Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233342e302f32342d3234203d3e20323134363534.roa
File: 38322e3133392e3233342e302f32342d3234203d3e20323134363534.roa (raw, json)
Hash identifier: B7MMWVMFyuFxfttFYuVlPxbH+YxudgT7PwENlcc531c=
Subject key identifier: EE:DC:AA:B2:17:F5:82:65:5B:7C:01:06:66:8D:18:A8:DE:BB:79:51
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 60BAC6AC699247A6D7BD190D3E27A409CB78082C
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233342e302f32342d3234203d3e20323134363534.roa
Signing time: Thu 04 Sep 2025 10:40:07 +0000
ROA not before: Thu 04 Sep 2025 10:35:07 +0000
ROA not after: Thu 03 Sep 2026 10:40:07 +0000
asID: 214654
IP address blocks: 82.139.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:ba:c6:ac:69:92:47:a6:d7:bd:19:0d:3e:27:a4:09:cb:78:08:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:07 2025 GMT
Not After : Sep 3 10:40:07 2026 GMT
Subject: CN=EEDCAAB217F582655B7C0106668D18A8DEBB7951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e6:5f:a3:ec:67:43:21:35:d1:1f:2c:53:bf:
85:5e:41:b0:3f:cd:f7:c1:23:d9:fb:fb:2e:b2:9f:
e9:73:72:26:7b:67:08:71:ab:4f:50:02:6f:3b:11:
fc:9a:ec:94:bc:a9:e4:15:62:59:3a:a2:71:9a:c8:
2e:b1:ae:80:6e:85:c3:d1:cf:4e:e2:07:bb:4d:21:
33:a6:50:0d:d9:8c:69:40:7a:6d:08:bf:66:f0:4d:
5e:9f:e8:fb:e6:25:40:f0:1a:3c:82:2c:3b:d2:12:
59:dc:95:b1:85:85:a0:4e:6f:49:3b:d3:f7:f3:e2:
99:1f:2e:9b:82:41:91:c7:e2:59:3f:c5:89:d3:a4:
a9:c5:83:2b:e1:46:b0:2a:cf:99:01:50:74:ee:35:
c5:04:22:0d:77:a5:b1:b7:81:c6:f8:03:69:83:ab:
65:0a:66:ee:95:35:88:ed:a7:5d:13:79:54:a4:38:
57:05:bc:ed:a4:41:87:44:0d:1a:fc:2a:1f:4c:f8:
60:21:a4:bc:0f:bb:75:36:fb:c0:7c:e1:59:81:18:
25:b1:6d:e3:e7:d9:f1:0b:1f:ed:ee:61:2a:22:72:
12:34:bf:8b:5a:e1:e6:ca:b0:b4:ef:d9:49:a3:42:
19:47:03:30:4d:bb:59:01:7a:c6:da:c0:5d:89:f5:
3a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DC:AA:B2:17:F5:82:65:5B:7C:01:06:66:8D:18:A8:DE:BB:79:51
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233342e302f32342d3234203d3e20323134363534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.234.0/24
Signature Algorithm: sha256WithRSAEncryption
19:4b:90:18:32:35:22:bb:fe:20:ae:95:44:4c:fe:fa:43:d1:
91:5f:4d:bd:73:25:26:6a:4b:47:12:3e:84:f5:6d:cf:b0:77:
64:49:4b:7c:3e:4c:15:f5:f6:40:83:ed:29:ab:39:2a:df:31:
72:88:1a:4d:53:79:e5:ea:f3:ec:e4:84:da:56:37:cf:0c:9a:
be:03:63:56:a8:49:2c:f3:ff:a4:8c:10:6d:1f:04:d8:e4:9a:
57:87:d4:75:1f:6a:24:10:99:48:46:9a:2b:46:7a:88:08:41:
28:76:32:6a:d5:48:9f:a3:3b:de:4a:b1:80:44:32:f7:ed:da:
4b:88:f4:db:13:ef:c6:8e:88:e2:a7:2b:cf:70:b7:d0:90:7f:
f4:e9:f8:c0:24:2b:65:2d:77:6c:21:dd:ec:82:ed:01:d2:46:
d0:9a:13:e0:3a:a0:9a:e0:c9:aa:f5:de:75:9f:a9:9d:bd:37:
54:2f:4b:76:2b:c1:41:80:22:a2:82:cc:78:eb:66:fa:0b:c6:
e1:ec:34:17:38:9d:40:3c:97:53:f4:a5:d3:46:a6:0e:9d:04:
9d:7d:c0:67:a2:e0:69:7c:a7:28:c4:55:6b:ed:f0:bf:dc:f2:
3b:60:df:4e:86:08:68:72:ec:c7:4b:a2:8e:03:a9:1f:6b:97:
99:86:2c:7a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYLrGrGmSR6bXvRkNPiekCct4CCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDdaFw0yNjA5MDMxMDQwMDdaMDMxMTAvBgNV
BAMTKEVFRENBQUIyMTdGNTgyNjU1QjdDMDEwNjY2OEQxOEE4REVCQjc5NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC5l+j7GdDITXRHyxTv4VeQbA/
zffBI9n7+y6yn+lzciZ7Zwhxq09QAm87Efya7JS8qeQVYlk6onGayC6xroBuhcPR
z07iB7tNITOmUA3ZjGlAem0Iv2bwTV6f6PvmJUDwGjyCLDvSElnclbGFhaBOb0k7
0/fz4pkfLpuCQZHH4lk/xYnTpKnFgyvhRrAqz5kBUHTuNcUEIg13pbG3gcb4A2mD
q2UKZu6VNYjtp10TeVSkOFcFvO2kQYdEDRr8Kh9M+GAhpLwPu3U2+8B84VmBGCWx
bePn2fELH+3uYSoichI0v4ta4ebKsLTv2UmjQhlHAzBNu1kBesbawF2J9TplAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7tyqshf1gmVbfAEGZo0YqN67eVEwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzgzMjJlMzEzMzM5MmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNjM1MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSi+owDQYJKoZIhvcNAQELBQADggEBABlLkBgyNSK7/iCulURM/vpD0ZFfTb1z
JSZqS0cSPoT1bc+wd2RJS3w+TBX19kCD7SmrOSrfMXKIGk1TeeXq8+zkhNpWN88M
mr4DY1aoSSzz/6SMEG0fBNjkmleH1HUfaiQQmUhGmitGeogIQSh2MmrVSJ+jO95K
sYBEMvft2kuI9NsT78aOiOKnK89wt9CQf/Tp+MAkK2Utd2wh3eyC7QHSRtCaE+A6
oJrgyar13nWfqZ29N1QvS3YrwUGAIqKCzHjrZvoLxuHsNBc4nUA8l1P0pdNGpg6d
BJ19wGei4Gl8pyjEVWvt8L/c8jtg306GCGhy7MdLoo4DqR9rl5mGLHo=
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:23 2025 by rpki-client