Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3134382e302f32332d3234203d3e203630363634.roa
File: 38342e33392e3134382e302f32332d3234203d3e203630363634.roa (raw, json)
Hash identifier: 03QSJhWgedrxEV7P++URO/uB0ACAsBR4Iytid0RsSqU=
Subject key identifier: 4B:78:E7:5F:F3:7E:59:3D:AE:6A:2A:9E:E5:32:75:27:5B:71:89:EF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1BFDBE5CF32AC9A8A3FDC8C60CE5D9AC7EC5F654
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3134382e302f32332d3234203d3e203630363634.roa
Signing time: Fri 23 May 2025 17:46:27 +0000
ROA not before: Fri 23 May 2025 17:41:27 +0000
ROA not after: Fri 22 May 2026 17:46:27 +0000
asID: 60664
IP address blocks: 84.39.148.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 17:19:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:fd:be:5c:f3:2a:c9:a8:a3:fd:c8:c6:0c:e5:d9:ac:7e:c5:f6:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 23 17:41:27 2025 GMT
Not After : May 22 17:46:27 2026 GMT
Subject: CN=4B78E75FF37E593DAE6A2A9EE53275275B7189EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:62:d8:9d:73:79:c3:ef:63:d3:d7:e8:1e:4c:
a5:94:e0:73:a4:c1:fd:08:02:21:c6:2e:71:37:a7:
7f:8a:6c:39:f1:c1:c6:d2:95:c7:ca:82:98:54:80:
d9:af:bb:63:6a:91:08:ad:b3:79:17:9a:19:29:5e:
3d:4d:eb:a2:7b:80:4d:1a:df:e9:1c:49:ae:cd:c7:
eb:40:b0:b0:a8:fa:d3:15:82:2b:d9:21:0b:fd:9c:
ad:4b:f5:d5:5e:ec:df:01:b5:26:4f:26:4b:1f:f6:
9d:7f:a8:17:4f:2b:2c:40:f3:55:55:24:95:aa:3b:
49:77:8e:4c:50:f1:cf:f5:7a:6c:90:b9:86:51:bc:
88:e1:a7:fe:8a:1c:6a:ed:09:2f:f3:2f:3e:86:58:
89:44:80:d3:d7:16:87:84:6e:d0:05:8d:8f:d2:4e:
00:e7:2c:cd:32:78:1e:10:4a:84:63:4a:85:02:6a:
1c:f7:f7:e7:a9:32:90:67:a1:e9:01:58:38:ee:d0:
32:f4:8e:e8:e1:f9:f8:1b:1f:9b:88:95:b1:27:3d:
16:cd:8b:fb:6b:1a:6e:ba:78:88:78:13:98:e0:c2:
11:4e:ac:77:f6:54:58:09:f5:1c:01:d1:8c:47:9f:
63:dc:1a:9a:39:88:0b:a4:7f:a0:a9:de:af:c0:10:
72:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:78:E7:5F:F3:7E:59:3D:AE:6A:2A:9E:E5:32:75:27:5B:71:89:EF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3134382e302f32332d3234203d3e203630363634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.148.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:8d:df:cf:75:6f:db:eb:3a:a3:e2:5c:2c:18:82:b0:f4:0f:
88:09:86:28:7d:3c:de:98:58:c1:f7:65:15:c3:b2:b2:b2:e4:
32:13:c4:67:66:e6:9a:6b:e9:51:75:60:63:cc:e7:39:b0:c7:
44:1a:6f:9b:6e:d6:43:b9:f2:83:c9:ff:00:75:01:cd:11:c3:
46:03:38:1c:34:bd:da:5a:8c:6e:55:41:f8:63:6d:d7:ad:4e:
1f:21:58:9b:eb:6b:ab:10:bd:b8:b3:52:b5:07:ea:06:50:93:
d4:ef:bb:f1:1d:fc:6e:fb:9f:73:a2:3a:04:ad:af:5c:19:dc:
1b:c4:fe:33:93:e4:bc:64:a2:40:10:14:44:17:cb:5d:e0:fa:
39:e3:b6:73:b1:f7:4a:67:30:b5:fc:4f:91:73:99:e8:11:e3:
40:38:65:c8:a7:4f:5a:27:ee:19:db:52:17:b6:64:15:ef:42:
cd:e6:d3:0b:83:76:0a:a0:65:f3:42:2a:ec:48:6f:f3:ab:ec:
12:f7:c6:d1:66:8b:8b:a6:a9:03:67:94:f2:0e:0a:53:1c:c1:
15:85:5b:e3:05:8b:ed:b5:0c:26:fb:36:26:1d:5c:af:f1:76:
80:26:a2:32:d5:e6:3e:c9:63:85:0e:86:50:79:0c:e0:a5:98:
70:26:04:02
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUG/2+XPMqyaij/cjGDOXZrH7F9lQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjMxNzQxMjdaFw0yNjA1MjIxNzQ2MjdaMDMxMTAvBgNV
BAMTKDRCNzhFNzVGRjM3RTU5M0RBRTZBMkE5RUU1MzI3NTI3NUI3MTg5RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEYtidc3nD72PT1+geTKWU4HOk
wf0IAiHGLnE3p3+KbDnxwcbSlcfKgphUgNmvu2NqkQits3kXmhkpXj1N66J7gE0a
3+kcSa7Nx+tAsLCo+tMVgivZIQv9nK1L9dVe7N8BtSZPJksf9p1/qBdPKyxA81VV
JJWqO0l3jkxQ8c/1emyQuYZRvIjhp/6KHGrtCS/zLz6GWIlEgNPXFoeEbtAFjY/S
TgDnLM0yeB4QSoRjSoUCahz39+epMpBnoekBWDju0DL0jujh+fgbH5uIlbEnPRbN
i/trGm66eIh4E5jgwhFOrHf2VFgJ9RwB0YxHn2PcGpo5iAukf6Cp3q/AEHIhAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUS3jnX/N+WT2uaiqe5TJ1J1txie8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzMzOTJlMzEzNDM4
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzYzMDM2MzYzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVQn
lDANBgkqhkiG9w0BAQsFAAOCAQEATY3fz3Vv2+s6o+JcLBiCsPQPiAmGKH083phY
wfdlFcOysrLkMhPEZ2bmmmvpUXVgY8znObDHRBpvm27WQ7nyg8n/AHUBzRHDRgM4
HDS92lqMblVB+GNt161OHyFYm+trqxC9uLNStQfqBlCT1O+78R38bvufc6I6BK2v
XBncG8T+M5PkvGSiQBAURBfLXeD6OeO2c7H3SmcwtfxPkXOZ6BHjQDhlyKdPWifu
GdtSF7ZkFe9CzebTC4N2CqBl80Iq7Ehv86vsEvfG0WaLi6apA2eU8g4KUxzBFYVb
4wWL7bUMJvs2Jh1cr/F2gCaiMtXmPsljhQ6GUHkM4KWYcCYEAg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:25:31 2025 by rpki-client