Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235322e302f32322d3232203d3e20323133383936.roa
File: 38322e3139382e3235322e302f32322d3232203d3e20323133383936.roa (raw, json)
Hash identifier: VCMOVDQedyO2kD/izr6NEaE5jaf7dkddiEdTam5OnCc=
Subject key identifier: 0E:E8:4E:FC:A2:D1:2D:3B:68:6D:B7:65:6B:88:8F:8A:CE:54:39:9F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 17F63FE4AA55490739373B6F8AC7DB73CCB9DD40
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235322e302f32322d3232203d3e20323133383936.roa
Signing time: Tue 20 May 2025 08:34:56 +0000
ROA not before: Tue 20 May 2025 08:29:56 +0000
ROA not after: Tue 19 May 2026 08:34:56 +0000
asID: 213896
IP address blocks: 82.198.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:f6:3f:e4:aa:55:49:07:39:37:3b:6f:8a:c7:db:73:cc:b9:dd:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 20 08:29:56 2025 GMT
Not After : May 19 08:34:56 2026 GMT
Subject: CN=0EE84EFCA2D12D3B686DB7656B888F8ACE54399F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a0:a5:16:18:f3:15:62:84:ca:2d:c5:c0:d8:
c3:bc:a9:36:03:d8:01:af:36:be:85:b4:40:86:4c:
fb:9f:29:3c:72:7b:eb:a7:e0:06:8a:01:70:53:f1:
8c:3e:69:58:9a:9f:04:7a:85:40:4d:57:bc:b6:65:
41:e3:b0:88:20:bb:e6:26:8f:64:03:d1:ca:d7:ce:
e8:64:52:46:9e:84:d1:39:b4:d4:4d:39:54:69:04:
1b:86:8d:54:9b:98:90:8c:59:e3:c4:c9:0e:7b:b7:
65:9a:58:8f:42:d4:93:41:4e:97:bf:53:1f:1f:c2:
59:3a:cb:8c:0e:04:0f:07:f3:e1:43:e3:71:b5:44:
4e:30:ce:10:73:87:40:88:df:c6:99:e3:3a:86:1b:
12:f0:6d:9b:37:c4:f2:5a:e6:56:1c:c4:51:44:bd:
8b:fe:07:6b:9e:36:88:c1:67:81:2b:d6:87:b4:79:
42:f8:39:c7:9f:c9:2f:00:b4:90:fd:76:4d:9c:4c:
df:82:cb:35:54:b5:4c:fd:81:4a:2f:e1:5b:2b:91:
a5:75:dd:08:64:74:a7:ed:66:13:98:07:9c:14:06:
cc:18:6f:28:89:0c:67:a8:d7:ad:95:4d:8f:bc:88:
0c:f9:d1:5b:c7:fb:da:ed:08:77:1b:46:b3:cb:d6:
e6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E8:4E:FC:A2:D1:2D:3B:68:6D:B7:65:6B:88:8F:8A:CE:54:39:9F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235322e302f32322d3232203d3e20323133383936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.198.252.0/22
Signature Algorithm: sha256WithRSAEncryption
47:89:a7:d1:aa:6c:e2:ef:59:62:e9:01:2e:23:89:c9:bd:36:
cf:82:d0:db:36:6e:8e:93:73:15:21:2e:2f:ce:6d:64:46:36:
e5:ae:04:bc:ea:5d:79:2a:c8:f7:b2:ee:87:76:37:bb:05:d7:
f8:45:51:d8:ef:ef:c5:8f:c7:25:c8:3b:20:69:d0:e4:25:2f:
8b:fc:ee:77:42:50:4b:17:21:8e:41:45:ab:69:b9:d2:c9:90:
3f:37:b0:09:6f:28:f5:56:de:96:7c:70:8b:cf:33:44:21:38:
c7:1c:0b:ce:9c:53:92:ff:23:12:4c:9a:b0:d3:1b:c2:ff:0a:
97:e3:3a:f3:4a:45:7e:49:d2:6a:a3:3d:3e:85:f0:0d:e0:ec:
57:35:bf:46:d7:58:58:78:c2:07:e7:07:6b:55:87:49:2d:f0:
9e:a8:65:06:43:e2:64:46:73:3d:0c:81:17:87:8f:81:a6:ec:
94:37:a1:69:b3:78:2e:25:df:d5:3f:36:17:ce:8b:ab:4c:7f:
07:f8:3c:7a:64:7d:e4:98:e2:32:b7:e3:cf:d7:25:5a:71:35:
9b:90:a5:3b:ad:7f:3b:b9:a5:af:f0:b8:a2:a1:00:99:d5:fe:
22:49:73:6b:00:4c:ab:e4:26:30:a3:d6:6b:24:46:eb:af:06:
f2:47:8f:2f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUF/Y/5KpVSQc5Nztvisfbc8y53UAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjAwODI5NTZaFw0yNjA1MTkwODM0NTZaMDMxMTAvBgNV
BAMTKDBFRTg0RUZDQTJEMTJEM0I2ODZEQjc2NTZCODg4RjhBQ0U1NDM5OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8oKUWGPMVYoTKLcXA2MO8qTYD
2AGvNr6FtECGTPufKTxye+un4AaKAXBT8Yw+aVianwR6hUBNV7y2ZUHjsIggu+Ym
j2QD0crXzuhkUkaehNE5tNRNOVRpBBuGjVSbmJCMWePEyQ57t2WaWI9C1JNBTpe/
Ux8fwlk6y4wOBA8H8+FD43G1RE4wzhBzh0CI38aZ4zqGGxLwbZs3xPJa5lYcxFFE
vYv+B2ueNojBZ4Er1oe0eUL4OcefyS8AtJD9dk2cTN+CyzVUtUz9gUov4VsrkaV1
3QhkdKftZhOYB5wUBswYbyiJDGeo162VTY+8iAz50VvH+9rtCHcbRrPL1uYBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDuhO/KLRLTtobbdla4iPis5UOZ8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM4MmUzMjM1
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMxMzMzODM5MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAJSxvwwDQYJKoZIhvcNAQELBQADggEBAEeJp9GqbOLvWWLpAS4jicm9Ns+C0Ns2
bo6TcxUhLi/ObWRGNuWuBLzqXXkqyPey7od2N7sF1/hFUdjv78WPxyXIOyBp0OQl
L4v87ndCUEsXIY5BRatpudLJkD83sAlvKPVW3pZ8cIvPM0QhOMccC86cU5L/IxJM
mrDTG8L/CpfjOvNKRX5J0mqjPT6F8A3g7Fc1v0bXWFh4wgfnB2tVh0kt8J6oZQZD
4mRGcz0MgReHj4Gm7JQ3oWmzeC4l39U/NhfOi6tMfwf4PHpkfeSY4jK348/XJVpx
NZuQpTutfzu5pa/wuKKhAJnV/iJJc2sATKvkJjCj1mskRuuvBvJHjy8=
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:35:53 2025 by rpki-client