Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3131322e3234382e302f32322d3234203d3e203437353833.roa
File: 38322e3131322e3234382e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: olIOKaHpfJvaDRVq541jzHxXkE1AKre8TdeSa8TsCGk=
Subject key identifier: AD:8D:1A:38:FB:51:09:C1:7B:E3:D0:06:7D:AE:62:BF:15:B5:4B:48
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5AADB245748772351EFFFEF57E8F9CE6C09268B5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3131322e3234382e302f32322d3234203d3e203437353833.roa
Signing time: Thu 05 Jun 2025 16:46:36 +0000
ROA not before: Thu 05 Jun 2025 16:41:36 +0000
ROA not after: Thu 04 Jun 2026 16:46:36 +0000
asID: 47583
IP address blocks: 82.112.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ad:b2:45:74:87:72:35:1e:ff:fe:f5:7e:8f:9c:e6:c0:92:68:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 5 16:41:36 2025 GMT
Not After : Jun 4 16:46:36 2026 GMT
Subject: CN=AD8D1A38FB5109C17BE3D0067DAE62BF15B54B48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7a:83:1d:bd:92:cf:f2:f1:52:13:39:51:28:
55:2d:75:e9:e4:a7:bb:86:d9:5b:8b:20:48:a2:9c:
8d:cc:35:f0:70:76:29:5e:4e:38:bc:26:10:5c:3b:
5b:b1:90:3b:36:1a:fe:34:a8:e8:a5:88:36:25:ca:
dc:a7:31:b8:14:ce:5e:20:25:a3:6f:87:da:6e:8a:
d3:08:39:cd:8c:27:fc:68:2c:09:24:cc:17:d7:1f:
7a:32:db:ee:c7:99:15:5d:b2:4e:9e:ae:0d:65:b9:
f9:1c:db:a8:b1:b7:bf:a0:aa:16:6b:97:09:ab:37:
ae:bf:96:61:8e:11:ef:13:a0:e9:e9:70:74:02:c3:
6f:94:fb:a9:74:a3:0f:54:73:cf:f0:cf:e4:20:cb:
73:02:a9:79:66:e5:b4:7f:32:9d:ea:7a:fd:58:fe:
de:9f:28:cc:7e:b8:1c:b9:07:96:b8:70:e1:07:67:
49:99:76:52:95:47:86:91:95:4c:24:84:03:35:60:
08:d5:10:0b:7c:36:b3:54:08:d1:16:5f:53:dc:5a:
2b:c7:29:69:08:86:64:99:f8:87:93:43:9b:7a:0c:
fa:7d:38:ac:2f:aa:51:1b:b8:da:d6:bd:d7:f0:14:
86:57:1e:80:ae:41:ba:cc:60:07:f8:5d:24:ac:ea:
b5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:8D:1A:38:FB:51:09:C1:7B:E3:D0:06:7D:AE:62:BF:15:B5:4B:48
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3131322e3234382e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.112.248.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:93:e9:6f:a9:5a:0c:51:70:38:cf:8f:4f:15:64:ef:8e:25:
c6:9a:c9:ff:8f:32:63:25:90:39:3e:a0:32:e4:97:99:c7:d1:
4a:6c:3b:94:11:95:61:0b:cb:37:72:a3:0e:1a:0f:42:91:d8:
d0:89:6c:84:06:6a:4a:dd:3c:cd:b7:c1:63:5b:5d:49:74:c1:
37:79:75:7f:91:a0:ac:2e:4a:ed:88:1c:ff:3a:b0:14:96:07:
96:e9:ae:84:bc:91:a3:46:36:09:a4:42:7a:95:4a:60:09:a4:
1f:2a:4b:ce:9b:b5:4c:ea:9f:a9:b5:36:59:66:e5:bb:77:da:
22:48:9b:69:eb:79:76:08:0e:64:66:41:88:ba:c9:59:06:db:
3a:4d:70:a7:c1:d0:08:2c:1c:a8:16:2e:79:b7:fb:73:09:d9:
d3:63:24:51:b4:cf:d0:f2:2a:89:0f:f7:0b:72:0f:eb:fb:a4:
da:4b:08:00:eb:f6:ef:6a:d4:ee:70:9c:2a:5f:c2:e9:2a:dd:
1a:ad:2e:c3:e8:0a:19:80:c0:2a:98:8c:39:7f:a0:c5:c0:06:
6b:0f:11:59:7f:2c:d8:1c:1e:1a:bc:37:3a:3c:48:18:d0:76:
8b:f0:a6:1d:c6:70:a6:b2:41:10:92:ab:6f:cf:c4:10:26:d0:
df:3e:45:3d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWq2yRXSHcjUe//71fo+c5sCSaLUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MDUxNjQxMzZaFw0yNjA2MDQxNjQ2MzZaMDMxMTAvBgNV
BAMTKEFEOEQxQTM4RkI1MTA5QzE3QkUzRDAwNjdEQUU2MkJGMTVCNTRCNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbeoMdvZLP8vFSEzlRKFUtdenk
p7uG2VuLIEiinI3MNfBwdileTji8JhBcO1uxkDs2Gv40qOiliDYlytynMbgUzl4g
JaNvh9puitMIOc2MJ/xoLAkkzBfXH3oy2+7HmRVdsk6erg1lufkc26ixt7+gqhZr
lwmrN66/lmGOEe8ToOnpcHQCw2+U+6l0ow9Uc8/wz+Qgy3MCqXlm5bR/Mp3qev1Y
/t6fKMx+uBy5B5a4cOEHZ0mZdlKVR4aRlUwkhAM1YAjVEAt8NrNUCNEWX1PcWivH
KWkIhmSZ+IeTQ5t6DPp9OKwvqlEbuNrWvdfwFIZXHoCuQbrMYAf4XSSs6rU5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUrY0aOPtRCcF749AGfa5ivxW1S0gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzMTMyMmUzMjM0
MzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
UnD4MA0GCSqGSIb3DQEBCwUAA4IBAQA7k+lvqVoMUXA4z49PFWTvjiXGmsn/jzJj
JZA5PqAy5JeZx9FKbDuUEZVhC8s3cqMOGg9CkdjQiWyEBmpK3TzNt8FjW11JdME3
eXV/kaCsLkrtiBz/OrAUlgeW6a6EvJGjRjYJpEJ6lUpgCaQfKkvOm7VM6p+ptTZZ
ZuW7d9oiSJtp63l2CA5kZkGIuslZBts6TXCnwdAILByoFi55t/tzCdnTYyRRtM/Q
8iqJD/cLcg/r+6TaSwgA6/bvatTucJwqX8LpKt0arS7D6AoZgMAqmIw5f6DFwAZr
DxFZfyzYHB4avDc6PEgY0HaL8KYdxnCmskEQkqtvz8QQJtDfPkU9
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:23:44 2025 by rpki-client