Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3135312e302f32342d3234203d3e20313336373837.roa
File: 38342e33392e3135312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Kf2eOPnazSiZPnRYP3KoaplISBXrqPiEIWTukbyj7sM=
Subject key identifier: F8:1A:3F:F4:A2:50:AA:8A:13:40:AA:54:9F:C5:A9:6B:78:79:05:6A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5F2CAD44E53651A582444A73A488B99FA1C3ACD4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3135312e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 27 Aug 2025 19:47:27 +0000
ROA not before: Wed 27 Aug 2025 19:42:27 +0000
ROA not after: Wed 26 Aug 2026 19:47:27 +0000
asID: 136787
IP address blocks: 84.39.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:2c:ad:44:e5:36:51:a5:82:44:4a:73:a4:88:b9:9f:a1:c3:ac:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 27 19:42:27 2025 GMT
Not After : Aug 26 19:47:27 2026 GMT
Subject: CN=F81A3FF4A250AA8A1340AA549FC5A96B7879056A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:53:1b:2d:30:fe:b5:21:99:2c:ff:a7:02:02:
eb:6e:e8:8b:a5:e7:4b:f6:de:3d:03:23:52:a6:0d:
b4:da:d2:7a:56:61:ef:b7:61:ea:ca:55:0b:44:84:
e6:69:1e:e3:46:ce:2c:68:93:bb:33:28:e4:3e:33:
88:fd:db:d2:fc:70:24:aa:fe:d8:04:60:18:ae:57:
3d:81:25:9c:9c:03:6a:14:44:24:f1:be:55:7b:bf:
f3:16:46:a3:62:62:3a:59:39:70:66:b6:b0:76:eb:
34:0e:1a:36:64:0f:10:c3:5d:8e:91:49:a3:4e:36:
9c:82:46:ad:37:bf:a1:78:0d:35:c2:f5:e3:f2:80:
70:6b:31:a0:cf:dc:93:73:b5:c7:28:87:de:d5:6c:
6d:a0:0d:11:1d:44:ff:6b:22:81:28:44:69:09:d7:
d3:8e:1c:b3:fe:4d:5e:90:8d:08:c5:c7:b7:de:fc:
59:66:9c:30:f6:ab:de:89:62:01:9d:9f:1a:ca:45:
ef:20:b4:26:e8:7d:46:0f:f4:96:65:a5:06:c2:51:
c9:11:99:b3:34:98:53:a2:51:70:0a:44:59:09:a7:
9e:5b:ff:bf:a8:04:be:a8:d6:ef:e3:55:1c:76:c8:
f0:b6:46:99:8a:09:a2:a0:2b:33:7d:b8:92:7b:02:
eb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:1A:3F:F4:A2:50:AA:8A:13:40:AA:54:9F:C5:A9:6B:78:79:05:6A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e33392e3135312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.151.0/24
Signature Algorithm: sha256WithRSAEncryption
00:bb:de:15:c3:f2:c9:76:41:3c:73:62:9c:fd:c2:42:70:2a:
eb:a0:b7:39:9f:ef:fb:cc:b6:10:95:7e:70:c9:d7:3b:bb:46:
62:9c:1b:8f:b3:b6:ff:60:bd:9f:f1:bb:68:56:14:4f:16:7d:
80:11:73:d7:be:3a:06:db:0d:2e:3f:52:db:a9:86:fe:63:69:
e5:9a:22:b3:3e:1f:29:3e:1a:5d:b8:6f:47:91:88:9e:80:2a:
f8:a2:9c:96:19:a0:4e:ac:22:5a:47:c1:ec:27:21:60:60:6a:
f8:19:9f:d5:e4:f7:d7:03:c8:bf:f5:a0:0b:bb:9d:73:11:87:
46:d3:1c:42:54:a7:91:28:fe:2e:4d:39:e0:db:f2:ab:0c:50:
8f:33:a3:98:47:db:98:13:10:30:b5:e6:e6:38:32:d0:e2:07:
69:f0:0f:ad:09:41:45:23:fb:ca:77:07:bb:ef:73:c4:4a:aa:
83:fa:e5:f4:41:3c:8e:36:aa:92:68:ba:28:fc:33:be:3b:3a:
bc:c1:05:80:f3:c7:42:dc:47:11:23:a4:8d:3a:b7:97:d8:d4:
62:66:b7:4d:11:1c:1c:74:f6:10:76:78:a9:c7:90:fc:b9:cf:
d4:01:6c:38:03:2c:2f:32:a4:db:03:f1:e7:23:e0:0e:e5:aa:
77:de:bb:2a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXyytROU2UaWCREpzpIi5n6HDrNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjcxOTQyMjdaFw0yNjA4MjYxOTQ3MjdaMDMxMTAvBgNV
BAMTKEY4MUEzRkY0QTI1MEFBOEExMzQwQUE1NDlGQzVBOTZCNzg3OTA1NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmUxstMP61IZks/6cCAutu6Iul
50v23j0DI1KmDbTa0npWYe+3YerKVQtEhOZpHuNGzixok7szKOQ+M4j929L8cCSq
/tgEYBiuVz2BJZycA2oURCTxvlV7v/MWRqNiYjpZOXBmtrB26zQOGjZkDxDDXY6R
SaNONpyCRq03v6F4DTXC9ePygHBrMaDP3JNztccoh97VbG2gDREdRP9rIoEoRGkJ
19OOHLP+TV6QjQjFx7fe/FlmnDD2q96JYgGdnxrKRe8gtCbofUYP9JZlpQbCUckR
mbM0mFOiUXAKRFkJp55b/7+oBL6o1u/jVRx2yPC2RpmKCaKgKzN9uJJ7Aut5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+Bo/9KJQqooTQKpUn8Wpa3h5BWowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzMzOTJlMzEzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VCeXMA0GCSqGSIb3DQEBCwUAA4IBAQAAu94Vw/LJdkE8c2Kc/cJCcCrroLc5n+/7
zLYQlX5wydc7u0ZinBuPs7b/YL2f8btoVhRPFn2AEXPXvjoG2w0uP1LbqYb+Y2nl
miKzPh8pPhpduG9HkYiegCr4opyWGaBOrCJaR8HsJyFgYGr4GZ/V5PfXA8i/9aAL
u51zEYdG0xxCVKeRKP4uTTng2/KrDFCPM6OYR9uYExAwtebmODLQ4gdp8A+tCUFF
I/vKdwe773PESqqD+uX0QTyONqqSaLoo/DO+Ozq8wQWA88dC3EcRI6SNOreX2NRi
ZrdNERwcdPYQdnipx5D8uc/UAWw4AywvMqTbA/HnI+AO5ap33rsq
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:50:15 2025 by rpki-client