Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235312e302f32342d3234203d3e20323133373234.roa
File: 38322e3139382e3235312e302f32342d3234203d3e20323133373234.roa (raw, json)
Hash identifier: XrM+92lU5VcYJgfQoyUvsknPz9P8oomByGI0ka+nczU=
Subject key identifier: AA:4F:45:47:EF:B1:92:F8:6B:F7:C5:B3:71:E7:D8:43:5C:B8:EE:C3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3B31BA33FA1009AF27E5387C2C0B6E1A15CE5F9A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235312e302f32342d3234203d3e20323133373234.roa
Signing time: Wed 21 May 2025 20:44:32 +0000
ROA not before: Wed 21 May 2025 20:39:32 +0000
ROA not after: Wed 20 May 2026 20:44:32 +0000
asID: 213724
IP address blocks: 82.198.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 17:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:31:ba:33:fa:10:09:af:27:e5:38:7c:2c:0b:6e:1a:15:ce:5f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 21 20:39:32 2025 GMT
Not After : May 20 20:44:32 2026 GMT
Subject: CN=AA4F4547EFB192F86BF7C5B371E7D8435CB8EEC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6b:59:1e:d1:1f:71:73:42:8c:41:9a:93:83:
1c:7b:27:97:b4:b6:2a:74:7d:ad:24:41:c3:f0:36:
a0:09:28:fc:17:ab:7b:02:3c:ec:80:ea:fc:cc:84:
28:42:90:6a:b5:26:33:00:d5:50:dc:ae:41:b3:95:
d2:0a:51:12:f4:a8:de:bd:e8:a1:72:55:2b:c9:81:
49:3b:49:1c:50:b7:34:84:c8:fe:09:aa:30:73:cc:
d3:08:82:15:f9:b0:f5:dc:85:65:cd:02:ba:ee:f8:
47:fc:84:5d:4e:84:b0:6a:7a:13:cf:c8:8a:db:5a:
b1:11:03:76:66:d7:db:b8:2a:98:93:87:28:1d:d0:
bc:df:9f:5a:1e:df:5f:eb:40:3b:f6:82:22:ed:46:
4e:28:86:17:48:e8:fe:b2:f8:c5:d7:73:0c:1f:b2:
7c:b2:68:81:d7:1d:40:11:de:91:e0:ff:a8:80:45:
10:9f:52:62:d8:0c:52:c6:2d:a1:93:fa:86:25:6d:
75:ba:f0:b3:15:39:1e:78:fb:49:0c:46:c3:ef:dd:
ba:8c:8c:f5:65:91:07:75:05:2f:0f:8b:a1:ce:f8:
19:88:c0:00:e4:87:b5:43:27:39:78:90:b7:1e:34:
71:7a:7d:b5:f9:37:0f:34:31:12:01:44:71:0f:72:
f6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4F:45:47:EF:B1:92:F8:6B:F7:C5:B3:71:E7:D8:43:5C:B8:EE:C3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235312e302f32342d3234203d3e20323133373234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.198.251.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:90:6b:1f:fc:33:00:a0:da:db:e7:f9:09:62:09:93:bb:5c:
71:23:5f:51:31:d9:17:7b:3e:69:fb:11:cc:86:41:06:e6:ff:
04:3b:9a:76:ff:61:a3:a8:82:58:60:58:41:6c:f4:07:25:7c:
40:c9:43:af:0f:ed:ab:7f:64:eb:37:f3:be:29:72:ee:31:ad:
c6:e8:bc:be:e6:59:f2:d5:ef:28:0c:ff:be:3d:6f:c1:eb:43:
82:dd:7a:da:5b:05:04:57:09:22:c6:35:f0:a9:2a:b9:c8:ae:
9b:56:30:9a:ad:d0:ce:66:66:e1:dc:a4:05:f6:c6:a2:9c:69:
e4:7b:54:a0:95:cd:84:5d:d5:88:f5:a1:27:b4:0b:19:4d:c3:
28:65:77:f1:39:4e:26:e7:01:93:26:e5:56:29:7c:4d:8e:d5:
0a:89:96:ab:be:51:c4:7e:75:a6:22:85:ab:69:de:7c:60:0a:
7f:6e:1c:1f:4b:5f:1a:e2:44:de:01:a2:a2:89:41:69:df:8c:
b5:45:db:62:69:ad:df:5e:21:b9:28:55:ce:79:0e:84:cd:de:
8c:3e:82:e9:25:55:37:0b:bf:34:4b:40:b6:42:67:85:fa:97:
41:80:1f:d8:f2:26:5f:61:4f:a5:57:41:e8:71:a2:d6:6b:db:
dd:db:da:04
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOzG6M/oQCa8n5Th8LAtuGhXOX5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjEyMDM5MzJaFw0yNjA1MjAyMDQ0MzJaMDMxMTAvBgNV
BAMTKEFBNEY0NTQ3RUZCMTkyRjg2QkY3QzVCMzcxRTdEODQzNUNCOEVFQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCha1ke0R9xc0KMQZqTgxx7J5e0
tip0fa0kQcPwNqAJKPwXq3sCPOyA6vzMhChCkGq1JjMA1VDcrkGzldIKURL0qN69
6KFyVSvJgUk7SRxQtzSEyP4JqjBzzNMIghX5sPXchWXNArru+Ef8hF1OhLBqehPP
yIrbWrERA3Zm19u4KpiThygd0Lzfn1oe31/rQDv2giLtRk4ohhdI6P6y+MXXcwwf
snyyaIHXHUAR3pHg/6iARRCfUmLYDFLGLaGT+oYlbXW68LMVOR54+0kMRsPv3bqM
jPVlkQd1BS8Pi6HO+BmIwADkh7VDJzl4kLceNHF6fbX5Nw80MRIBRHEPcvbvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqk9FR++xkvhr98WzcefYQ1y47sMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM4MmUzMjM1
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzNzMyMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABSxvswDQYJKoZIhvcNAQELBQADggEBAB2Qax/8MwCg2tvn+QliCZO7XHEjX1Ex
2Rd7Pmn7EcyGQQbm/wQ7mnb/YaOoglhgWEFs9AclfEDJQ68P7at/ZOs3874pcu4x
rcbovL7mWfLV7ygM/749b8HrQ4LdetpbBQRXCSLGNfCpKrnIrptWMJqt0M5mZuHc
pAX2xqKcaeR7VKCVzYRd1Yj1oSe0CxlNwyhld/E5TibnAZMm5VYpfE2O1QqJlqu+
UcR+daYihatp3nxgCn9uHB9LXxriRN4BoqKJQWnfjLVF22Jprd9eIbkoVc55DoTN
3ow+guklVTcLvzRLQLZCZ4X6l0GAH9jyJl9hT6VXQehxotZr293b2gQ=
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:25:36 2025 by rpki-client