Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233302e302f32332d3332203d3e203531313637.roa
File: 38352e3233392e3233302e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: DAbzIxmcBGskV9efi9yHqQJ/pZDxqKJh3S4pG8KBEVo=
Subject key identifier: D5:A0:04:F1:B7:9A:86:67:CF:0B:DC:29:43:74:A3:60:66:FF:24:99
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 11CAD778F192519A3C612E0A6BFB58CB99535D4F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233302e302f32332d3332203d3e203531313637.roa
Signing time: Fri 23 May 2025 08:46:26 +0000
ROA not before: Fri 23 May 2025 08:41:26 +0000
ROA not after: Fri 22 May 2026 08:46:26 +0000
asID: 51167
IP address blocks: 85.239.230.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ca:d7:78:f1:92:51:9a:3c:61:2e:0a:6b:fb:58:cb:99:53:5d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 23 08:41:26 2025 GMT
Not After : May 22 08:46:26 2026 GMT
Subject: CN=D5A004F1B79A8667CF0BDC294374A36066FF2499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:eb:cf:fd:fd:7d:ba:ab:a5:7d:30:c4:f6:6c:
99:17:a0:7b:60:8b:ed:ea:ff:b6:d3:01:a4:87:16:
11:c7:f7:8e:4d:6c:fd:33:f5:d5:dd:42:1c:a9:c9:
e7:1f:58:38:7b:6c:70:47:9b:0a:98:d3:86:92:3a:
e0:1e:99:12:87:68:d1:5b:c1:da:38:0b:a7:07:6e:
94:a1:d9:f7:92:52:f2:70:76:08:d9:9b:6f:8e:05:
7b:88:6d:38:60:35:98:e8:1b:37:7e:b8:bc:a9:6a:
56:df:dc:32:54:b2:fd:91:4c:99:03:54:9c:c9:b3:
c9:64:e9:14:14:c2:e4:4e:6a:a4:94:82:8c:4a:ab:
58:d5:df:80:5a:9f:3c:a8:d8:6a:6d:b1:0d:86:d3:
67:f0:5b:fe:71:31:5b:98:53:09:b6:c4:bb:fb:6c:
10:1d:2e:6b:1c:b5:43:8d:1e:09:fd:59:bc:14:c0:
d6:5e:cd:70:95:bc:d9:e7:94:f0:f5:0f:04:c0:ca:
70:eb:d8:ed:ed:c2:97:a2:99:bd:ab:19:4f:30:56:
f5:b0:90:8c:32:a7:f0:95:e7:c9:be:77:08:c2:6a:
a1:3a:b4:6b:73:11:fc:fd:2c:90:77:26:4a:8b:b8:
57:96:08:c6:37:17:cc:e2:76:e6:98:48:42:c1:e0:
8e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A0:04:F1:B7:9A:86:67:CF:0B:DC:29:43:74:A3:60:66:FF:24:99
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233302e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.230.0/23
Signature Algorithm: sha256WithRSAEncryption
25:c4:f7:b7:24:52:11:08:b1:89:c5:fb:1c:78:a3:75:c6:0d:
c7:7e:f3:c4:cc:fd:fa:d3:2c:bb:1d:cd:39:cc:15:91:57:c3:
7d:c8:16:52:3f:c3:35:45:a3:d7:49:c6:d3:15:56:8d:7f:bc:
e2:a6:df:ba:4c:e0:3e:27:17:65:bf:87:69:f7:49:14:47:ae:
c6:16:49:61:f6:f8:e0:e4:46:0d:a5:60:39:45:6c:e4:f7:08:
ef:3c:e1:42:91:62:29:60:29:74:71:9f:39:3f:27:cd:d0:db:
e1:a9:2d:88:a4:88:e3:5c:da:a0:ab:3b:c0:12:e7:a4:37:71:
fc:af:6d:f6:66:78:37:9f:55:49:86:88:02:15:8d:d1:2f:00:
d6:c6:86:81:18:60:a6:7c:3a:8b:be:50:c3:47:3b:4a:c5:ef:
d4:0d:82:d5:ee:a4:41:0c:1f:cf:09:be:8a:94:5e:36:2e:ff:
16:2a:22:ef:ce:9d:2f:9e:42:44:7f:4a:1c:c2:69:c4:e5:09:
bc:78:78:6d:5e:3c:fc:9c:77:f2:6b:d4:b1:06:52:f9:1d:8a:
d1:8b:00:97:8d:a8:e7:e2:a4:5c:65:c2:c3:ed:81:97:82:fb:
43:a5:ca:f0:0d:35:4e:95:a2:05:db:c6:ca:ea:4f:4c:50:86:
0e:41:20:4c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEcrXePGSUZo8YS4Ka/tYy5lTXU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjMwODQxMjZaFw0yNjA1MjIwODQ2MjZaMDMxMTAvBgNV
BAMTKEQ1QTAwNEYxQjc5QTg2NjdDRjBCREMyOTQzNzRBMzYwNjZGRjI0OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+68/9/X26q6V9MMT2bJkXoHtg
i+3q/7bTAaSHFhHH945NbP0z9dXdQhypyecfWDh7bHBHmwqY04aSOuAemRKHaNFb
wdo4C6cHbpSh2feSUvJwdgjZm2+OBXuIbThgNZjoGzd+uLypalbf3DJUsv2RTJkD
VJzJs8lk6RQUwuROaqSUgoxKq1jV34Banzyo2GptsQ2G02fwW/5xMVuYUwm2xLv7
bBAdLmsctUONHgn9WbwUwNZezXCVvNnnlPD1DwTAynDr2O3twpeimb2rGU8wVvWw
kIwyp/CV58m+dwjCaqE6tGtzEfz9LJB3JkqLuFeWCMY3F8ziduaYSELB4I5pAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1aAE8beahmfPC9wpQ3SjYGb/JJkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjMz
MzAyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Ve/mMA0GCSqGSIb3DQEBCwUAA4IBAQAlxPe3JFIRCLGJxfsceKN1xg3HfvPEzP36
0yy7Hc05zBWRV8N9yBZSP8M1RaPXScbTFVaNf7zipt+6TOA+Jxdlv4dp90kUR67G
Fklh9vjg5EYNpWA5RWzk9wjvPOFCkWIpYCl0cZ85PyfN0NvhqS2IpIjjXNqgqzvA
EuekN3H8r232Zng3n1VJhogCFY3RLwDWxoaBGGCmfDqLvlDDRztKxe/UDYLV7qRB
DB/PCb6KlF42Lv8WKiLvzp0vnkJEf0ocwmnE5Qm8eHhtXjz8nHfya9SxBlL5HYrR
iwCXjajn4qRcZcLD7YGXgvtDpcrwDTVOlaIF28bK6k9MUIYOQSBM
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:22:44 2025 by rpki-client