Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3134342e302f32322d3332203d3e20313431393935.roa
File: 38322e3138302e3134342e302f32322d3332203d3e20313431393935.roa (raw, json)
Hash identifier: IgNg8PlT7uCqcQlBZYTUMGGtLS17UiSk0ftcxbJctKU=
Subject key identifier: 48:3A:6E:CC:C7:F3:A5:C5:94:1C:B2:FB:5C:C9:B7:1B:6C:30:C2:DB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 248996B3F7F4ED884F144CFB5DD086381AFD6CA2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3134342e302f32322d3332203d3e20313431393935.roa
Signing time: Thu 06 Mar 2025 20:45:51 +0000
ROA not before: Thu 06 Mar 2025 20:40:51 +0000
ROA not after: Thu 05 Mar 2026 20:45:51 +0000
asID: 141995
IP address blocks: 82.180.144.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:89:96:b3:f7:f4:ed:88:4f:14:4c:fb:5d:d0:86:38:1a:fd:6c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 6 20:40:51 2025 GMT
Not After : Mar 5 20:45:51 2026 GMT
Subject: CN=483A6ECCC7F3A5C5941CB2FB5CC9B71B6C30C2DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5e:06:57:4b:8b:44:27:2f:5e:da:47:44:42:
07:4f:7d:be:4e:9a:07:2b:de:04:46:4e:4e:e5:fd:
0c:1c:d8:a4:7c:05:4d:38:b9:e6:48:fe:eb:06:6b:
6a:c7:ef:d6:a8:8b:06:86:c3:16:25:34:69:0a:3f:
1d:53:3f:c5:8c:93:eb:13:75:9a:f3:f5:62:ea:f1:
3f:da:91:8f:f9:13:82:50:a8:bf:54:0e:36:64:52:
73:c0:3c:cc:f9:6d:4c:82:36:17:26:c7:1c:a2:94:
a6:c2:f8:fd:54:c4:e7:35:b7:bf:b9:ef:b6:8a:89:
06:f0:80:b8:e6:12:cd:70:9a:b9:fd:32:98:e9:b9:
0a:c0:69:61:70:31:43:89:36:76:8c:d5:37:5f:ee:
1b:f1:b1:43:cf:93:12:7c:1a:67:98:9c:7c:5c:bc:
47:29:6a:08:43:25:56:91:de:41:73:2f:09:7c:fe:
af:dd:0e:f3:db:9a:2d:50:a0:b4:41:df:48:6f:7f:
8c:03:65:32:5d:3f:88:27:43:5b:00:29:0e:0c:0b:
0b:37:11:7a:ce:c3:90:5e:f7:08:a7:c1:27:bf:f3:
a8:5e:90:a1:8e:d3:79:6d:1d:ec:51:b9:e4:f0:0b:
b2:71:ad:df:b3:72:35:94:88:04:51:8c:1b:6a:be:
96:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3A:6E:CC:C7:F3:A5:C5:94:1C:B2:FB:5C:C9:B7:1B:6C:30:C2:DB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3134342e302f32322d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.144.0/22
Signature Algorithm: sha256WithRSAEncryption
35:d6:5c:e6:48:7f:bf:ac:fb:42:21:38:33:d4:ad:6a:29:39:
90:ea:a5:36:8d:36:80:9b:ca:f2:b3:7b:7d:22:b7:e7:60:72:
51:3b:93:8f:d7:70:35:e9:37:11:03:51:23:4b:d3:45:c7:c3:
71:8a:08:1a:68:32:a0:11:ae:1b:23:07:f6:7d:d2:5e:ee:48:
59:b7:fe:e8:27:64:5d:8d:92:4d:ba:3d:a7:71:dc:d5:ab:1f:
a3:87:86:cb:2a:5f:be:b0:45:7b:8c:28:e1:f9:3d:1c:2b:2d:
09:17:51:1c:58:bf:22:f9:3b:cc:dc:c9:d4:31:a8:5b:88:de:
18:01:ad:16:4c:ed:ec:4a:01:28:6d:ba:3a:fe:9f:35:a8:ed:
14:26:c8:f5:14:e4:e8:2c:af:69:9f:f6:d5:47:33:f2:1f:13:
9f:de:c5:2f:cb:43:06:f3:a4:b8:99:84:3b:fd:57:3f:b9:3f:
6a:0d:d4:28:2c:f5:54:33:ab:65:5e:d0:42:6c:8c:c3:99:66:
71:99:44:63:62:ab:b7:38:c6:2c:49:15:75:76:ba:b4:af:01:
42:7c:eb:e3:8f:66:78:45:91:d0:e4:90:c1:d4:83:e9:41:c8:
cf:5f:00:9f:e2:5e:69:c4:f6:27:3a:b6:bf:77:45:d3:43:cf:
28:77:8c:5f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJImWs/f07YhPFEz7XdCGOBr9bKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMDYyMDQwNTFaFw0yNjAzMDUyMDQ1NTFaMDMxMTAvBgNV
BAMTKDQ4M0E2RUNDQzdGM0E1QzU5NDFDQjJGQjVDQzlCNzFCNkMzMEMyREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDXgZXS4tEJy9e2kdEQgdPfb5O
mgcr3gRGTk7l/Qwc2KR8BU04ueZI/usGa2rH79aoiwaGwxYlNGkKPx1TP8WMk+sT
dZrz9WLq8T/akY/5E4JQqL9UDjZkUnPAPMz5bUyCNhcmxxyilKbC+P1UxOc1t7+5
77aKiQbwgLjmEs1wmrn9MpjpuQrAaWFwMUOJNnaM1Tdf7hvxsUPPkxJ8GmeYnHxc
vEcpaghDJVaR3kFzLwl8/q/dDvPbmi1QoLRB30hvf4wDZTJdP4gnQ1sAKQ4MCws3
EXrOw5Be9winwSe/86hekKGO03ltHexRueTwC7Jxrd+zcjWUiARRjBtqvpbdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUSDpuzMfzpcWUHLL7XMm3G2wwwtswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM0
MzQyZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJStJAwDQYJKoZIhvcNAQELBQADggEBADXWXOZIf7+s+0IhODPUrWopOZDqpTaN
NoCbyvKze30it+dgclE7k4/XcDXpNxEDUSNL00XHw3GKCBpoMqARrhsjB/Z90l7u
SFm3/ugnZF2Nkk26Padx3NWrH6OHhssqX76wRXuMKOH5PRwrLQkXURxYvyL5O8zc
ydQxqFuI3hgBrRZM7exKAShtujr+nzWo7RQmyPUU5Ogsr2mf9tVHM/IfE5/exS/L
QwbzpLiZhDv9Vz+5P2oN1Cgs9VQzq2Ve0EJsjMOZZnGZRGNiq7c4xixJFXV2urSv
AUJ86+OPZnhFkdDkkMHUg+lByM9fAJ/iXmnE9ic6tr93RdNDzyh3jF8=
-----END CERTIFICATE-----
Generated at Thu Apr 3 03:46:37 2025 by rpki-client