Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233342e302f32342d3234203d3e203336353330.roa
File: 38322e3133392e3233342e302f32342d3234203d3e203336353330.roa (raw, json)
Hash identifier: IG6V0blpSw18IGil4lm32ublGgb6uKThpebeeQS8JrM=
Subject key identifier: 65:DD:48:3F:84:79:9D:3D:45:AD:13:87:53:AE:D6:28:E5:49:29:7D
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 6FA15A6E46BE5A59A2094492CE0A9A9E3952F734
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233342e302f32342d3234203d3e203336353330.roa
Signing time: Thu 04 Sep 2025 10:40:05 +0000
ROA not before: Thu 04 Sep 2025 10:35:05 +0000
ROA not after: Thu 03 Sep 2026 10:40:05 +0000
asID: 36530
IP address blocks: 82.139.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:a1:5a:6e:46:be:5a:59:a2:09:44:92:ce:0a:9a:9e:39:52:f7:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:05 2025 GMT
Not After : Sep 3 10:40:05 2026 GMT
Subject: CN=65DD483F84799D3D45AD138753AED628E549297D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:50:cd:0e:ab:e5:73:40:70:5b:18:24:03:14:
72:ab:cb:e3:58:c6:17:09:de:a2:34:2a:e1:50:8b:
42:9b:87:00:5e:82:d3:c7:3c:c4:48:0b:2e:4d:6d:
6f:93:92:d6:3f:b4:37:d3:95:c4:7b:19:34:49:4d:
a0:25:bb:27:b0:66:cc:2a:6b:9c:08:f4:55:25:b7:
24:1b:5b:58:24:37:a6:54:97:83:61:00:42:1b:43:
c1:8f:fe:19:04:dc:54:30:67:f2:83:a0:85:4e:1c:
34:6b:4d:93:e1:a7:2d:81:4c:fb:c1:52:7b:5b:c2:
6c:84:16:fa:f4:a8:32:90:3e:4c:86:62:81:fc:13:
05:ec:23:b0:e4:86:eb:5d:f8:a3:ed:21:96:a2:2a:
06:97:bf:b3:ac:48:0d:55:b9:e6:1d:af:2b:48:11:
1b:aa:c4:d6:a1:c8:c7:e2:63:99:ce:88:0e:d9:02:
de:7a:b3:48:b1:7d:68:4a:51:bd:4b:53:0c:b7:6d:
bb:09:9c:c0:4c:be:6a:4f:51:47:a5:90:5c:76:c2:
70:cb:67:21:29:3e:89:e0:05:21:5f:89:77:73:5e:
0a:3f:30:a2:0d:bf:d2:db:f8:02:b2:63:5c:1a:2a:
99:47:5b:9d:07:67:88:7a:9d:7d:07:ce:0c:e6:d3:
b9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:DD:48:3F:84:79:9D:3D:45:AD:13:87:53:AE:D6:28:E5:49:29:7D
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233342e302f32342d3234203d3e203336353330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.234.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:77:31:f7:d3:09:f5:eb:86:e7:df:ae:25:c0:96:19:76:64:
17:20:78:be:9d:4c:37:c1:5f:cd:aa:07:b4:d5:ed:99:2c:9d:
1e:c7:b7:07:d4:cd:dd:f7:63:b7:c9:7b:21:cd:d8:54:ae:9b:
ec:05:f0:ac:0e:20:1c:c5:73:c7:a6:93:01:ee:c4:66:23:f1:
cf:75:d3:ec:46:78:61:68:11:2e:b4:52:31:76:f9:36:d6:a5:
c0:20:86:4d:ab:a2:8b:99:54:4c:62:97:ed:35:57:09:60:35:
09:e9:14:f0:73:28:a9:81:61:e7:42:7a:cb:d5:57:9f:e5:f7:
a7:6b:13:cb:17:7d:71:5a:66:ee:72:de:61:50:7e:a9:4e:23:
84:e5:a4:6f:0a:9f:dc:26:e6:dd:f4:be:5b:3e:56:60:ae:50:
4f:9e:e1:e6:2d:d9:b9:cd:3e:5f:8c:2d:50:d2:b4:22:c0:84:
08:7e:e4:61:3d:89:53:1f:54:ac:64:79:dc:22:e0:5b:ef:ca:
fa:18:fd:c7:04:c8:7a:52:e0:a6:8b:f6:9a:6e:c6:86:a7:94:
5a:95:3b:d2:40:fc:2a:45:2e:c3:04:8b:fc:f9:a1:5d:0f:04:
cd:8a:a7:82:87:3d:91:2b:53:23:0d:76:12:c9:db:51:48:84:
ba:35:d4:bc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUb6Fabka+WlmiCUSSzgqanjlS9zQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDVaFw0yNjA5MDMxMDQwMDVaMDMxMTAvBgNV
BAMTKDY1REQ0ODNGODQ3OTlEM0Q0NUFEMTM4NzUzQUVENjI4RTU0OTI5N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2UM0Oq+VzQHBbGCQDFHKry+NY
xhcJ3qI0KuFQi0KbhwBegtPHPMRICy5NbW+TktY/tDfTlcR7GTRJTaAluyewZswq
a5wI9FUltyQbW1gkN6ZUl4NhAEIbQ8GP/hkE3FQwZ/KDoIVOHDRrTZPhpy2BTPvB
UntbwmyEFvr0qDKQPkyGYoH8EwXsI7Dkhutd+KPtIZaiKgaXv7OsSA1VueYdrytI
ERuqxNahyMfiY5nOiA7ZAt56s0ixfWhKUb1LUwy3bbsJnMBMvmpPUUelkFx2wnDL
ZyEpPongBSFfiXdzXgo/MKINv9Lb+AKyY1waKplHW50HZ4h6nX0Hzgzm07mbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZd1IP4R5nT1FrROHU67WKOVJKX0wHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzgzMjJlMzEzMzM5MmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM2MzUzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UovqMA0GCSqGSIb3DQEBCwUAA4IBAQCndzH30wn164bn364lwJYZdmQXIHi+nUw3
wV/Nqge01e2ZLJ0ex7cH1M3d92O3yXshzdhUrpvsBfCsDiAcxXPHppMB7sRmI/HP
ddPsRnhhaBEutFIxdvk21qXAIIZNq6KLmVRMYpftNVcJYDUJ6RTwcyipgWHnQnrL
1Vef5fenaxPLF31xWmbuct5hUH6pTiOE5aRvCp/cJubd9L5bPlZgrlBPnuHmLdm5
zT5fjC1Q0rQiwIQIfuRhPYlTH1SsZHncIuBb78r6GP3HBMh6UuCmi/aabsaGp5Ra
lTvSQPwqRS7DBIv8+aFdDwTNiqeChz2RK1MjDXYSydtRSIS6NdS8
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:54:44 2025 by rpki-client