Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138332e302f32342d3234203d3e20333937363330.roa
File: 38302e38332e3138332e302f32342d3234203d3e20333937363330.roa (raw, json)
Hash identifier: Ad+5BdNWHduo2krSRCUtMwi3nPchWlto7JX4C03p+n4=
Subject key identifier: E7:09:B5:98:99:88:5C:D1:66:48:9B:68:72:4B:39:17:B2:E2:BD:CA
Certificate issuer: /CN=78d65d4a22df705beed7b3432fbe48a356597724
Certificate serial: 112B91D9F147AD4620B170E260B03B5F54EE0FBE
Authority key identifier: 78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138332e302f32342d3234203d3e20333937363330.roa
Signing time: Fri 29 Aug 2025 08:14:01 +0000
ROA not before: Fri 29 Aug 2025 08:09:01 +0000
ROA not after: Fri 28 Aug 2026 08:14:01 +0000
asID: 397630
IP address blocks: 80.83.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.mft
rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:2b:91:d9:f1:47:ad:46:20:b1:70:e2:60:b0:3b:5f:54:ee:0f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d65d4a22df705beed7b3432fbe48a356597724
Validity
Not Before: Aug 29 08:09:01 2025 GMT
Not After : Aug 28 08:14:01 2026 GMT
Subject: CN=E709B59899885CD166489B68724B3917B2E2BDCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:7c:69:5b:40:36:1c:e1:23:b2:2a:0b:94:
ad:12:91:cb:a5:03:35:e1:7f:8d:79:1e:4a:39:6d:
eb:bd:5b:5a:92:d0:19:d0:d4:fd:ff:15:50:39:bf:
2d:83:3f:08:73:d9:24:42:e8:9d:57:01:d5:3d:1e:
24:26:2b:53:5e:83:a6:05:6f:28:7e:c3:91:46:97:
ea:98:4e:5e:1e:90:17:02:d4:a7:be:09:a0:69:c4:
11:fb:10:06:2b:81:e3:df:cd:fc:92:80:18:48:0b:
2f:fe:1f:4c:fd:55:29:59:24:31:5d:87:15:82:b1:
36:c0:bc:40:16:af:ce:ef:94:24:43:1f:30:b3:fd:
ae:ca:0d:b4:eb:0d:63:ce:17:49:90:88:9e:dc:e0:
d7:55:7e:1c:83:e9:31:8a:d6:ea:9e:af:67:de:42:
f1:3e:92:d5:10:6b:6b:df:bb:45:09:80:33:04:6c:
e9:e4:d7:78:93:7c:ff:bf:cc:ee:53:bb:c3:77:e3:
9b:9a:44:85:fe:3c:eb:93:70:6b:bc:3d:9c:6f:af:
ee:e1:8c:52:ce:79:a0:64:87:53:55:67:4a:f2:b2:
34:77:c7:0c:17:7d:2c:67:82:01:5e:67:c9:16:e3:
de:e9:37:ec:b7:85:77:48:8b:d3:ef:34:4c:c5:97:
b3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:09:B5:98:99:88:5C:D1:66:48:9B:68:72:4B:39:17:B2:E2:BD:CA
X509v3 Authority Key Identifier:
keyid:78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138332e302f32342d3234203d3e20333937363330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.183.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:23:b7:53:70:d5:a0:c4:99:7d:68:ca:a9:88:7f:25:d0:45:
0b:91:09:de:72:20:44:09:43:03:1f:ef:59:93:7d:37:0e:28:
07:38:9d:c9:fe:72:06:b5:12:68:c4:9d:00:18:a2:76:11:3c:
65:be:00:66:02:58:92:18:f1:5f:5e:36:85:44:3c:93:75:65:
2a:cd:a4:cc:15:4e:f4:cd:a4:47:8d:5e:24:38:d9:5c:3f:e4:
8e:05:5f:a8:f2:e3:5b:a1:2e:54:ff:f6:68:78:dd:88:39:bf:
4e:74:ce:41:20:35:06:32:b0:cd:1f:c3:f7:8e:1a:56:e5:b6:
58:26:d8:4f:80:66:88:6c:ae:6a:1b:0f:f3:78:e8:55:8f:2c:
a7:a3:fa:bf:6e:a4:42:d6:a5:d8:19:73:f9:19:19:7c:21:83:
a3:2c:4d:91:6d:6d:00:c3:6a:03:07:6f:42:d0:45:c1:ef:17:
df:12:22:8d:59:12:05:2a:43:7a:e1:39:6c:87:a4:03:eb:c5:
77:75:50:ce:e0:d6:9a:b5:9a:2e:06:06:d2:90:9d:b6:ba:d2:
25:b3:ef:a4:e8:24:b7:69:d0:ef:3b:97:bc:57:6c:0f:62:30:
21:36:a6:68:82:be:f6:a9:73:75:7c:5c:66:ed:0c:27:87:fe:
0b:a6:55:46
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUESuR2fFHrUYgsXDiYLA7X1TuD74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzhkNjVkNGEyMmRmNzA1YmVlZDdiMzQzMmZiZTQ4YTM1
NjU5NzcyNDAeFw0yNTA4MjkwODA5MDFaFw0yNjA4MjgwODE0MDFaMDMxMTAvBgNV
BAMTKEU3MDlCNTk4OTk4ODVDRDE2NjQ4OUI2ODcyNEIzOTE3QjJFMkJEQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9U3xpW0A2HOEjsioLlK0Skcul
AzXhf415Hko5beu9W1qS0BnQ1P3/FVA5vy2DPwhz2SRC6J1XAdU9HiQmK1Neg6YF
byh+w5FGl+qYTl4ekBcC1Ke+CaBpxBH7EAYrgePfzfySgBhICy/+H0z9VSlZJDFd
hxWCsTbAvEAWr87vlCRDHzCz/a7KDbTrDWPOF0mQiJ7c4NdVfhyD6TGK1uqer2fe
QvE+ktUQa2vfu0UJgDMEbOnk13iTfP+/zO5Tu8N345uaRIX+POuTcGu8PZxvr+7h
jFLOeaBkh1NVZ0rysjR3xwwXfSxnggFeZ8kW497pN+y3hXdIi9PvNEzFl7NzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU5wm1mJmIXNFmSJtocks5F7LivcowHwYDVR0j
BBgwFoAUeNZdSiLfcFvu17NDL75Io1ZZdyQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNWFkMTUtYWYwYi00NWNkLWI4ODMtMWEwNThmYTBl
YmExLzAvNzhENjVENEEyMkRGNzA1QkVFRDdCMzQzMkZCRTQ4QTM1NjU5NzcyNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VOWmRTaUxmY0Z2dTE3TkRMNzVJbzFa
WmR5US5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNWFkMTUt
YWYwYi00NWNkLWI4ODMtMWEwNThmYTBlYmExLzAvMzgzMDJlMzgzMzJlMzEzODMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM3MzYzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UFO3MA0GCSqGSIb3DQEBCwUAA4IBAQBLI7dTcNWgxJl9aMqpiH8l0EULkQneciBE
CUMDH+9Zk303DigHOJ3J/nIGtRJoxJ0AGKJ2ETxlvgBmAliSGPFfXjaFRDyTdWUq
zaTMFU70zaRHjV4kONlcP+SOBV+o8uNboS5U//ZoeN2IOb9OdM5BIDUGMrDNH8P3
jhpW5bZYJthPgGaIbK5qGw/zeOhVjyyno/q/bqRC1qXYGXP5GRl8IYOjLE2RbW0A
w2oDB29C0EXB7xffEiKNWRIFKkN64Tlsh6QD68V3dVDO4NaatZouBgbSkJ22utIl
s++k6CS3adDvO5e8V2wPYjAhNqZogr72qXN1fFxm7Qwnh/4LplVG
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:36:51 2025 by rpki-client