Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235322e302f32322d3232203d3e203230343733.roa
File: 38322e3139382e3235322e302f32322d3232203d3e203230343733.roa (raw, json)
Hash identifier: MFz1nI5a1D/zIlqQLzx5QfBzbSYp2t4eq0MfF0IF6ug=
Subject key identifier: C8:A2:51:31:75:A7:CD:D5:66:42:77:C0:51:B3:3B:CB:94:DB:C5:E2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 723CBB8CF7FD4C372AE7D4CD32DEB856EBBF7594
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235322e302f32322d3232203d3e203230343733.roa
Signing time: Tue 10 Jun 2025 11:37:27 +0000
ROA not before: Tue 10 Jun 2025 11:32:27 +0000
ROA not after: Tue 09 Jun 2026 11:37:27 +0000
asID: 20473
IP address blocks: 82.198.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 15:18:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:3c:bb:8c:f7:fd:4c:37:2a:e7:d4:cd:32:de:b8:56:eb:bf:75:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 10 11:32:27 2025 GMT
Not After : Jun 9 11:37:27 2026 GMT
Subject: CN=C8A2513175A7CDD5664277C051B33BCB94DBC5E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:61:84:c2:56:40:00:58:14:0c:06:06:6a:e8:
d3:34:2d:b3:df:41:32:20:a6:a7:ca:f3:05:97:e8:
b5:f1:87:49:c0:65:c0:95:94:a8:f5:78:39:5b:bb:
78:52:3a:b0:bc:a7:66:cb:24:81:5d:a2:0f:d9:86:
fb:8f:45:da:a6:0e:7b:61:00:3b:fc:32:63:dc:ae:
ea:2c:11:5b:99:36:19:5b:07:b6:a0:21:1c:f8:64:
91:9c:ea:3f:25:92:57:3e:ff:9f:1a:ae:9e:a3:81:
96:a6:ce:27:75:30:c6:f0:10:37:ab:bf:cc:18:3b:
0b:45:60:f6:62:62:1d:e6:3c:69:28:4f:ec:aa:27:
2e:49:91:3e:f8:6e:29:9f:cd:10:ce:eb:36:29:00:
f4:0a:8e:74:e7:60:69:b7:a7:fb:23:a9:25:c6:af:
8e:57:a9:fe:b4:6a:43:0d:3a:4f:63:9d:0c:37:6e:
4f:db:fa:df:a4:f0:f5:b0:d8:14:16:a9:2e:8f:c5:
de:b4:b7:f7:e0:6a:a8:d3:c9:9c:9f:d7:8d:35:63:
58:2d:35:d4:30:4e:74:d5:15:4b:35:5e:52:c1:75:
ce:28:dc:16:87:43:e9:44:46:a2:99:4b:de:53:85:
05:03:73:89:9d:72:5f:c3:1d:8d:1a:db:24:4e:9f:
7b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:A2:51:31:75:A7:CD:D5:66:42:77:C0:51:B3:3B:CB:94:DB:C5:E2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235322e302f32322d3232203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.198.252.0/22
Signature Algorithm: sha256WithRSAEncryption
63:15:f2:53:98:10:6c:f1:94:6b:6c:24:7f:50:15:62:c5:5c:
fd:57:50:69:a0:42:0e:bc:e6:8e:d1:df:d9:df:c2:fe:2c:9f:
33:00:9a:53:fa:08:58:0b:6c:94:59:3f:c1:0f:7c:20:cd:0d:
ab:ad:0c:62:9a:1c:92:72:fd:23:9d:0c:d6:51:71:b7:e8:c0:
8c:6e:70:97:27:c8:32:cd:1b:75:17:61:20:b4:5b:e5:20:1e:
b9:f7:96:e0:b2:8b:bd:d5:a3:98:9c:0e:35:21:ad:6d:de:d9:
f2:b6:b4:fa:83:8e:47:e1:17:03:70:9c:4b:b3:ac:b9:fd:af:
14:6d:8f:76:28:26:db:b5:b0:49:6e:9a:e3:fa:45:1b:aa:43:
f7:ec:96:e5:06:55:c9:9a:87:aa:a8:d3:59:60:70:8c:b3:c0:
df:25:4c:e0:4c:1a:4b:25:b3:15:f7:c3:89:ec:48:82:44:d2:
52:26:73:04:a1:b6:ad:f5:d7:4d:f2:8f:f8:a7:c8:90:78:e3:
c3:22:ba:2e:78:c7:9c:c4:b2:65:15:71:f2:3a:3d:07:96:df:
a2:8a:8f:e3:b9:d6:91:0c:db:78:32:ab:5d:c9:1c:fb:6c:e7:
4c:d0:e6:32:39:0d:16:d6:14:a5:3f:47:6a:4a:f9:bd:9a:bc:
4a:17:23:1a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcjy7jPf9TDcq59TNMt64Vuu/dZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MTAxMTMyMjdaFw0yNjA2MDkxMTM3MjdaMDMxMTAvBgNV
BAMTKEM4QTI1MTMxNzVBN0NERDU2NjQyNzdDMDUxQjMzQkNCOTREQkM1RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCYYTCVkAAWBQMBgZq6NM0LbPf
QTIgpqfK8wWX6LXxh0nAZcCVlKj1eDlbu3hSOrC8p2bLJIFdog/ZhvuPRdqmDnth
ADv8MmPcruosEVuZNhlbB7agIRz4ZJGc6j8lklc+/58arp6jgZamzid1MMbwEDer
v8wYOwtFYPZiYh3mPGkoT+yqJy5JkT74bimfzRDO6zYpAPQKjnTnYGm3p/sjqSXG
r45Xqf60akMNOk9jnQw3bk/b+t+k8PWw2BQWqS6Pxd60t/fgaqjTyZyf1401Y1gt
NdQwTnTVFUs1XlLBdc4o3BaHQ+lERqKZS95ThQUDc4mdcl/DHY0a2yROn3uBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUyKJRMXWnzdVmQnfAUbM7y5TbxeIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM4MmUzMjM1
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
Usb8MA0GCSqGSIb3DQEBCwUAA4IBAQBjFfJTmBBs8ZRrbCR/UBVixVz9V1BpoEIO
vOaO0d/Z38L+LJ8zAJpT+ghYC2yUWT/BD3wgzQ2rrQximhyScv0jnQzWUXG36MCM
bnCXJ8gyzRt1F2EgtFvlIB6595bgsou91aOYnA41Ia1t3tnytrT6g45H4RcDcJxL
s6y5/a8UbY92KCbbtbBJbprj+kUbqkP37JblBlXJmoeqqNNZYHCMs8DfJUzgTBpL
JbMV98OJ7EiCRNJSJnMEobat9ddN8o/4p8iQeOPDIroueMecxLJlFXHyOj0Hlt+i
io/judaRDNt4MqtdyRz7bOdM0OYyOQ0W1hSlP0dqSvm9mrxKFyMa
-----END CERTIFICATE-----
Generated at Mon Jun 16 02:27:50 2025 by rpki-client