Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135362e302f32322d3234203d3e203437353833.roa
File: 38322e3138302e3135362e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: A7aq94qOz8amPsHa7J7hgZwi9RjTRj/zBYKUb9kIdeQ=
Subject key identifier: 55:28:DF:69:87:BA:6A:CA:09:7A:77:C1:20:CD:C5:EC:BA:47:BE:24
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1A267438181563ECF9CE3A916B7341442861CA3A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135362e302f32322d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:07 +0000
ROA not before: Mon 27 Jan 2025 09:40:07 +0000
ROA not after: Mon 26 Jan 2026 09:45:07 +0000
asID: 47583
IP address blocks: 82.180.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:26:74:38:18:15:63:ec:f9:ce:3a:91:6b:73:41:44:28:61:ca:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:07 2025 GMT
Not After : Jan 26 09:45:07 2026 GMT
Subject: CN=5528DF6987BA6ACA097A77C120CDC5ECBA47BE24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6f:d7:a0:68:8b:22:67:27:f6:17:23:64:2c:
89:d2:7e:47:57:8d:85:04:ac:c4:4c:c6:7e:54:1a:
d2:3f:1a:ef:74:2d:25:5f:9d:ed:fa:16:b6:11:d4:
ef:55:34:cc:6e:bc:f9:fb:65:73:44:2e:8b:9d:2e:
a1:55:c9:cd:c8:ac:38:cd:63:35:c6:4a:7c:37:ea:
5a:63:1a:83:35:ad:25:39:0e:49:f8:a5:02:8f:51:
9c:d0:75:d2:de:61:96:11:df:7e:ae:01:69:84:0f:
47:34:5a:e6:09:08:bc:d8:4e:20:4e:36:09:f5:fb:
f1:6e:91:d3:7a:e4:81:1a:0a:7b:b4:f3:a4:ab:ad:
0c:05:28:9e:d0:62:33:bf:62:f4:d6:64:37:fa:06:
7a:dc:25:73:c5:3d:72:43:45:e1:54:6b:58:6c:58:
0f:e8:45:29:f5:fc:a2:01:4b:1d:42:53:2c:f7:d0:
18:2a:ed:66:57:dc:e7:77:c3:dd:86:cf:d1:da:5b:
c3:91:13:c8:6b:c1:a9:d9:65:35:b1:09:3e:78:a9:
24:7a:32:14:89:bc:f3:6b:55:4f:ea:19:65:d1:cd:
54:1f:c8:be:c6:89:df:33:0a:19:74:ab:5d:73:d7:
a4:77:d3:30:f1:71:3d:28:bf:83:c3:6a:41:e4:71:
1b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:28:DF:69:87:BA:6A:CA:09:7A:77:C1:20:CD:C5:EC:BA:47:BE:24
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3135362e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.156.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:ee:a0:c7:af:61:94:d7:f0:7b:48:65:96:e2:77:7d:05:f2:
3c:c1:8a:ee:f7:d0:44:a1:5e:00:cc:0c:84:d1:52:f8:2c:86:
52:8f:b5:c6:ff:dd:20:77:32:4e:c7:1d:85:0b:a3:02:72:3a:
00:fd:44:5d:d8:6a:c9:91:31:23:61:b5:43:b8:fa:71:f1:c6:
c0:56:29:01:33:a5:cb:fc:e8:79:cd:e8:d3:d7:dd:a3:67:17:
6e:98:93:d0:99:9c:71:92:93:49:ca:aa:de:d7:5a:d5:43:d5:
04:ea:85:e7:bf:4a:0c:32:03:3f:ba:c9:b7:02:29:73:6e:53:
00:2b:6c:9e:0e:3f:09:b1:1e:da:05:30:07:d6:97:3e:45:57:
41:fd:29:5c:80:87:63:05:71:34:97:86:ab:16:af:84:99:e1:
50:9c:35:f8:36:8f:30:82:8a:2b:ca:7a:b8:5e:34:64:58:3c:
c5:04:f4:21:f4:4e:60:fc:81:ac:bb:ab:da:c2:7c:fe:50:59:
83:78:54:dc:69:68:6d:7e:0f:89:11:1d:4a:07:5f:c4:fc:69:
8c:c9:b5:7d:91:ce:80:0e:f6:1a:c4:b7:93:46:1c:6e:de:88:
66:e2:6e:dc:b1:ab:ea:6e:fe:6b:8a:d4:6e:2a:46:b0:37:8e:
78:bc:42:ae
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGiZ0OBgVY+z5zjqRa3NBRChhyjowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDdaFw0yNjAxMjYwOTQ1MDdaMDMxMTAvBgNV
BAMTKDU1MjhERjY5ODdCQTZBQ0EwOTdBNzdDMTIwQ0RDNUVDQkE0N0JFMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRb9egaIsiZyf2FyNkLInSfkdX
jYUErMRMxn5UGtI/Gu90LSVfne36FrYR1O9VNMxuvPn7ZXNELoudLqFVyc3IrDjN
YzXGSnw36lpjGoM1rSU5Dkn4pQKPUZzQddLeYZYR336uAWmED0c0WuYJCLzYTiBO
Ngn1+/FukdN65IEaCnu086SrrQwFKJ7QYjO/YvTWZDf6BnrcJXPFPXJDReFUa1hs
WA/oRSn1/KIBSx1CUyz30Bgq7WZX3Od3w92Gz9HaW8ORE8hrwanZZTWxCT54qSR6
MhSJvPNrVU/qGWXRzVQfyL7Gid8zChl0q11z16R30zDxcT0ov4PDakHkcRtnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVSjfaYe6asoJenfBIM3F7LpHviQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM1
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
UrScMA0GCSqGSIb3DQEBCwUAA4IBAQAK7qDHr2GU1/B7SGWW4nd9BfI8wYru99BE
oV4AzAyE0VL4LIZSj7XG/90gdzJOxx2FC6MCcjoA/URd2GrJkTEjYbVDuPpx8cbA
VikBM6XL/Oh5zejT192jZxdumJPQmZxxkpNJyqre11rVQ9UE6oXnv0oMMgM/usm3
AilzblMAK2yeDj8JsR7aBTAH1pc+RVdB/SlcgIdjBXE0l4arFq+EmeFQnDX4No8w
goorynq4XjRkWDzFBPQh9E5g/IGsu6vawnz+UFmDeFTcaWhtfg+JER1KB1/E/GmM
ybV9kc6ADvYaxLeTRhxu3ohm4m7csavqbv5ritRuKkawN454vEKu
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:07:00 2025 by rpki-client