Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234382e302f32332d3332203d3e203531313637.roa
File: 38352e3233392e3234382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: YCZgnKPu0Mkll/3AL/K0gr7tDq0wRW4UlxrjNPNFn7o=
Subject key identifier: 7D:52:3D:FC:07:2F:07:74:31:9B:FE:94:4C:5F:49:0E:EC:19:BE:5A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 76444B77BF7ABE3FB41558533EA8EE17542FBF35
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234382e302f32332d3332203d3e203531313637.roa
Signing time: Fri 23 May 2025 08:46:27 +0000
ROA not before: Fri 23 May 2025 08:41:27 +0000
ROA not after: Fri 22 May 2026 08:46:27 +0000
asID: 51167
IP address blocks: 85.239.248.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 12:43:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:44:4b:77:bf:7a:be:3f:b4:15:58:53:3e:a8:ee:17:54:2f:bf:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 23 08:41:27 2025 GMT
Not After : May 22 08:46:27 2026 GMT
Subject: CN=7D523DFC072F0774319BFE944C5F490EEC19BE5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6b:9e:02:31:71:16:25:10:80:cf:f3:4c:2d:
c7:19:86:2a:d1:2a:23:5e:bd:af:7a:75:fa:6e:0e:
c7:bf:07:5d:15:27:88:4f:a5:4b:50:0c:db:60:d6:
1c:23:11:9c:e2:2e:60:98:47:94:c0:49:e6:12:2a:
a2:c8:a5:76:e8:e4:67:e6:3c:ee:09:53:07:2d:58:
27:69:ed:a6:c4:28:cd:7f:08:c0:c9:38:27:2d:67:
81:16:8c:7c:45:66:f2:b1:a2:6a:23:af:e8:62:10:
cc:3e:5f:fc:99:9b:0e:68:52:b0:e7:73:26:ae:18:
ea:32:e5:17:48:61:4d:9b:2a:78:6b:b6:a1:a4:e7:
bf:fd:a7:21:4d:30:76:c1:ad:f8:16:35:2a:80:78:
9f:43:fc:c3:28:e4:ff:0f:c0:d7:92:94:96:31:08:
82:9f:d9:a8:29:4d:06:48:cd:00:b3:e0:2e:21:e3:
59:c6:f0:7c:1d:a3:b1:c4:ef:29:36:55:a1:94:b4:
ff:2c:96:22:8a:bf:74:a8:d0:2a:29:69:ec:c7:3b:
c1:8c:72:e1:3a:1f:1c:22:94:31:9f:9e:a2:46:b1:
59:e7:bb:d1:7f:b7:25:11:87:32:c7:fe:a4:82:01:
57:39:8f:9a:ce:a1:7e:66:ff:cf:38:1e:22:76:bd:
9f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:52:3D:FC:07:2F:07:74:31:9B:FE:94:4C:5F:49:0E:EC:19:BE:5A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.248.0/23
Signature Algorithm: sha256WithRSAEncryption
08:17:fb:a3:6b:49:06:c5:d5:93:c8:52:21:80:d5:9c:6e:44:
dc:12:d1:5d:d5:91:ad:37:eb:84:cd:1c:3c:6d:65:ab:3b:ee:
80:5b:cf:15:7f:1b:16:c3:48:56:d2:36:3f:59:7a:46:3c:2a:
ee:2b:08:24:8c:e3:45:95:9c:c1:b4:26:28:a7:e7:a3:57:65:
b4:8c:86:22:88:8f:d3:e4:f7:92:35:90:4c:f7:d3:92:17:9a:
f3:f2:5e:db:c6:dd:79:7f:6e:5c:a7:e5:d1:59:f1:b3:bc:61:
24:0d:c5:da:6a:a4:ac:44:cb:bd:e4:a8:a2:e8:41:cc:2b:95:
fd:62:e3:be:c1:a4:84:5c:3e:9a:00:d4:6c:00:5a:c3:cd:d5:
96:43:24:2f:18:6b:ed:a9:4d:92:b4:65:69:43:c4:fd:6e:b3:
f1:84:5e:3c:59:79:26:6c:08:b0:6a:86:87:a2:ce:19:a1:e1:
56:0b:a1:bc:44:b7:a1:2f:5b:da:39:3c:79:b1:3a:40:83:5d:
81:05:42:33:d2:18:24:3a:ce:a8:72:de:22:3f:be:38:35:65:
74:ba:62:dd:97:73:bd:19:89:d3:5b:4b:f4:5c:dd:20:b3:f5:
e4:bb:36:8c:2e:cb:2d:d5:49:36:0b:41:53:64:ea:47:a2:34:
dc:71:d5:0f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdkRLd796vj+0FVhTPqjuF1QvvzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA1MjMwODQxMjdaFw0yNjA1MjIwODQ2MjdaMDMxMTAvBgNV
BAMTKDdENTIzREZDMDcyRjA3NzQzMTlCRkU5NDRDNUY0OTBFRUMxOUJFNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDca54CMXEWJRCAz/NMLccZhirR
KiNeva96dfpuDse/B10VJ4hPpUtQDNtg1hwjEZziLmCYR5TASeYSKqLIpXbo5Gfm
PO4JUwctWCdp7abEKM1/CMDJOCctZ4EWjHxFZvKxomojr+hiEMw+X/yZmw5oUrDn
cyauGOoy5RdIYU2bKnhrtqGk57/9pyFNMHbBrfgWNSqAeJ9D/MMo5P8PwNeSlJYx
CIKf2agpTQZIzQCz4C4h41nG8Hwdo7HE7yk2VaGUtP8sliKKv3So0CopaezHO8GM
cuE6HxwilDGfnqJGsVnnu9F/tyURhzLH/qSCAVc5j5rOoX5m/884HiJ2vZ8BAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfVI9/AcvB3Qxm/6UTF9JDuwZvlowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjM0
MzgyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Ve/4MA0GCSqGSIb3DQEBCwUAA4IBAQAIF/uja0kGxdWTyFIhgNWcbkTcEtFd1ZGt
N+uEzRw8bWWrO+6AW88VfxsWw0hW0jY/WXpGPCruKwgkjONFlZzBtCYop+ejV2W0
jIYiiI/T5PeSNZBM99OSF5rz8l7bxt15f25cp+XRWfGzvGEkDcXaaqSsRMu95Kii
6EHMK5X9YuO+waSEXD6aANRsAFrDzdWWQyQvGGvtqU2StGVpQ8T9brPxhF48WXkm
bAiwaoaHos4ZoeFWC6G8RLehL1vaOTx5sTpAg12BBUIz0hgkOs6oct4iP744NWV0
umLdl3O9GYnTW0v0XN0gs/XkuzaMLsst1Uk2C0FTZOpHojTccdUP
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:24:03 2025 by rpki-client