Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3234312e302f32342d3234203d3e20333935373933.roa
File: 38322e3139382e3234312e302f32342d3234203d3e20333935373933.roa (raw, json)
Hash identifier: M7IiiMcwxnrEIsTeO+qfQ3iFZHhur7si/Njh8boYpw4=
Subject key identifier: 7B:F3:8B:7B:B2:EA:4E:E7:C1:00:29:1D:2E:19:A2:C1:C3:52:24:F7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6B5BCA7A4D17D13FD42C5BC58558B58C622C03D2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3234312e302f32342d3234203d3e20333935373933.roa
Signing time: Wed 21 May 2025 20:27:10 +0000
ROA not before: Wed 21 May 2025 20:22:10 +0000
ROA not after: Wed 20 May 2026 20:27:10 +0000
asID: 395793
IP address blocks: 82.198.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:5b:ca:7a:4d:17:d1:3f:d4:2c:5b:c5:85:58:b5:8c:62:2c:03:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 21 20:22:10 2025 GMT
Not After : May 20 20:27:10 2026 GMT
Subject: CN=7BF38B7BB2EA4EE7C100291D2E19A2C1C35224F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:9c:f0:53:7d:e9:2e:d6:dd:ea:56:71:32:ae:
95:04:26:43:43:70:85:bd:17:2c:97:03:3f:79:06:
32:fc:97:44:a3:d5:b0:9f:00:4a:cd:d8:97:b8:af:
b4:6a:5d:9b:81:df:ca:e1:08:ef:29:c0:c2:c9:ab:
aa:40:aa:ea:a6:3c:55:20:73:6d:5d:94:e5:16:f8:
2f:7d:97:76:99:b3:2e:af:12:73:1c:9a:3e:f6:d6:
7a:66:f1:e5:97:26:22:83:8c:aa:0c:a5:12:d0:79:
81:4a:9f:d4:68:cd:b3:ca:e0:f5:a2:c9:11:6f:9c:
d2:10:2a:b3:b8:f9:f0:d7:7a:cf:1e:34:56:56:db:
61:af:d0:59:b0:71:2d:b8:53:56:6a:f2:39:2e:03:
7b:09:4c:92:ee:a1:45:2a:47:1b:f4:37:5c:16:b6:
d9:53:d2:a2:e5:21:5f:c1:b1:46:f7:4f:ae:ee:01:
99:9a:b6:66:64:22:16:1a:ac:48:b1:75:ac:90:75:
84:1a:09:06:53:4e:8c:9a:84:60:c7:13:ee:c7:c8:
2a:79:6b:fb:63:bc:b6:65:e3:75:f3:a4:81:ec:1e:
e8:3a:be:10:79:79:89:27:1e:3a:48:0c:09:42:24:
39:af:5b:24:f8:7d:d7:ff:10:4c:27:62:7b:48:6f:
67:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F3:8B:7B:B2:EA:4E:E7:C1:00:29:1D:2E:19:A2:C1:C3:52:24:F7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3234312e302f32342d3234203d3e20333935373933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.198.241.0/24
Signature Algorithm: sha256WithRSAEncryption
94:8e:7d:32:b2:34:8b:d3:3f:c7:af:58:cd:81:77:7c:f2:31:
88:6d:30:19:9f:16:23:9e:3d:fb:a7:e6:b3:24:bc:07:93:79:
5d:d8:30:93:42:cc:8f:ca:12:5a:94:75:5d:05:53:be:6f:8c:
f1:db:34:48:44:3d:5e:57:0f:1d:96:3f:94:51:25:18:72:5b:
bc:8f:33:45:69:fa:ab:b8:71:32:43:52:fb:34:ed:8c:01:09:
92:56:0d:09:25:70:0b:04:c8:01:6c:ab:93:28:8d:a7:d7:14:
eb:ec:55:b8:a0:17:15:8f:9c:d7:bd:f5:31:62:c2:c2:d2:de:
e6:b9:c1:b4:b0:a8:1b:b6:9c:79:1b:34:91:1a:ef:44:05:bb:
05:f1:ef:c9:fc:7f:28:ca:b6:2d:ab:7d:18:96:a0:4e:7d:b6:
55:3d:3d:a5:dc:25:b8:69:b5:72:c7:7c:11:9f:7f:5c:79:d4:
2a:cf:3c:26:68:5e:a8:16:a5:01:37:24:6a:f1:9f:91:e8:ef:
87:cb:25:ae:86:e8:2b:68:28:55:31:7d:9b:00:99:9d:96:79:
9d:66:b5:2c:16:2b:88:3b:db:2f:2e:22:f0:57:f4:13:8c:80:
76:e8:e0:af:03:67:fe:04:4a:dd:24:0e:c0:1e:91:15:22:6e:
33:48:5f:2c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUa1vKek0X0T/ULFvFhVi1jGIsA9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjEyMDIyMTBaFw0yNjA1MjAyMDI3MTBaMDMxMTAvBgNV
BAMTKDdCRjM4QjdCQjJFQTRFRTdDMTAwMjkxRDJFMTlBMkMxQzM1MjI0RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvnPBTfeku1t3qVnEyrpUEJkND
cIW9FyyXAz95BjL8l0Sj1bCfAErN2Je4r7RqXZuB38rhCO8pwMLJq6pAquqmPFUg
c21dlOUW+C99l3aZsy6vEnMcmj721npm8eWXJiKDjKoMpRLQeYFKn9RozbPK4PWi
yRFvnNIQKrO4+fDXes8eNFZW22Gv0FmwcS24U1Zq8jkuA3sJTJLuoUUqRxv0N1wW
ttlT0qLlIV/BsUb3T67uAZmatmZkIhYarEixdayQdYQaCQZTToyahGDHE+7HyCp5
a/tjvLZl43XzpIHsHug6vhB5eYknHjpIDAlCJDmvWyT4fdf/EEwnYntIb2f5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUe/OLe7LqTufBACkdLhmiwcNSJPcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM4MmUzMjM0
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzNzM5MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSxvEwDQYJKoZIhvcNAQELBQADggEBAJSOfTKyNIvTP8evWM2Bd3zyMYhtMBmf
FiOePfun5rMkvAeTeV3YMJNCzI/KElqUdV0FU75vjPHbNEhEPV5XDx2WP5RRJRhy
W7yPM0Vp+qu4cTJDUvs07YwBCZJWDQklcAsEyAFsq5MojafXFOvsVbigFxWPnNe9
9TFiwsLS3ua5wbSwqBu2nHkbNJEa70QFuwXx78n8fyjKti2rfRiWoE59tlU9PaXc
JbhptXLHfBGff1x51CrPPCZoXqgWpQE3JGrxn5Ho74fLJa6G6CtoKFUxfZsAmZ2W
eZ1mtSwWK4g72y8uIvBX9BOMgHbo4K8DZ/4ESt0kDsAekRUibjNIXyw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:24:29 2025 by rpki-client