Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3230382e34392e302f32342d3234203d3e20323134303833.roa
File: 38352e3230382e34392e302f32342d3234203d3e20323134303833.roa (raw, json)
Hash identifier: KZQxUdD67oVZQwJl1588j/e6vClVtL5QNIm9wMl9XcQ=
Subject key identifier: 26:DA:BB:6F:5F:FD:B8:8D:B3:DC:37:3B:D0:01:A4:A1:AC:23:65:B1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 18C2E1965BC896086BF0225495DB0B9A4EED5817
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3230382e34392e302f32342d3234203d3e20323134303833.roa
Signing time: Thu 15 May 2025 07:39:18 +0000
ROA not before: Thu 15 May 2025 07:34:18 +0000
ROA not after: Thu 14 May 2026 07:39:18 +0000
asID: 214083
IP address blocks: 85.208.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:c2:e1:96:5b:c8:96:08:6b:f0:22:54:95:db:0b:9a:4e:ed:58:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 15 07:34:18 2025 GMT
Not After : May 14 07:39:18 2026 GMT
Subject: CN=26DABB6F5FFDB88DB3DC373BD001A4A1AC2365B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e8:a8:34:d2:c8:6d:0e:48:d6:15:6b:93:84:
d7:e4:21:88:7b:13:da:46:1f:ad:e9:9c:80:e6:5b:
b6:3f:04:d6:e2:82:e2:ce:db:2a:98:24:9a:57:63:
7a:c8:fe:61:34:51:07:53:6f:d8:c7:b9:e4:e3:3b:
70:59:2f:c2:4e:c6:a8:24:b6:c3:cf:a3:5c:0d:8f:
f4:29:eb:38:eb:68:1a:3b:9d:ab:4e:97:7e:ab:4b:
ae:84:d3:c5:b8:76:63:79:88:84:ff:97:8f:ac:28:
06:11:81:8e:04:cf:98:d8:fe:97:b0:02:3a:ad:a7:
4d:86:66:ab:df:a6:b6:0e:c8:cc:f0:79:dc:bc:1c:
67:31:da:04:b3:03:28:25:76:77:dc:4c:cb:0e:cb:
21:ee:3f:5e:aa:fc:ba:70:7d:4c:43:2e:2a:62:d8:
55:3a:ad:80:fe:3e:0f:cd:a1:dc:a0:40:37:79:fa:
4b:d2:f6:81:85:3a:a9:ae:9f:dc:6f:cf:ad:db:86:
41:0b:8d:7c:7d:20:c9:eb:8c:d6:6d:b9:c8:13:cb:
7d:49:e7:14:ca:b9:6e:58:3a:d2:ee:b7:e6:b8:97:
87:1b:ba:64:8e:59:1c:89:92:f8:29:4a:70:be:90:
61:00:7a:18:5c:01:5a:c3:16:64:7a:3d:a1:2d:8f:
a5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:DA:BB:6F:5F:FD:B8:8D:B3:DC:37:3B:D0:01:A4:A1:AC:23:65:B1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3230382e34392e302f32342d3234203d3e20323134303833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.49.0/24
Signature Algorithm: sha256WithRSAEncryption
29:0a:60:2e:f0:37:f1:8a:75:ed:11:11:41:6c:df:54:77:35:
33:69:ae:20:f4:58:80:c5:48:f9:ba:7b:6a:41:6a:a3:c1:8c:
c5:f1:92:f1:82:58:0f:80:e1:ff:85:aa:1e:96:34:76:be:65:
06:ab:40:7e:56:d0:17:97:36:8c:aa:72:b6:1b:3c:84:3d:f8:
66:44:f3:1f:d0:f3:ee:93:14:02:c8:4a:19:8b:96:af:ab:5d:
f3:10:b2:41:d1:ee:4e:dd:f2:4d:a6:80:40:3d:ca:36:1f:57:
53:fa:ee:d6:6d:dc:e5:3e:c1:7c:3a:01:66:a2:89:8e:6f:db:
ed:9a:79:94:e3:86:84:18:97:1d:52:68:b2:60:7b:76:8a:b9:
34:ac:87:41:e5:ac:0e:7c:b3:2a:aa:38:6c:5f:1d:27:7b:cf:
96:52:55:ba:d0:18:e5:64:1b:a6:1c:19:8d:fb:e0:14:60:6a:
d0:46:75:7d:6f:f2:e3:c6:d3:c4:b4:d8:8b:3c:e1:b2:b4:52:
89:94:09:51:54:0e:09:fe:25:34:61:95:18:0d:0b:7b:1e:eb:
e5:8a:c4:c0:2a:7f:81:72:24:9a:41:13:d0:22:72:5f:72:ee:
da:65:bf:94:ba:5c:90:63:f4:31:d6:3b:76:08:8a:de:8c:6a:
a6:0a:14:4b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGMLhllvIlghr8CJUldsLmk7tWBcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MTUwNzM0MThaFw0yNjA1MTQwNzM5MThaMDMxMTAvBgNV
BAMTKDI2REFCQjZGNUZGREI4OERCM0RDMzczQkQwMDFBNEExQUMyMzY1QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN6Kg00shtDkjWFWuThNfkIYh7
E9pGH63pnIDmW7Y/BNbiguLO2yqYJJpXY3rI/mE0UQdTb9jHueTjO3BZL8JOxqgk
tsPPo1wNj/Qp6zjraBo7natOl36rS66E08W4dmN5iIT/l4+sKAYRgY4Ez5jY/pew
Ajqtp02GZqvfprYOyMzwedy8HGcx2gSzAygldnfcTMsOyyHuP16q/LpwfUxDLipi
2FU6rYD+Pg/NodygQDd5+kvS9oGFOqmun9xvz63bhkELjXx9IMnrjNZtucgTy31J
5xTKuW5YOtLut+a4l4cbumSOWRyJkvgpSnC+kGEAehhcAVrDFmR6PaEtj6XBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJtq7b1/9uI2z3Dc70AGkoawjZbEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMDM4MmUzNDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzAzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdAxMA0GCSqGSIb3DQEBCwUAA4IBAQApCmAu8DfxinXtERFBbN9UdzUzaa4g9FiA
xUj5untqQWqjwYzF8ZLxglgPgOH/haoeljR2vmUGq0B+VtAXlzaMqnK2GzyEPfhm
RPMf0PPukxQCyEoZi5avq13zELJB0e5O3fJNpoBAPco2H1dT+u7WbdzlPsF8OgFm
oomOb9vtmnmU44aEGJcdUmiyYHt2irk0rIdB5awOfLMqqjhsXx0ne8+WUlW60Bjl
ZBumHBmN++AUYGrQRnV9b/LjxtPEtNiLPOGytFKJlAlRVA4J/iU0YZUYDQt7Huvl
isTAKn+BciSaQRPQInJfcu7aZb+UulyQY/Qx1jt2CIrejGqmChRL
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:43:19 2025 by rpki-client