Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233362e302f32342d3234203d3e203336353330.roa
File: 38322e3133392e3233362e302f32342d3234203d3e203336353330.roa (raw, json)
Hash identifier: BMTlD16cwgil9HqPyPrWKPKKetvR8/zSTLNXRmUNA5w=
Subject key identifier: 8C:CB:78:AA:02:FE:2F:3D:B5:BC:12:A9:3F:9A:06:7D:3D:87:9B:A0
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 46DFBF30F5AE1C9DF97F1BAFCF4CD6CB71C47586
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233362e302f32342d3234203d3e203336353330.roa
Signing time: Thu 04 Sep 2025 10:40:04 +0000
ROA not before: Thu 04 Sep 2025 10:35:04 +0000
ROA not after: Thu 03 Sep 2026 10:40:04 +0000
asID: 36530
IP address blocks: 82.139.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:df:bf:30:f5:ae:1c:9d:f9:7f:1b:af:cf:4c:d6:cb:71:c4:75:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:04 2025 GMT
Not After : Sep 3 10:40:04 2026 GMT
Subject: CN=8CCB78AA02FE2F3DB5BC12A93F9A067D3D879BA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:13:ed:71:88:0d:91:0a:5c:62:8d:ef:a3:11:
9d:66:a2:71:75:b7:c2:4b:0e:7a:f5:68:e7:c6:07:
ca:b5:d9:cb:86:d0:d0:15:c6:ce:da:ac:5b:1c:05:
f7:6a:4e:61:7b:13:da:97:98:7c:85:6d:1c:0c:ed:
3d:11:94:d0:e8:c4:2e:58:e0:4b:99:21:73:ee:3b:
3b:84:f5:32:1d:25:25:e0:0b:10:64:bb:79:48:01:
40:94:4e:fd:2b:37:2a:c4:06:99:b3:da:54:b3:3d:
16:c3:1b:1b:c1:4a:f4:b9:e9:20:a6:f6:0f:fd:ec:
51:ba:ee:03:c4:51:5b:f3:1e:7b:e9:0f:4a:42:4e:
2a:2e:cc:20:6d:10:23:51:98:ff:8c:1b:f2:9c:f2:
b4:e5:ea:ad:e1:27:0c:14:5f:cf:34:38:7d:00:d5:
5e:ba:ce:3f:ae:39:fd:7b:27:d8:56:83:9b:fd:40:
df:3f:e7:57:91:46:03:fe:b0:d4:e0:8d:f4:d3:15:
85:85:59:42:fe:59:72:ca:a5:bd:c6:5e:fa:5a:7c:
be:6c:97:5f:ca:f7:bc:36:57:f5:60:e0:39:21:80:
3c:e4:8b:37:7f:8d:fb:97:12:a5:92:6d:8b:f3:fb:
a2:6d:1b:c1:82:5f:6c:d0:51:23:20:20:0c:20:b9:
14:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CB:78:AA:02:FE:2F:3D:B5:BC:12:A9:3F:9A:06:7D:3D:87:9B:A0
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/38322e3133392e3233362e302f32342d3234203d3e203336353330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.139.236.0/24
Signature Algorithm: sha256WithRSAEncryption
98:eb:c5:53:0e:d1:bf:c3:57:72:8f:03:77:01:e4:20:04:0b:
a4:25:db:76:29:e5:6a:c1:2a:42:d2:6d:43:be:7d:78:48:9a:
2b:b0:6a:3a:36:34:fe:6c:f1:a1:fb:b7:18:8c:f7:2d:70:94:
e5:96:be:c5:97:c5:5d:d0:07:34:f0:f9:0c:4e:52:4a:a8:7a:
87:21:03:95:bf:f0:f2:7a:3a:a3:e3:0b:f4:78:97:0f:17:0c:
f5:31:a8:f2:86:08:24:43:cd:c0:8a:3a:9c:e4:a1:85:79:a7:
2d:b1:5b:bc:d1:10:97:2a:8c:d8:de:de:2e:87:a9:a0:e3:38:
ca:e4:69:66:a1:b5:d4:94:00:1a:f2:47:29:e5:ba:7c:3a:c9:
ce:24:c7:1c:19:7f:99:c6:8b:d5:03:83:39:c4:ad:8f:75:58:
f8:4d:e7:a9:00:08:0a:9c:ce:ae:87:63:7f:d4:2a:d8:e8:b6:
34:83:12:9a:8f:1e:bc:d5:a9:4e:89:c7:5a:df:7a:fb:1f:a4:
f8:cc:91:5e:c4:37:5e:d8:5f:9c:b9:7e:a1:61:29:f8:8d:8a:
58:9f:ba:59:b9:94:45:eb:06:3a:c1:e7:12:64:a5:02:a2:78:
86:3f:af:cf:53:84:f4:46:4d:e4:1b:33:0c:0f:e2:1e:c2:38:
e7:64:e1:fc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURt+/MPWuHJ35fxuvz0zWy3HEdYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDRaFw0yNjA5MDMxMDQwMDRaMDMxMTAvBgNV
BAMTKDhDQ0I3OEFBMDJGRTJGM0RCNUJDMTJBOTNGOUEwNjdEM0Q4NzlCQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaE+1xiA2RClxije+jEZ1monF1
t8JLDnr1aOfGB8q12cuG0NAVxs7arFscBfdqTmF7E9qXmHyFbRwM7T0RlNDoxC5Y
4EuZIXPuOzuE9TIdJSXgCxBku3lIAUCUTv0rNyrEBpmz2lSzPRbDGxvBSvS56SCm
9g/97FG67gPEUVvzHnvpD0pCTiouzCBtECNRmP+MG/Kc8rTl6q3hJwwUX880OH0A
1V66zj+uOf17J9hWg5v9QN8/51eRRgP+sNTgjfTTFYWFWUL+WXLKpb3GXvpafL5s
l1/K97w2V/Vg4DkhgDzkizd/jfuXEqWSbYvz+6JtG8GCX2zQUSMgIAwguRTBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjMt4qgL+Lz21vBKpP5oGfT2Hm6AwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzgzMjJlMzEzMzM5MmUzMjMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM2MzUzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UovsMA0GCSqGSIb3DQEBCwUAA4IBAQCY68VTDtG/w1dyjwN3AeQgBAukJdt2KeVq
wSpC0m1Dvn14SJorsGo6NjT+bPGh+7cYjPctcJTllr7Fl8Vd0Ac08PkMTlJKqHqH
IQOVv/Dyejqj4wv0eJcPFwz1MajyhggkQ83Aijqc5KGFeactsVu80RCXKozY3t4u
h6mg4zjK5GlmobXUlAAa8kcp5bp8OsnOJMccGX+ZxovVA4M5xK2PdVj4TeepAAgK
nM6uh2N/1CrY6LY0gxKajx681alOicda33r7H6T4zJFexDde2F+cuX6hYSn4jYpY
n7pZuZRF6wY6wecSZKUConiGP6/PU4T0Rk3kGzMMD+IewjjnZOH8
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:54:45 2025 by rpki-client