Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137362e302f32342d3234203d3e20313938323437.roa
File: 38322e3138302e3137362e302f32342d3234203d3e20313938323437.roa (raw, json)
Hash identifier: L0MbtXDL+28swetHWmZJiMH6tCiZeXZltaN4YxGOsnY=
Subject key identifier: FF:31:D9:F4:C4:C5:AB:42:3E:13:BF:35:C2:A2:27:A3:4A:41:34:0B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6C5930BD3569E569C4EC91F3D870D37981019EB7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137362e302f32342d3234203d3e20313938323437.roa
Signing time: Tue 04 Mar 2025 09:45:48 +0000
ROA not before: Tue 04 Mar 2025 09:40:48 +0000
ROA not after: Tue 03 Mar 2026 09:45:48 +0000
asID: 198247
IP address blocks: 82.180.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:59:30:bd:35:69:e5:69:c4:ec:91:f3:d8:70:d3:79:81:01:9e:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 4 09:40:48 2025 GMT
Not After : Mar 3 09:45:48 2026 GMT
Subject: CN=FF31D9F4C4C5AB423E13BF35C2A227A34A41340B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a4:23:08:1a:70:53:1f:89:f3:a3:bd:01:a5:
41:9c:65:d3:66:06:a4:0b:e5:3a:fb:f0:18:55:46:
22:31:77:ec:31:ff:57:58:e0:b9:c8:0d:5d:ea:16:
fa:09:d8:7f:36:57:ba:08:86:96:27:d5:bd:64:b3:
fa:fb:a4:a2:f7:c3:52:70:8f:36:b7:4c:84:77:65:
d2:df:f4:b5:a5:b1:e4:86:9a:9d:20:54:73:a7:10:
d0:bb:d6:27:ba:d8:db:b9:0b:91:df:67:9e:32:c4:
7d:e2:c5:05:10:f8:e2:45:bb:22:cb:c9:67:67:ea:
50:6c:91:25:e3:d8:85:ca:28:be:b9:82:c4:24:b4:
fa:cc:9d:ee:04:06:19:0c:23:c6:bf:6e:af:71:2c:
3a:13:ec:ce:7f:b1:5f:ad:fe:f6:d0:d6:63:a6:80:
88:26:0b:5b:8f:64:01:53:4d:1d:7b:5b:b4:40:16:
b0:11:d4:98:ca:d3:37:c4:26:44:63:87:74:51:be:
82:27:e6:8d:9e:3f:a7:72:79:b4:fc:33:15:4c:25:
08:a0:b6:98:28:f3:34:94:89:93:e5:0e:24:66:bc:
cb:c1:cd:b0:fc:f6:8e:97:fd:43:ee:2d:44:98:87:
0b:b3:dc:a2:a3:24:ab:65:7b:bd:75:95:e9:e2:17:
fe:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:31:D9:F4:C4:C5:AB:42:3E:13:BF:35:C2:A2:27:A3:4A:41:34:0B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137362e302f32342d3234203d3e20313938323437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.176.0/24
Signature Algorithm: sha256WithRSAEncryption
09:2e:9d:99:b2:86:85:57:cd:4e:9e:79:3c:17:a5:ee:fe:03:
34:0e:2b:2d:44:66:be:f3:32:f5:e4:15:ee:af:95:62:23:fa:
3f:a4:79:10:d1:27:bd:41:02:77:73:65:57:52:c9:f7:dd:11:
8b:82:0d:fd:cd:fe:9c:85:7e:81:69:8f:3f:5c:79:b1:2d:34:
7a:d9:45:2e:93:44:93:7b:64:ac:a2:32:4d:9b:c5:1b:bd:e9:
fb:3e:9d:c0:00:58:f4:44:50:76:62:ff:bb:25:42:ae:a1:3a:
ac:e9:7b:03:59:ac:4d:75:c2:f8:c2:1d:17:af:26:99:26:b1:
da:6a:ea:c7:5a:52:3d:21:b9:ed:7a:27:b4:51:b6:03:a7:59:
ec:c0:c2:27:f5:b8:0c:57:05:03:47:07:d9:c1:60:16:9a:14:
e4:86:79:6c:f1:5d:6a:27:44:7a:e4:21:88:04:1b:db:60:66:
b5:69:89:66:a0:0b:da:aa:52:59:aa:eb:e1:7b:f9:ec:99:db:
8e:59:c0:2d:2e:ee:74:16:ac:6b:8c:db:b4:c3:5b:fc:d9:97:
5f:be:7a:1b:35:78:bc:77:94:d2:b3:e9:3f:b5:2c:d1:bd:cf:
76:dd:4b:bd:70:8f:1f:dc:61:3b:49:e9:5e:c3:c2:14:18:33:
e4:23:fc:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbFkwvTVp5WnE7JHz2HDTeYEBnrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMDQwOTQwNDhaFw0yNjAzMDMwOTQ1NDhaMDMxMTAvBgNV
BAMTKEZGMzFEOUY0QzRDNUFCNDIzRTEzQkYzNUMyQTIyN0EzNEE0MTM0MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3pCMIGnBTH4nzo70BpUGcZdNm
BqQL5Tr78BhVRiIxd+wx/1dY4LnIDV3qFvoJ2H82V7oIhpYn1b1ks/r7pKL3w1Jw
jza3TIR3ZdLf9LWlseSGmp0gVHOnENC71ie62Nu5C5HfZ54yxH3ixQUQ+OJFuyLL
yWdn6lBskSXj2IXKKL65gsQktPrMne4EBhkMI8a/bq9xLDoT7M5/sV+t/vbQ1mOm
gIgmC1uPZAFTTR17W7RAFrAR1JjK0zfEJkRjh3RRvoIn5o2eP6dyebT8MxVMJQig
tpgo8zSUiZPlDiRmvMvBzbD89o6X/UPuLUSYhwuz3KKjJKtle711leniF/79AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/zHZ9MTFq0I+E781wqIno0pBNAswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMjM0Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABStLAwDQYJKoZIhvcNAQELBQADggEBAAkunZmyhoVXzU6eeTwXpe7+AzQOKy1E
Zr7zMvXkFe6vlWIj+j+keRDRJ71BAndzZVdSyffdEYuCDf3N/pyFfoFpjz9cebEt
NHrZRS6TRJN7ZKyiMk2bxRu96fs+ncAAWPREUHZi/7slQq6hOqzpewNZrE11wvjC
HRevJpkmsdpq6sdaUj0hue16J7RRtgOnWezAwif1uAxXBQNHB9nBYBaaFOSGeWzx
XWonRHrkIYgEG9tgZrVpiWagC9qqUlmq6+F7+eyZ245ZwC0u7nQWrGuM27TDW/zZ
l1++ehs1eLx3lNKz6T+1LNG9z3bdS71wjx/cYTtJ6V7DwhQYM+Qj/HY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:16:33 2025 by rpki-client