Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230302e302f32342d3234203d3e20323136313531.roa
File: 38382e3231382e3230302e302f32342d3234203d3e20323136313531.roa (raw, json)
Hash identifier: znFynCzjOSYd8w2knXqKJ7CWufzyr80jzWRF0+/VcuM=
Subject key identifier: 58:DC:68:23:B7:13:D5:7B:17:23:1F:FE:15:CA:9E:7F:4D:A7:B3:4C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5106A9848ACA57A071E389EA747056F9A78B364D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230302e302f32342d3234203d3e20323136313531.roa
Signing time: Wed 23 Apr 2025 11:57:14 +0000
ROA not before: Wed 23 Apr 2025 11:52:14 +0000
ROA not after: Wed 22 Apr 2026 11:57:14 +0000
asID: 216151
IP address blocks: 88.218.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 12:40:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:06:a9:84:8a:ca:57:a0:71:e3:89:ea:74:70:56:f9:a7:8b:36:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 23 11:52:14 2025 GMT
Not After : Apr 22 11:57:14 2026 GMT
Subject: CN=58DC6823B713D57B17231FFE15CA9E7F4DA7B34C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2b:6a:82:c1:5c:12:d9:ef:7c:c4:79:5e:5d:
60:2d:b0:26:61:79:3b:31:97:0b:03:16:bd:f7:86:
ee:5c:56:de:ec:4c:f5:d2:1e:cb:a3:4c:41:ea:81:
46:d6:d3:76:bc:7a:9d:d8:45:58:08:dc:1c:c0:07:
a9:5f:fa:e5:7c:5b:01:0d:c0:cf:1b:3b:92:8c:46:
25:1f:33:04:9a:3c:26:51:78:16:73:2d:f7:f4:df:
4d:8f:4e:a7:64:9f:0c:26:e3:69:d0:f1:6f:f9:d0:
b0:87:42:8f:9c:e5:3c:14:6e:ad:3e:5f:c7:f3:bc:
f8:ef:d2:83:db:86:7a:c1:99:d1:8d:72:3a:54:0e:
b3:14:6b:97:34:2d:3c:75:57:78:f2:ad:f0:d1:5c:
d1:8d:e3:a6:9d:dc:42:45:ef:a2:b3:6b:e1:ee:90:
38:5b:80:47:d3:a3:a2:e9:4b:f3:84:4f:3f:b8:a2:
39:e8:05:3e:d6:3b:c9:43:81:fb:87:f6:49:5a:db:
e3:58:77:e1:d7:67:d6:65:ba:77:d4:5a:02:ae:e5:
eb:d1:99:81:d2:a9:26:50:77:ce:10:0d:f2:25:f2:
61:15:a1:be:94:27:20:86:ce:b2:f4:0a:db:b2:d0:
e2:4c:8a:04:e8:4a:a7:9b:0d:3f:f1:0e:ac:b3:c8:
3e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DC:68:23:B7:13:D5:7B:17:23:1F:FE:15:CA:9E:7F:4D:A7:B3:4C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38382e3231382e3230302e302f32342d3234203d3e20323136313531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.200.0/24
Signature Algorithm: sha256WithRSAEncryption
93:83:1c:f7:37:0d:94:a6:88:5f:45:9f:75:b7:09:ff:2f:68:
b7:0c:11:bd:9a:fe:8a:b4:97:26:66:bf:6d:3e:1f:8d:da:d4:
fe:aa:d7:79:c9:a6:bf:a1:3b:e4:69:e4:c8:24:57:e2:9a:93:
8c:55:8b:ba:b6:1d:af:a9:dc:9d:5b:6c:04:22:3e:a3:d2:25:
f7:49:86:b2:a3:dc:af:6e:ea:7d:89:e8:d1:e8:3e:d8:4f:0d:
1f:d0:39:5a:ee:7e:cf:9b:0c:a9:34:0d:d8:9c:8a:3d:07:d5:
35:03:59:ab:ee:77:99:2b:14:4e:f4:9e:a7:54:26:ab:98:40:
6b:80:1b:05:6b:3d:04:cf:eb:c1:c4:a2:f1:df:76:cd:22:c8:
2c:3e:5e:fe:7d:15:14:6b:3b:64:a4:37:fd:9a:65:fb:b3:b7:
f1:d0:ce:bc:e1:51:26:85:4e:c2:8c:cc:47:5e:ff:10:7e:0a:
bf:1d:02:13:77:01:47:24:86:ce:a5:c9:41:2e:a0:7e:04:6e:
86:56:47:7d:70:a2:0c:11:44:6b:47:ca:f9:f7:83:78:fb:d2:
73:85:b1:ff:d7:8d:41:0b:56:9d:e3:37:1a:e2:98:af:46:a6:
c9:88:ee:bf:61:d7:93:fe:51:40:64:fb:12:e4:80:94:6d:e1:
97:40:0e:8d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUQaphIrKV6Bx44nqdHBW+aeLNk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MjMxMTUyMTRaFw0yNjA0MjIxMTU3MTRaMDMxMTAvBgNV
BAMTKDU4REM2ODIzQjcxM0Q1N0IxNzIzMUZGRTE1Q0E5RTdGNERBN0IzNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXK2qCwVwS2e98xHleXWAtsCZh
eTsxlwsDFr33hu5cVt7sTPXSHsujTEHqgUbW03a8ep3YRVgI3BzAB6lf+uV8WwEN
wM8bO5KMRiUfMwSaPCZReBZzLff0302PTqdknwwm42nQ8W/50LCHQo+c5TwUbq0+
X8fzvPjv0oPbhnrBmdGNcjpUDrMUa5c0LTx1V3jyrfDRXNGN46ad3EJF76Kza+Hu
kDhbgEfTo6LpS/OETz+4ojnoBT7WO8lDgfuH9kla2+NYd+HXZ9ZlunfUWgKu5evR
mYHSqSZQd84QDfIl8mEVob6UJyCGzrL0Ctuy0OJMigToSqebDT/xDqyzyD5FAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWNxoI7cT1XsXIx/+Fcqef02ns0wwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzODJlMzIzMTM4MmUzMjMw
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM1MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABY2sgwDQYJKoZIhvcNAQELBQADggEBAJODHPc3DZSmiF9Fn3W3Cf8vaLcMEb2a
/oq0lyZmv20+H43a1P6q13nJpr+hO+Rp5MgkV+Kak4xVi7q2Ha+p3J1bbAQiPqPS
JfdJhrKj3K9u6n2J6NHoPthPDR/QOVrufs+bDKk0Ddicij0H1TUDWavud5krFE70
nqdUJquYQGuAGwVrPQTP68HEovHfds0iyCw+Xv59FRRrO2SkN/2aZfuzt/HQzrzh
USaFTsKMzEde/xB+Cr8dAhN3AUckhs6lyUEuoH4EboZWR31wogwRRGtHyvn3g3j7
0nOFsf/XjUELVp3jNxrimK9GpsmI7r9h15P+UUBk+xLkgJRt4ZdADo0=
-----END CERTIFICATE-----
Generated at Sun Apr 27 02:22:03 2025 by rpki-client