Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e38332e302f32342d3234203d3e20323132323338.roa
File: 38322e3134392e38332e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: NIGszjNkINPJgxTgucGiafY4W6UkE9i/WOyvufRNxYY=
Subject key identifier: 09:CA:4E:32:47:35:C6:11:72:EF:CA:89:EE:6D:A0:7C:B2:80:18:62
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6423132BDE32CDF6DEC13B51F333077906ACC4CF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e38332e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 09 Oct 2025 09:07:26 +0000
ROA not before: Thu 09 Oct 2025 09:02:26 +0000
ROA not after: Thu 08 Oct 2026 09:07:26 +0000
asID: 212238
IP address blocks: 82.149.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 00:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:23:13:2b:de:32:cd:f6:de:c1:3b:51:f3:33:07:79:06:ac:c4:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 9 09:02:26 2025 GMT
Not After : Oct 8 09:07:26 2026 GMT
Subject: CN=09CA4E324735C61172EFCA89EE6DA07CB2801862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bd:94:ff:31:ec:09:96:98:47:a0:e3:58:1f:
3a:61:06:40:a8:95:9c:f4:46:f6:90:9d:59:5f:63:
ae:9f:1b:e7:19:9c:42:89:dc:6f:a7:6d:8d:fc:bb:
46:15:10:ca:d0:70:21:fa:77:bb:03:8a:be:10:11:
4f:ac:ce:a2:f0:ab:bf:2d:06:fe:6a:7c:7f:e4:64:
3b:22:94:73:47:e8:22:2b:8a:ec:d8:32:ac:3a:39:
33:d1:90:54:f9:c2:fd:fd:f3:4b:26:26:2e:d3:b0:
53:64:82:b0:d9:68:61:94:bf:14:48:d3:c0:c0:5b:
be:7c:aa:4f:72:b6:3a:18:dc:3f:b5:9b:37:cf:e2:
46:26:8c:be:6e:b8:21:09:a0:5b:c7:93:d2:d4:c9:
96:76:44:1d:9d:e8:17:58:b4:6b:30:22:92:37:cc:
a6:72:fa:1e:7f:4a:1c:e8:f0:6f:24:cd:15:b3:f7:
c9:0c:4a:9a:e7:5f:f4:57:1f:3e:e4:c8:6e:0f:6c:
e2:1a:e1:17:a5:c1:b3:2e:31:b5:f6:51:d6:77:77:
58:89:f7:48:68:f9:e5:5d:4b:5a:67:94:c8:30:17:
4e:51:c8:c2:1b:5e:dc:3d:2e:f9:4e:0b:4e:df:87:
6c:09:7c:37:1d:47:88:30:e9:b3:33:1b:be:45:44:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CA:4E:32:47:35:C6:11:72:EF:CA:89:EE:6D:A0:7C:B2:80:18:62
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3134392e38332e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.149.83.0/24
Signature Algorithm: sha256WithRSAEncryption
12:ed:a4:cf:19:5f:79:1c:19:43:25:85:91:20:4b:2c:ad:55:
d7:a9:d7:01:7d:d1:da:8f:b6:13:3f:78:34:d2:e8:fa:16:dd:
8b:05:81:60:1e:c3:71:b0:e8:0a:72:99:05:1b:9d:4e:12:c1:
81:bc:08:96:9b:c8:7a:6d:ce:0b:f5:9e:bd:5e:97:05:97:e9:
67:b9:38:f1:0d:06:8d:eb:5c:c9:4e:2d:6f:53:65:a8:a0:5a:
23:37:0d:2d:b5:fc:70:c8:bf:3b:6e:8d:0a:33:24:d1:9f:0d:
97:34:7b:f5:df:f8:7b:b2:dc:9a:32:07:2e:8d:4d:0b:38:e5:
76:65:60:22:2c:7d:f2:7a:37:c0:21:0b:b7:60:6a:c4:e4:23:
a3:90:61:4f:64:25:c6:f7:05:2c:8f:d0:b9:e3:2b:50:24:a9:
1d:ce:20:6a:d1:a3:35:9c:e3:4f:a5:28:af:0b:be:03:c5:ab:
34:57:07:7f:ca:1e:96:a2:ba:51:5e:0d:eb:cd:90:76:2b:dc:
57:93:62:30:e6:4b:32:88:b8:32:ef:8a:5d:e2:0a:df:2c:c7:
f1:e5:9e:2e:52:65:56:a1:c6:76:5e:b8:4f:c1:67:7a:0d:ae:
63:5b:18:6f:aa:d7:dc:61:c4:bc:75:d9:bd:c9:2f:e9:0f:40:
a2:da:25:a4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZCMTK94yzfbewTtR8zMHeQasxM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDkwOTAyMjZaFw0yNjEwMDgwOTA3MjZaMDMxMTAvBgNV
BAMTKDA5Q0E0RTMyNDczNUM2MTE3MkVGQ0E4OUVFNkRBMDdDQjI4MDE4NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4vZT/MewJlphHoONYHzphBkCo
lZz0RvaQnVlfY66fG+cZnEKJ3G+nbY38u0YVEMrQcCH6d7sDir4QEU+szqLwq78t
Bv5qfH/kZDsilHNH6CIriuzYMqw6OTPRkFT5wv3980smJi7TsFNkgrDZaGGUvxRI
08DAW758qk9ytjoY3D+1mzfP4kYmjL5uuCEJoFvHk9LUyZZ2RB2d6BdYtGswIpI3
zKZy+h5/Shzo8G8kzRWz98kMSprnX/RXHz7kyG4PbOIa4RelwbMuMbX2UdZ3d1iJ
90ho+eVdS1pnlMgwF05RyMIbXtw9LvlOC07fh2wJfDcdR4gw6bMzG75FRJO5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUCcpOMkc1xhFy78qJ7m2gfLKAGGIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzNDM5MmUzODMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UpVTMA0GCSqGSIb3DQEBCwUAA4IBAQAS7aTPGV95HBlDJYWRIEssrVXXqdcBfdHa
j7YTP3g00uj6Ft2LBYFgHsNxsOgKcpkFG51OEsGBvAiWm8h6bc4L9Z69XpcFl+ln
uTjxDQaN61zJTi1vU2WooFojNw0ttfxwyL87bo0KMyTRnw2XNHv13/h7styaMgcu
jU0LOOV2ZWAiLH3yejfAIQu3YGrE5COjkGFPZCXG9wUsj9C54ytQJKkdziBq0aM1
nONPpSivC74Dxas0Vwd/yh6WorpRXg3rzZB2K9xXk2Iw5ksyiLgy74pd4grfLMfx
5Z4uUmVWocZ2XrhPwWd6Da5jWxhvqtfcYcS8ddm9yS/pD0Ci2iWk
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:29:10 2025 by rpki-client