Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233342e302f32342d3234203d3e20323135333034.roa
File: 38322e3133392e3233342e302f32342d3234203d3e20323135333034.roa (raw, json)
Hash identifier: iREPWDWodQbUPonXkuMGy5Fv5eiMzIGe0CxoIkibavE=
Subject key identifier: 65:B4:FC:1D:07:3B:1B:FA:5D:66:F5:6F:35:4B:62:44:EB:3A:03:DC
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 2DAFFBB523BA7D4A9F18495A1BE636C3864BE8A6
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233342e302f32342d3234203d3e20323135333034.roa
Signing time: Thu 04 Sep 2025 10:40:07 +0000
ROA not before: Thu 04 Sep 2025 10:35:07 +0000
ROA not after: Thu 03 Sep 2026 10:40:07 +0000
asID: 215304
IP address blocks: 82.139.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:af:fb:b5:23:ba:7d:4a:9f:18:49:5a:1b:e6:36:c3:86:4b:e8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:07 2025 GMT
Not After : Sep 3 10:40:07 2026 GMT
Subject: CN=65B4FC1D073B1BFA5D66F56F354B6244EB3A03DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:0d:2f:fb:f0:45:0c:1f:1e:76:c7:d0:88:
5c:1f:8f:75:c7:c8:fb:4e:33:7b:eb:04:43:ad:6c:
72:69:6c:87:02:47:38:8f:a3:1d:76:5e:ec:9c:ab:
16:5e:93:34:39:8c:2d:c7:76:d5:bd:fa:24:3e:44:
73:ea:d6:ed:fd:32:37:19:a2:41:f8:90:e3:e1:c5:
01:74:1d:ac:01:aa:91:c6:d8:82:1f:2a:5b:29:b5:
33:71:85:5a:79:22:8a:7a:79:3a:41:cc:38:76:f3:
b1:92:3f:c1:b9:ef:a4:e3:9e:1e:75:09:27:af:a9:
70:b9:80:ec:08:e5:30:bf:89:ff:36:07:62:0d:8c:
69:a3:0b:a1:e2:f2:21:ed:23:05:55:27:d4:72:5e:
2f:29:b8:78:42:24:28:b9:1b:c9:9c:f5:2e:7b:12:
43:cc:87:c7:3e:8e:c0:0e:fe:17:ff:1d:05:1d:60:
bd:f7:b7:67:37:d9:20:13:dc:2f:72:86:04:00:76:
ef:98:a6:f3:52:00:8a:a1:ed:16:ed:08:62:ca:dd:
a6:08:a0:32:67:de:c0:56:e4:3b:c6:d1:65:e8:42:
a1:e3:9b:8b:25:a1:26:af:de:51:f5:4c:a5:55:14:
cb:4a:35:d8:ea:2b:58:5a:e0:14:2c:27:ae:b2:00:
5d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:B4:FC:1D:07:3B:1B:FA:5D:66:F5:6F:35:4B:62:44:EB:3A:03:DC
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233342e302f32342d3234203d3e20323135333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.234.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:10:61:23:64:61:4e:13:dc:5d:6e:b4:ea:53:79:58:b0:91:
94:5b:6b:32:59:b2:45:df:58:ab:84:97:70:cb:92:d0:ca:be:
74:99:24:73:e8:94:51:f6:da:97:38:07:0a:88:9a:60:00:5f:
53:90:af:45:51:6b:24:1e:4e:e3:4e:0f:a1:d0:0d:f7:3d:83:
c2:56:b5:13:7b:bf:f5:c9:01:1c:39:82:ec:6d:ee:a5:de:04:
64:ff:7f:ab:42:80:78:02:b9:30:2b:6c:0c:7a:b8:c1:d0:f7:
30:db:0d:9f:99:50:e6:d9:dd:bb:36:48:24:f1:77:d2:d1:c8:
1c:28:f5:5b:ca:63:a9:7a:c1:d0:f2:ed:67:d1:ff:25:81:5d:
d0:70:a5:f9:38:c9:4b:ba:f2:83:a2:54:c8:44:c1:ba:d0:87:
2c:ef:3c:7d:55:c5:8c:44:07:93:3f:99:10:a0:57:9b:8e:88:
f4:35:a5:80:42:3b:98:ab:db:5f:6c:4a:3d:0c:5a:60:6d:60:
b8:4b:34:6c:4c:8b:15:e0:f8:7d:98:64:48:72:29:02:33:90:
10:47:02:ad:dd:52:e0:62:36:1b:6e:a6:72:07:5d:b7:8f:60:
c4:dc:e1:b4:f9:49:81:61:7e:f6:af:b4:4e:09:44:9e:f0:48:
a7:e4:12:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULa/7tSO6fUqfGElaG+Y2w4ZL6KYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDdaFw0yNjA5MDMxMDQwMDdaMDMxMTAvBgNV
BAMTKDY1QjRGQzFEMDczQjFCRkE1RDY2RjU2RjM1NEI2MjQ0RUIzQTAzREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAgg0v+/BFDB8edsfQiFwfj3XH
yPtOM3vrBEOtbHJpbIcCRziPox12XuycqxZekzQ5jC3HdtW9+iQ+RHPq1u39MjcZ
okH4kOPhxQF0HawBqpHG2IIfKlsptTNxhVp5Iop6eTpBzDh287GSP8G576Tjnh51
CSevqXC5gOwI5TC/if82B2INjGmjC6Hi8iHtIwVVJ9RyXi8puHhCJCi5G8mc9S57
EkPMh8c+jsAO/hf/HQUdYL33t2c32SAT3C9yhgQAdu+YpvNSAIqh7RbtCGLK3aYI
oDJn3sBW5DvG0WXoQqHjm4sloSav3lH1TKVVFMtKNdjqK1ha4BQsJ66yAF3VAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZbT8HQc7G/pdZvVvNUtiROs6A9wwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzgzMjJlMzEzMzM5MmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMzMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSi+owDQYJKoZIhvcNAQELBQADggEBAHoQYSNkYU4T3F1utOpTeViwkZRbazJZ
skXfWKuEl3DLktDKvnSZJHPolFH22pc4BwqImmAAX1OQr0VRayQeTuNOD6HQDfc9
g8JWtRN7v/XJARw5guxt7qXeBGT/f6tCgHgCuTArbAx6uMHQ9zDbDZ+ZUObZ3bs2
SCTxd9LRyBwo9VvKY6l6wdDy7WfR/yWBXdBwpfk4yUu68oOiVMhEwbrQhyzvPH1V
xYxEB5M/mRCgV5uOiPQ1pYBCO5ir219sSj0MWmBtYLhLNGxMixXg+H2YZEhyKQIz
kBBHAq3dUuBiNhtupnIHXbePYMTc4bT5SYFhfvavtE4JRJ7wSKfkEmo=
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:23 2025 by rpki-client