Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139372e37362e302f32342d3234203d3e20323132323338.roa
File: 38322e3139372e37362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: qw8RbC+QZkz2tF4NizIQbnOCKBZqL/0VBQH52SCzEfE=
Subject key identifier: 76:BD:67:37:47:D8:2B:B2:14:76:84:69:C5:EB:2A:DD:72:55:6C:6E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3F9EC80EDB789B98A59FD2A8928B5AC3559CEB35
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139372e37362e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 28 Aug 2025 20:49:48 +0000
ROA not before: Thu 28 Aug 2025 20:44:48 +0000
ROA not after: Thu 27 Aug 2026 20:49:48 +0000
asID: 212238
IP address blocks: 82.197.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:9e:c8:0e:db:78:9b:98:a5:9f:d2:a8:92:8b:5a:c3:55:9c:eb:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 28 20:44:48 2025 GMT
Not After : Aug 27 20:49:48 2026 GMT
Subject: CN=76BD673747D82BB214768469C5EB2ADD72556C6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:07:f8:d5:1e:e3:a3:bb:93:61:a4:4d:f3:ca:
fa:53:6d:be:e3:33:c8:69:04:e3:74:f6:56:22:dd:
a5:da:ff:6f:c1:28:d7:a6:55:f5:36:d9:c5:db:64:
14:5d:ce:9a:61:26:9b:a5:bc:7b:07:b4:61:37:c2:
0d:24:2f:e3:0c:a5:19:1d:83:c9:84:80:74:31:09:
10:aa:ab:43:0b:bc:6c:21:82:b2:9d:e3:e5:1e:a6:
94:1d:09:eb:d6:8c:9b:81:95:fc:e4:4c:7b:ae:87:
19:d5:4e:5f:1f:78:95:71:92:0d:78:e8:c1:74:7c:
6e:cb:51:7c:22:52:c7:bb:19:b5:c4:6f:22:e3:3f:
c4:43:6c:61:79:f9:0a:f7:12:81:a2:a4:6f:d9:39:
70:04:27:91:b3:94:93:00:0e:b3:28:f2:27:19:fb:
cc:a3:1f:1c:5d:cb:0f:66:3c:c8:ba:11:73:78:2e:
c0:51:c5:c4:42:e7:7f:ef:10:88:5c:5c:5a:a2:a7:
dc:fe:20:d1:0a:cc:ec:8d:93:f3:db:cb:ee:31:e1:
7d:3e:73:37:35:41:a7:f6:45:76:2d:e2:d0:83:8a:
eb:52:4b:3a:9a:7b:f8:07:4a:05:ac:5b:46:ac:e1:
ae:e7:62:72:d2:01:be:f2:49:13:8d:83:bd:a1:f1:
91:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BD:67:37:47:D8:2B:B2:14:76:84:69:C5:EB:2A:DD:72:55:6C:6E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139372e37362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.76.0/24
Signature Algorithm: sha256WithRSAEncryption
46:f9:52:24:4d:92:7c:99:c0:60:a1:1e:ca:ac:f6:b7:a7:85:
b5:24:42:53:53:6c:b9:02:a1:e7:4e:18:e9:30:dc:92:c6:98:
27:da:0d:31:6f:a6:1d:1b:9f:af:3d:c1:cc:75:e2:b5:e7:36:
3f:02:ad:f8:a6:ce:72:2a:d7:a2:fd:e5:4c:ac:96:a0:90:8b:
83:05:e6:1f:9b:3b:96:f2:9c:d7:b9:9d:b8:e1:4b:ca:f7:26:
68:93:1f:1a:3f:a5:4d:e1:41:2f:3b:7d:cc:53:7f:fa:a9:31:
1a:63:5b:0e:de:02:79:ed:aa:72:3f:9e:12:17:0e:8c:01:e6:
76:69:ac:47:93:ad:6f:a7:72:5a:e0:59:28:41:3d:e3:bf:f5:
9a:d7:23:c3:29:df:56:45:0a:da:63:3b:ec:d8:9f:d0:36:40:
fd:dd:75:13:66:71:15:4b:79:7c:1c:c5:47:e6:44:c6:e7:46:
17:85:86:56:6a:ea:bc:9f:b3:53:70:71:3e:c7:5f:fd:3c:64:
a8:88:b8:71:04:53:66:06:b8:1f:fc:f9:78:bb:5e:82:55:f3:
c2:3a:72:93:bd:aa:57:2c:c9:92:36:7b:33:b3:13:f5:b3:84:
56:44:d4:2b:95:bb:b5:20:74:1e:73:c7:8b:2d:ef:6b:39:03:
ae:b6:85:89
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP57IDtt4m5iln9Kokotaw1Wc6zUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjgyMDQ0NDhaFw0yNjA4MjcyMDQ5NDhaMDMxMTAvBgNV
BAMTKDc2QkQ2NzM3NDdEODJCQjIxNDc2ODQ2OUM1RUIyQURENzI1NTZDNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxB/jVHuOju5NhpE3zyvpTbb7j
M8hpBON09lYi3aXa/2/BKNemVfU22cXbZBRdzpphJpulvHsHtGE3wg0kL+MMpRkd
g8mEgHQxCRCqq0MLvGwhgrKd4+UeppQdCevWjJuBlfzkTHuuhxnVTl8feJVxkg14
6MF0fG7LUXwiUse7GbXEbyLjP8RDbGF5+Qr3EoGipG/ZOXAEJ5GzlJMADrMo8icZ
+8yjHxxdyw9mPMi6EXN4LsBRxcRC53/vEIhcXFqip9z+INEKzOyNk/Pby+4x4X0+
czc1Qaf2RXYt4tCDiutSSzqae/gHSgWsW0as4a7nYnLSAb7ySRONg72h8ZE7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUdr1nN0fYK7IUdoRpxesq3XJVbG4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM3MmUzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UsVMMA0GCSqGSIb3DQEBCwUAA4IBAQBG+VIkTZJ8mcBgoR7KrPa3p4W1JEJTU2y5
AqHnThjpMNySxpgn2g0xb6YdG5+vPcHMdeK15zY/Aq34ps5yKtei/eVMrJagkIuD
BeYfmzuW8pzXuZ244UvK9yZokx8aP6VN4UEvO33MU3/6qTEaY1sO3gJ57apyP54S
Fw6MAeZ2aaxHk61vp3Ja4FkoQT3jv/Wa1yPDKd9WRQraYzvs2J/QNkD93XUTZnEV
S3l8HMVH5kTG50YXhYZWauq8n7NTcHE+x1/9PGSoiLhxBFNmBrgf/Pl4u16CVfPC
OnKTvapXLMmSNnszsxP1s4RWRNQrlbu1IHQec8eLLe9rOQOutoWJ
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:52:55 2025 by rpki-client