Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3138312e302f32342d3234203d3e20323038343238.roa
File: 38322e3138302e3138312e302f32342d3234203d3e20323038343238.roa (raw, json)
Hash identifier: v5lK5reCxn+83JPPtklbIktZy1aCELs2cbgE8mARNTM=
Subject key identifier: 47:DE:2A:84:18:13:77:B5:D7:F4:7F:9A:D3:2D:C2:62:31:69:85:AE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 63604B1E094884B2A76B564D56E62B8F853EF0B1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3138312e302f32342d3234203d3e20323038343238.roa
Signing time: Thu 29 May 2025 12:46:32 +0000
ROA not before: Thu 29 May 2025 12:41:32 +0000
ROA not after: Thu 28 May 2026 12:46:32 +0000
asID: 208428
IP address blocks: 82.180.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 17:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:60:4b:1e:09:48:84:b2:a7:6b:56:4d:56:e6:2b:8f:85:3e:f0:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 29 12:41:32 2025 GMT
Not After : May 28 12:46:32 2026 GMT
Subject: CN=47DE2A84181377B5D7F47F9AD32DC262316985AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:92:0e:aa:37:6b:ff:56:17:72:67:c5:ad:f3:
8c:99:45:e6:d7:53:b8:c2:b6:c5:77:db:7e:96:d6:
d3:22:02:76:64:08:8d:a3:25:41:64:a9:9c:b0:fb:
3a:ae:02:50:8c:bf:ec:ed:6d:2a:e0:72:df:d6:6f:
9c:5e:c1:8b:70:7b:c3:95:dc:e2:1c:b0:f8:0d:98:
de:f0:1c:78:29:a8:2a:a4:7b:1b:a1:bf:8c:ed:b8:
24:1e:2d:35:ff:78:f0:43:28:b9:dd:12:e0:c1:1e:
44:ed:1c:11:8a:3d:4d:4b:a1:28:6c:83:5f:b6:62:
eb:43:2c:d0:cf:f9:cc:b9:a0:35:da:d1:15:d0:d5:
1e:f6:7d:d8:12:44:88:eb:32:f4:f7:9f:ee:ed:32:
33:2f:8f:71:70:a5:ec:41:fd:1a:d2:dd:a2:17:b9:
00:0f:af:d9:a8:1b:eb:15:88:7c:61:e9:04:f1:58:
e8:22:9e:8b:07:4b:ab:cf:ac:c1:c2:8f:13:99:4c:
b5:c3:68:31:5a:a6:b2:91:b1:c5:d9:ef:2f:06:53:
68:f9:c6:66:c3:d0:05:46:07:a1:60:13:6e:22:5d:
5d:a7:1f:ba:98:20:15:83:2b:d8:48:7a:f7:ba:f4:
4e:3e:d1:d6:ef:fa:37:6a:96:7a:53:29:ed:38:9e:
11:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:DE:2A:84:18:13:77:B5:D7:F4:7F:9A:D3:2D:C2:62:31:69:85:AE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3138312e302f32342d3234203d3e20323038343238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.181.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:76:ed:dc:d9:dc:44:b7:b2:7d:5a:d1:5f:98:ef:87:90:0f:
eb:a6:41:58:53:d0:72:95:7f:d3:ad:16:da:9f:99:b4:d4:82:
ce:ee:01:19:0c:9f:68:e6:d9:39:f4:81:7a:dc:c8:42:41:fe:
64:24:52:ea:84:8a:c4:ea:9a:ad:fa:55:46:2b:01:73:14:41:
3b:da:cf:35:a3:fd:ab:90:d7:ca:d2:12:1e:49:8a:97:2f:7d:
95:6e:9b:97:81:1a:83:59:ba:cb:3d:6d:47:c2:f5:7c:ad:a4:
92:24:c0:d2:3f:3f:dd:2a:17:b7:fc:2c:2a:f1:47:a3:a9:cb:
09:47:74:c0:9b:c7:ec:28:3a:44:fb:0d:e6:02:68:f3:c6:8d:
63:fc:19:e5:55:98:c6:9d:ef:0f:54:72:3c:11:76:b3:20:b4:
fd:2e:47:66:07:b8:3d:f9:4e:2e:bc:03:79:e5:52:6e:43:da:
55:d6:de:e3:b3:5c:a8:12:10:7a:31:51:23:f0:e4:73:25:3e:
07:17:6a:c5:35:3d:a0:82:49:34:b7:65:3f:ee:74:9c:74:6e:
8e:0e:02:f7:41:31:a6:79:ce:a5:cc:b2:53:36:31:1d:8d:26:
8f:49:f1:92:eb:a7:99:d9:83:81:d2:82:f3:da:06:2e:a0:fa:
75:33:5a:91
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUY2BLHglIhLKna1ZNVuYrj4U+8LEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjkxMjQxMzJaFw0yNjA1MjgxMjQ2MzJaMDMxMTAvBgNV
BAMTKDQ3REUyQTg0MTgxMzc3QjVEN0Y0N0Y5QUQzMkRDMjYyMzE2OTg1QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9kg6qN2v/VhdyZ8Wt84yZRebX
U7jCtsV3236W1tMiAnZkCI2jJUFkqZyw+zquAlCMv+ztbSrgct/Wb5xewYtwe8OV
3OIcsPgNmN7wHHgpqCqkexuhv4ztuCQeLTX/ePBDKLndEuDBHkTtHBGKPU1LoShs
g1+2YutDLNDP+cy5oDXa0RXQ1R72fdgSRIjrMvT3n+7tMjMvj3FwpexB/RrS3aIX
uQAPr9moG+sViHxh6QTxWOginosHS6vPrMHCjxOZTLXDaDFaprKRscXZ7y8GU2j5
xmbD0AVGB6FgE24iXV2nH7qYIBWDK9hIeve69E4+0dbv+jdqlnpTKe04nhG5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUR94qhBgTd7XX9H+a0y3CYjFpha4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzNDMyMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABStLUwDQYJKoZIhvcNAQELBQADggEBAFx27dzZ3ES3sn1a0V+Y74eQD+umQVhT
0HKVf9OtFtqfmbTUgs7uARkMn2jm2Tn0gXrcyEJB/mQkUuqEisTqmq36VUYrAXMU
QTvazzWj/auQ18rSEh5JipcvfZVum5eBGoNZuss9bUfC9XytpJIkwNI/P90qF7f8
LCrxR6OpywlHdMCbx+woOkT7DeYCaPPGjWP8GeVVmMad7w9UcjwRdrMgtP0uR2YH
uD35Ti68A3nlUm5D2lXW3uOzXKgSEHoxUSPw5HMlPgcXasU1PaCCSTS3ZT/udJx0
bo4OAvdBMaZ5zqXMslM2MR2NJo9J8ZLrp5nZg4HSgvPaBi6g+nUzWpE=
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:30:37 2025 by rpki-client