Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138382e302f32322d3234203d3e20333937363330.roa
File: 38302e38332e3138382e302f32322d3234203d3e20333937363330.roa (raw, json)
Hash identifier: we+BIDcecMDdhb3LTIFwBqfI4/tuGmFvD0wy77xN0HU=
Subject key identifier: 69:FD:20:F2:B2:06:13:10:B5:5A:21:34:36:9A:2A:8B:7A:0A:70:86
Certificate issuer: /CN=78d65d4a22df705beed7b3432fbe48a356597724
Certificate serial: 1A89DD63743F47EADF28ED41613602AD095A7640
Authority key identifier: 78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138382e302f32322d3234203d3e20333937363330.roa
Signing time: Fri 29 Aug 2025 08:14:54 +0000
ROA not before: Fri 29 Aug 2025 08:09:54 +0000
ROA not after: Fri 28 Aug 2026 08:14:54 +0000
asID: 397630
IP address blocks: 80.83.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.mft
rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:89:dd:63:74:3f:47:ea:df:28:ed:41:61:36:02:ad:09:5a:76:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d65d4a22df705beed7b3432fbe48a356597724
Validity
Not Before: Aug 29 08:09:54 2025 GMT
Not After : Aug 28 08:14:54 2026 GMT
Subject: CN=69FD20F2B2061310B55A2134369A2A8B7A0A7086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:76:de:dc:3f:cc:31:94:36:33:72:77:1f:af:
4b:44:f5:e9:e7:0a:f5:9c:6f:18:21:2d:31:5c:8f:
7e:65:84:8e:7a:1d:8a:ca:25:0c:88:a5:bc:ad:24:
db:0c:bf:90:e2:3e:aa:71:e7:60:d2:8a:20:91:df:
04:8e:3d:db:bc:08:af:16:f1:2f:03:7d:93:06:99:
d1:45:8c:0d:51:3a:be:9b:65:a5:ba:6f:b2:af:db:
f7:e4:9d:e8:89:e9:41:86:d1:af:19:c1:18:ef:7a:
24:d1:96:d6:93:53:9f:36:d5:2b:3b:24:2d:9b:c8:
ee:b5:5e:57:9d:43:ba:c1:19:86:77:b2:69:e9:88:
4a:5a:53:7e:cc:db:bd:e3:69:36:1f:5d:d6:96:e7:
37:b4:f7:37:b3:7f:3d:a0:78:66:f3:73:95:0d:99:
53:eb:29:ad:f6:02:d9:a2:95:c6:ea:fc:c7:82:c2:
2e:7a:85:66:fe:98:d2:3c:31:de:c0:1c:83:cf:a4:
3c:14:e8:89:85:93:c0:e8:3d:56:ca:1e:d6:c1:1a:
6f:56:52:d4:65:ba:1a:96:af:c0:22:12:33:89:91:
da:d5:fd:53:f1:87:e9:ea:6c:83:d2:66:c8:d9:e5:
9a:57:8e:29:1c:bb:3e:e8:a0:72:60:5a:da:6e:bd:
09:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FD:20:F2:B2:06:13:10:B5:5A:21:34:36:9A:2A:8B:7A:0A:70:86
X509v3 Authority Key Identifier:
keyid:78:D6:5D:4A:22:DF:70:5B:EE:D7:B3:43:2F:BE:48:A3:56:59:77:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/78D65D4A22DF705BEED7B3432FBE48A356597724.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNZdSiLfcFvu17NDL75Io1ZZdyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8925ad15-af0b-45cd-b883-1a058fa0eba1/0/38302e38332e3138382e302f32322d3234203d3e20333937363330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.83.188.0/22
Signature Algorithm: sha256WithRSAEncryption
25:7c:52:e6:9d:a8:3c:dc:cb:23:4f:29:ef:69:2a:81:e5:85:
32:e9:28:3b:44:05:98:07:70:34:5a:28:31:85:9a:93:8b:94:
25:e7:77:1f:22:27:26:49:10:2c:e9:44:2d:5e:ef:d5:17:c3:
e9:04:24:c9:85:2c:97:48:7a:90:12:91:0b:cd:84:9c:9b:11:
40:13:b5:11:a0:09:0d:ee:35:3b:ab:be:ee:ea:62:3d:e9:bc:
e6:ac:73:ee:66:1c:5b:a7:48:92:96:d0:7e:8e:42:09:fb:02:
78:52:cd:2e:7b:a1:e5:2c:35:83:51:5f:d2:28:83:b1:ff:c0:
30:b9:65:c2:f4:12:eb:03:37:ed:52:21:e4:82:79:63:80:ec:
95:0d:2d:9e:dd:35:e1:d1:89:cd:ca:d5:c0:a3:b2:82:2c:a4:
85:eb:b6:72:5b:fb:34:c0:b0:85:61:de:dc:9b:91:7e:b6:ea:
7a:96:17:13:bd:7c:c4:f3:db:e6:7c:6c:7c:35:0f:01:53:e2:
9e:95:23:dd:88:d5:6b:99:b8:36:44:d4:45:37:63:8d:82:cc:
94:00:aa:d0:61:24:bf:13:ee:31:a4:8d:dd:0c:c8:6e:93:d5:
87:e4:80:70:65:2f:66:f8:e1:54:fe:f6:94:0a:20:44:f1:22:
e4:4a:5b:53
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGondY3Q/R+rfKO1BYTYCrQladkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzhkNjVkNGEyMmRmNzA1YmVlZDdiMzQzMmZiZTQ4YTM1
NjU5NzcyNDAeFw0yNTA4MjkwODA5NTRaFw0yNjA4MjgwODE0NTRaMDMxMTAvBgNV
BAMTKDY5RkQyMEYyQjIwNjEzMTBCNTVBMjEzNDM2OUEyQThCN0EwQTcwODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCddt7cP8wxlDYzcncfr0tE9enn
CvWcbxghLTFcj35lhI56HYrKJQyIpbytJNsMv5DiPqpx52DSiiCR3wSOPdu8CK8W
8S8DfZMGmdFFjA1ROr6bZaW6b7Kv2/fkneiJ6UGG0a8ZwRjveiTRltaTU5821Ss7
JC2byO61XledQ7rBGYZ3smnpiEpaU37M273jaTYfXdaW5ze09zezfz2geGbzc5UN
mVPrKa32Atmilcbq/MeCwi56hWb+mNI8Md7AHIPPpDwU6ImFk8DoPVbKHtbBGm9W
UtRluhqWr8AiEjOJkdrV/VPxh+nqbIPSZsjZ5ZpXjikcuz7ooHJgWtpuvQkvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaf0g8rIGExC1WiE0Npoqi3oKcIYwHwYDVR0j
BBgwFoAUeNZdSiLfcFvu17NDL75Io1ZZdyQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNWFkMTUtYWYwYi00NWNkLWI4ODMtMWEwNThmYTBl
YmExLzAvNzhENjVENEEyMkRGNzA1QkVFRDdCMzQzMkZCRTQ4QTM1NjU5NzcyNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2VOWmRTaUxmY0Z2dTE3TkRMNzVJbzFa
WmR5US5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNWFkMTUt
YWYwYi00NWNkLWI4ODMtMWEwNThmYTBlYmExLzAvMzgzMDJlMzgzMzJlMzEzODM4
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzMzOTM3MzYzMzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
UFO8MA0GCSqGSIb3DQEBCwUAA4IBAQAlfFLmnag83MsjTynvaSqB5YUy6Sg7RAWY
B3A0WigxhZqTi5Ql53cfIicmSRAs6UQtXu/VF8PpBCTJhSyXSHqQEpELzYScmxFA
E7URoAkN7jU7q77u6mI96bzmrHPuZhxbp0iSltB+jkIJ+wJ4Us0ue6HlLDWDUV/S
KIOx/8AwuWXC9BLrAzftUiHkgnljgOyVDS2e3TXh0YnNytXAo7KCLKSF67ZyW/s0
wLCFYd7cm5F+tup6lhcTvXzE89vmfGx8NQ8BU+KelSPdiNVrmbg2RNRFN2ONgsyU
AKrQYSS/E+4xpI3dDMhuk9WH5IBwZS9m+OFU/vaUCiBE8SLkSltT
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:36:33 2025 by rpki-client