Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233362e302f32342d3234203d3e20323135333034.roa
File: 38322e3133392e3233362e302f32342d3234203d3e20323135333034.roa (raw, json)
Hash identifier: 6xDNo4Syra8en0dUNH4zmsKrNesVf3Zm30l0rhVcK7Q=
Subject key identifier: EE:3B:F0:6D:DA:E3:E7:72:D5:62:77:CA:0E:86:5E:02:D6:88:BF:C1
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 79508E492160F00D0F830B7DD3C450F50C840BDA
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233362e302f32342d3234203d3e20323135333034.roa
Signing time: Thu 04 Sep 2025 10:40:05 +0000
ROA not before: Thu 04 Sep 2025 10:35:05 +0000
ROA not after: Thu 03 Sep 2026 10:40:05 +0000
asID: 215304
IP address blocks: 82.139.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:50:8e:49:21:60:f0:0d:0f:83:0b:7d:d3:c4:50:f5:0c:84:0b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:05 2025 GMT
Not After : Sep 3 10:40:05 2026 GMT
Subject: CN=EE3BF06DDAE3E772D56277CA0E865E02D688BFC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:16:b0:2c:73:4b:ec:b5:98:09:fc:3c:9a:f4:
6f:00:a9:f9:7f:ae:1c:4c:b1:c3:c8:fe:da:37:b7:
e4:32:db:ac:e0:79:96:2d:c0:d0:a1:2a:39:01:a2:
ed:d7:ba:55:71:b0:49:db:85:a4:c7:07:f9:dc:bf:
5d:9e:24:b4:f8:b9:82:28:8a:f1:b1:a1:8a:64:06:
d9:dd:1b:fd:78:bc:a7:bd:fb:87:17:99:3c:89:1e:
fb:71:60:fb:5f:9d:e9:84:f1:a8:4f:d2:d2:ba:6e:
f4:57:20:e5:31:a2:b9:0c:5a:a4:bb:8a:2e:60:07:
b3:11:af:a7:66:a9:5e:d8:e0:32:e8:62:3c:a3:cb:
d6:28:27:14:19:d7:cf:68:39:6d:2f:85:aa:ac:ef:
85:b9:7d:45:5a:78:46:38:bf:8b:d1:08:ca:02:23:
ac:e9:d1:01:9d:dc:e4:01:f8:a3:8d:8c:52:27:29:
3a:df:03:6a:2c:6e:45:03:8d:80:bc:80:60:f8:1a:
fb:48:f9:83:ba:51:53:4c:e7:c0:22:68:2d:09:47:
4d:c8:dd:c1:b2:b2:b6:3a:2d:05:91:bd:16:ca:71:
a1:a4:46:46:25:f6:01:c3:45:a0:8b:ed:e5:04:66:
3a:65:6c:88:bd:03:8f:e1:b8:11:88:d6:da:37:fd:
d1:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3B:F0:6D:DA:E3:E7:72:D5:62:77:CA:0E:86:5E:02:D6:88:BF:C1
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233362e302f32342d3234203d3e20323135333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.236.0/24
Signature Algorithm: sha256WithRSAEncryption
35:46:1f:71:04:c4:6e:e5:f8:b5:17:3a:b9:05:93:42:05:5e:
23:b0:25:d6:09:b7:70:ec:61:1f:d6:62:e4:37:0d:9d:cc:2b:
f0:f8:76:c1:24:f6:dd:5b:28:dd:3b:58:4c:46:e1:ec:cd:60:
01:06:26:7c:2c:85:7d:5d:a7:a6:30:9e:05:8f:60:4a:50:f5:
d6:99:d9:6b:0a:d5:ef:da:7a:01:51:10:b2:2b:d9:b6:7c:4e:
f2:05:5d:16:df:d2:4e:b2:21:df:d0:47:c0:58:9f:f3:5e:0a:
92:2e:91:8f:86:e7:29:e3:70:eb:1a:9d:58:9c:65:7a:06:d5:
a3:64:23:1b:17:21:a8:54:68:6d:1c:67:0e:6d:17:ee:7b:28:
3a:58:46:ca:a1:7b:87:76:b0:42:fe:6d:90:11:e0:0d:37:76:
77:2a:a9:ea:f8:1f:d4:d5:a8:e4:9f:e3:6f:2a:c5:75:70:e6:
30:5c:f2:ea:20:53:5b:d0:02:c4:76:da:89:dc:df:57:a0:dd:
2d:b8:c0:71:36:c7:fe:a0:6e:81:39:23:a8:a1:ec:25:99:83:
41:6a:3d:39:d4:50:eb:90:02:6c:de:39:8a:65:9b:5c:f1:e3:
da:c6:5f:bd:8e:9a:97:d2:4a:5e:ce:4c:bb:ec:24:63:97:49:
38:f8:b0:2f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeVCOSSFg8A0Pgwt908RQ9QyEC9owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDVaFw0yNjA5MDMxMDQwMDVaMDMxMTAvBgNV
BAMTKEVFM0JGMDZEREFFM0U3NzJENTYyNzdDQTBFODY1RTAyRDY4OEJGQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFFrAsc0vstZgJ/Dya9G8Aqfl/
rhxMscPI/to3t+Qy26zgeZYtwNChKjkBou3XulVxsEnbhaTHB/ncv12eJLT4uYIo
ivGxoYpkBtndG/14vKe9+4cXmTyJHvtxYPtfnemE8ahP0tK6bvRXIOUxorkMWqS7
ii5gB7MRr6dmqV7Y4DLoYjyjy9YoJxQZ189oOW0vhaqs74W5fUVaeEY4v4vRCMoC
I6zp0QGd3OQB+KONjFInKTrfA2osbkUDjYC8gGD4GvtI+YO6UVNM58AiaC0JR03I
3cGysrY6LQWRvRbKcaGkRkYl9gHDRaCL7eUEZjplbIi9A4/huBGI1to3/dFtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7jvwbdrj53LVYnfKDoZeAtaIv8EwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzgzMjJlMzEzMzM5MmUzMjMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzUzMzMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSi+wwDQYJKoZIhvcNAQELBQADggEBADVGH3EExG7l+LUXOrkFk0IFXiOwJdYJ
t3DsYR/WYuQ3DZ3MK/D4dsEk9t1bKN07WExG4ezNYAEGJnwshX1dp6YwngWPYEpQ
9daZ2WsK1e/aegFRELIr2bZ8TvIFXRbf0k6yId/QR8BYn/NeCpIukY+G5ynjcOsa
nVicZXoG1aNkIxsXIahUaG0cZw5tF+57KDpYRsqhe4d2sEL+bZAR4A03dncqqer4
H9TVqOSf428qxXVw5jBc8uogU1vQAsR22onc31eg3S24wHE2x/6gboE5I6ih7CWZ
g0FqPTnUUOuQAmzeOYplm1zx49rGX72OmpfSSl7OTLvsJGOXSTj4sC8=
-----END CERTIFICATE-----
Generated at Sun Sep 7 04:02:24 2025 by rpki-client