Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135332e302f32342d3234203d3e203437353833.roa
File: 38322e3138302e3135332e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: TD9eQM/c+j3r3sHNk5buIXxVRxkJB2gVJyAMtdMAOOc=
Subject key identifier: C2:62:92:C3:87:2A:16:4A:C8:B0:F8:F1:F0:ED:77:94:01:33:E7:74
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2C165CA2B2BB24C718E23BC8A136F51D80CD4E50
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135332e302f32342d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:23 +0000
ROA not before: Mon 27 Jan 2025 09:40:23 +0000
ROA not after: Mon 26 Jan 2026 09:45:23 +0000
asID: 47583
IP address blocks: 82.180.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:16:5c:a2:b2:bb:24:c7:18:e2:3b:c8:a1:36:f5:1d:80:cd:4e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:23 2025 GMT
Not After : Jan 26 09:45:23 2026 GMT
Subject: CN=C26292C3872A164AC8B0F8F1F0ED77940133E774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e7:11:9a:d7:bd:ef:e2:fc:40:0e:ff:1d:6d:
89:11:8c:ba:ae:de:0b:85:be:6d:76:18:f5:b4:df:
35:52:79:78:31:93:b1:e6:04:db:56:27:00:93:36:
ee:8d:ac:8e:bc:9e:fc:a9:82:fe:95:a6:77:b9:9a:
76:b2:12:9a:8f:94:36:04:65:7b:51:4c:25:c3:76:
ee:42:e3:7b:e2:7a:c5:ac:a1:87:bc:72:37:fe:ec:
7c:12:6d:4e:2b:68:fe:b4:cb:ea:65:3f:47:61:f3:
ce:97:cf:22:ab:65:41:05:55:3c:00:59:c0:23:6a:
28:72:25:8c:b6:f4:93:30:66:22:dd:c0:03:97:18:
90:48:95:b5:32:26:74:9c:4a:d5:86:7a:d4:8b:d5:
5a:18:9f:fe:50:de:fb:bb:bf:71:78:35:1d:d0:b2:
8d:5c:55:65:d8:22:7d:db:4f:b9:89:1a:a0:87:ad:
53:b8:fe:8a:80:40:e4:01:62:50:48:e7:13:b1:49:
8a:d8:08:1a:84:10:d3:27:9a:d0:c9:89:d4:21:cb:
30:7b:8f:5c:0e:82:b4:9a:a1:01:72:71:4c:20:a3:
93:90:af:eb:08:a9:fe:3e:ed:a3:cf:4b:bc:23:71:
a6:ef:58:ce:df:84:83:66:5c:5c:09:a3:c6:af:93:
69:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:62:92:C3:87:2A:16:4A:C8:B0:F8:F1:F0:ED:77:94:01:33:E7:74
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135332e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.153.0/24
Signature Algorithm: sha256WithRSAEncryption
82:16:ef:1f:92:7b:23:36:5e:54:c7:d4:9a:cd:96:fc:ae:eb:
34:d4:67:d8:61:61:5a:29:a3:6a:f9:e4:ae:a5:c8:eb:19:bc:
8f:6e:45:81:db:db:b0:87:2e:8e:9a:86:0a:0f:75:4d:3f:68:
b1:05:8c:06:93:a6:81:1d:16:91:6f:47:0d:00:43:66:a1:61:
91:a0:03:34:4b:9e:97:b5:3c:a8:7e:98:db:9b:0b:22:bf:10:
56:ac:cc:5a:3e:c3:eb:9b:d2:7e:5c:b1:ed:51:34:fb:fc:25:
80:49:2b:ab:27:1f:0e:84:35:44:07:39:1b:69:0c:97:9b:58:
4f:3a:58:88:13:69:90:44:73:4f:96:87:af:fd:dd:c4:10:6e:
01:df:bb:a5:9c:b9:3a:69:9a:3b:dc:94:8f:bb:b1:86:54:9d:
8d:13:7c:be:26:ce:e4:3b:f7:e9:b9:1f:a7:14:a3:dd:0b:6d:
80:c6:18:bb:cd:f0:87:e3:c9:32:6a:29:33:8c:a1:1b:16:f4:
f8:bf:0e:83:f1:70:22:5e:97:f7:10:40:a4:d6:2e:a4:72:ff:
1f:17:3c:4c:b9:77:a1:99:c6:ad:1d:11:a0:ce:af:63:ec:40:
34:91:01:f0:96:6b:ba:2c:37:c2:46:9b:f3:13:ed:11:84:59:
e6:66:8d:42
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULBZcorK7JMcY4jvIoTb1HYDNTlAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjNaFw0yNjAxMjYwOTQ1MjNaMDMxMTAvBgNV
BAMTKEMyNjI5MkMzODcyQTE2NEFDOEIwRjhGMUYwRUQ3Nzk0MDEzM0U3NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy5xGa173v4vxADv8dbYkRjLqu
3guFvm12GPW03zVSeXgxk7HmBNtWJwCTNu6NrI68nvypgv6Vpne5mnayEpqPlDYE
ZXtRTCXDdu5C43viesWsoYe8cjf+7HwSbU4raP60y+plP0dh886XzyKrZUEFVTwA
WcAjaihyJYy29JMwZiLdwAOXGJBIlbUyJnScStWGetSL1VoYn/5Q3vu7v3F4NR3Q
so1cVWXYIn3bT7mJGqCHrVO4/oqAQOQBYlBI5xOxSYrYCBqEENMnmtDJidQhyzB7
j1wOgrSaoQFycUwgo5OQr+sIqf4+7aPPS7wjcabvWM7fhINmXFwJo8avk2kPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwmKSw4cqFkrIsPjx8O13lAEz53QwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM1
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UrSZMA0GCSqGSIb3DQEBCwUAA4IBAQCCFu8fknsjNl5Ux9SazZb8rus01GfYYWFa
KaNq+eSupcjrGbyPbkWB29uwhy6OmoYKD3VNP2ixBYwGk6aBHRaRb0cNAENmoWGR
oAM0S56XtTyofpjbmwsivxBWrMxaPsPrm9J+XLHtUTT7/CWASSurJx8OhDVEBzkb
aQyXm1hPOliIE2mQRHNPloev/d3EEG4B37ulnLk6aZo73JSPu7GGVJ2NE3y+Js7k
O/fpuR+nFKPdC22Axhi7zfCH48kyaikzjKEbFvT4vw6D8XAiXpf3EECk1i6kcv8f
FzxMuXehmcatHRGgzq9j7EA0kQHwlmu6LDfCRpvzE+0RhFnmZo1C
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:04:37 2025 by rpki-client