Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3133362e302f32322d3234203d3e203437353833.roa
File: 38322e3138302e3133362e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: 3ixXf+Fu4WXiddTAYA1Dq37EdlpoCZ+4eKXa+R+zvFs=
Subject key identifier: D2:20:87:64:73:B0:83:F4:C9:D7:87:60:2D:66:E6:FF:85:49:F2:45
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 32A362FCB6E790F9F6F6ED329C29185BF250B34D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3133362e302f32322d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:44:59 +0000
ROA not before: Mon 27 Jan 2025 09:39:59 +0000
ROA not after: Mon 26 Jan 2026 09:44:59 +0000
asID: 47583
IP address blocks: 82.180.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:a3:62:fc:b6:e7:90:f9:f6:f6:ed:32:9c:29:18:5b:f2:50:b3:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:59 2025 GMT
Not After : Jan 26 09:44:59 2026 GMT
Subject: CN=D220876473B083F4C9D787602D66E6FF8549F245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7d:64:1b:e6:12:19:60:79:f9:ec:09:2c:af:
bd:32:d5:2f:da:f7:29:4f:21:fe:7d:5f:a7:71:d8:
02:43:87:63:6e:d6:44:ed:10:1e:9e:c4:9e:52:72:
b9:5b:a4:8e:a3:16:a9:0a:ae:d5:0e:44:01:0f:c5:
cd:91:30:ec:6d:f0:0f:39:a1:de:6f:a4:c1:13:83:
6c:72:01:8b:7d:68:ff:e4:83:85:6c:85:2f:b7:36:
d5:f9:42:9f:c6:4c:ea:24:e4:5e:4c:ac:67:91:c9:
e2:f4:1d:e6:8f:96:87:4a:97:3e:3f:c2:8c:6b:be:
6f:da:90:61:0a:5b:b6:28:21:e4:b0:8b:17:5b:17:
ae:11:68:69:eb:32:44:86:76:d6:fb:bb:6b:cc:49:
d1:35:bd:fd:85:4e:f2:5b:27:48:50:53:61:1a:c6:
3c:8b:7e:3f:b8:a0:b1:68:32:fd:1e:03:fa:da:89:
fd:bd:73:e3:50:75:ae:68:d2:a4:2e:f6:56:e0:9b:
1d:46:2a:1b:a9:29:a0:86:6e:cc:a3:f3:58:56:29:
d9:b7:f8:a3:ab:c3:0f:f5:09:04:97:0f:ee:3b:a5:
e2:c5:fc:95:66:8f:44:3f:b5:df:2f:66:f6:2b:ad:
fc:9b:51:3d:fe:b2:32:32:c1:ab:d3:f6:fd:15:b2:
9d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:20:87:64:73:B0:83:F4:C9:D7:87:60:2D:66:E6:FF:85:49:F2:45
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3133362e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.136.0/22
Signature Algorithm: sha256WithRSAEncryption
36:7e:bc:0f:fa:68:9e:f9:66:7a:cd:03:50:32:1d:f3:2d:26:
cd:84:c5:85:9b:ee:b0:82:c8:5c:0c:3e:c5:bc:05:cd:5e:f0:
d7:26:df:68:a2:b8:01:92:5d:ea:8f:98:05:3e:ed:4e:3c:6a:
15:1e:b9:cc:75:77:b3:52:ae:c7:1c:ab:a2:8f:a7:c5:ea:99:
8a:58:00:30:a1:10:1e:02:ae:88:e6:7c:34:51:1b:18:8e:ab:
c7:25:28:f3:de:e3:ea:86:1e:70:fc:f2:40:9e:24:3b:52:eb:
08:45:8e:90:5c:54:f8:6d:dd:33:5e:8d:17:1c:4e:36:d6:60:
ef:9b:8a:3c:9f:cc:51:e9:eb:e6:70:1b:e1:70:12:1e:b8:bf:
78:75:b2:67:6b:d1:58:6b:b1:fb:e9:bf:bd:ef:0a:29:30:b8:
99:f7:5d:d9:e8:48:ff:b8:a4:d8:a9:fa:a6:41:e3:0c:32:08:
55:19:67:e5:c1:cd:7a:c1:d2:17:de:24:80:da:42:9c:15:c9:
d6:19:12:4d:67:d2:9c:d2:46:a2:22:e1:44:80:36:7f:ac:88:
8f:54:aa:ad:98:5a:a9:23:dc:59:28:b4:c1:a2:f3:db:cd:50:
55:b9:6f:53:f6:ce:6e:8e:ca:79:c7:4b:76:24:8c:8d:c1:c7:
ef:cb:0b:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMqNi/LbnkPn29u0ynCkYW/JQs00wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTlaFw0yNjAxMjYwOTQ0NTlaMDMxMTAvBgNV
BAMTKEQyMjA4NzY0NzNCMDgzRjRDOUQ3ODc2MDJENjZFNkZGODU0OUYyNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+fWQb5hIZYHn57Aksr70y1S/a
9ylPIf59X6dx2AJDh2Nu1kTtEB6exJ5ScrlbpI6jFqkKrtUORAEPxc2RMOxt8A85
od5vpMETg2xyAYt9aP/kg4VshS+3NtX5Qp/GTOok5F5MrGeRyeL0HeaPlodKlz4/
woxrvm/akGEKW7YoIeSwixdbF64RaGnrMkSGdtb7u2vMSdE1vf2FTvJbJ0hQU2Ea
xjyLfj+4oLFoMv0eA/raif29c+NQda5o0qQu9lbgmx1GKhupKaCGbsyj81hWKdm3
+KOrww/1CQSXD+47peLF/JVmj0Q/td8vZvYrrfybUT3+sjIywavT9v0Vsp3rAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0iCHZHOwg/TJ14dgLWbm/4VJ8kUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTMz
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
UrSIMA0GCSqGSIb3DQEBCwUAA4IBAQA2frwP+mie+WZ6zQNQMh3zLSbNhMWFm+6w
gshcDD7FvAXNXvDXJt9oorgBkl3qj5gFPu1OPGoVHrnMdXezUq7HHKuij6fF6pmK
WAAwoRAeAq6I5nw0URsYjqvHJSjz3uPqhh5w/PJAniQ7UusIRY6QXFT4bd0zXo0X
HE421mDvm4o8n8xR6evmcBvhcBIeuL94dbJna9FYa7H76b+97wopMLiZ913Z6Ej/
uKTYqfqmQeMMMghVGWflwc16wdIX3iSA2kKcFcnWGRJNZ9Kc0kaiIuFEgDZ/rIiP
VKqtmFqpI9xZKLTBovPbzVBVuW9T9s5ujsp5x0t2JIyNwcfvywtI
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:03:40 2025 by rpki-client