IyCRJES42KS8Ove5hpoQ9boNaiTze58LfEAdB4I
aLdc+LxR2T8q7wMsYi5Fq0t0PqQHIYZrQ8BhZSzGUzeTuFdDbACx43vS+HXZfbnf
pFWKuK8Df5yPDFwpMpQC5DRDov2o8vGzJsO+/NJeMQMfkm0ZBSdHPtUJg4YVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUz9GiKGx9DgYyxDdIJuPkdOjS7hIwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzgzMjJlMzEzMzM5MmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMzMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSi+kwDQYJKoZIhvcNAQELBQADggEBAEl3TsdWK4jW9zdZwpa9UTOKzJJg5CyP
JCcp5KU3yT83hEvUVt0CIS7CmVjRTHUxkulSDr0RgwtHJeeeNGfh6xtzowMczpMd
OL77J3oO3TLvYMNVKwnh51nnPzvaw/RmvyrAXogdLbfAoz8301LzRjTc+mVw5xhW
IgjjZeMw3wYav7eX6tNLbdGylC9pV4J0bjD5Ka4cE4qbHWFKyn0l0dRGNFRDjkq9
iJU1/t2AI4hnrtaZiN/d/BJ0ckbVyfjTCIyRws5R5ydHVIcs1v1wSiHRATcDcz9h
Owq+zFK/Xk684HB1vW7GKhW4HCK/beRH/FEjyzVeJTOfN8Z3TlXDXsc=
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:23 2025 by rpki-client