Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e332e302f32342d3234203d3e203135343139.roa
File: 38362e33382e332e302f32342d3234203d3e203135343139.roa (raw, json)
Hash identifier: 1jWpw+W9zeIRwNdxwEeWvA1uKZ5XVqeLW/yed0hU+d4=
Subject key identifier: 99:D3:09:CF:2C:FE:D6:13:DE:F2:AB:79:6F:36:08:29:C9:35:B9:08
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 273BF468391BE9F1AA8CFDE3D116B080A38B58
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e332e302f32342d3234203d3e203135343139.roa
Signing time: Fri 09 May 2025 09:37:54 +0000
ROA not before: Fri 09 May 2025 09:32:54 +0000
ROA not after: Fri 08 May 2026 09:37:54 +0000
asID: 15419
IP address blocks: 86.38.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 20:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:3b:f4:68:39:1b:e9:f1:aa:8c:fd:e3:d1:16:b0:80:a3:8b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: May 9 09:32:54 2025 GMT
Not After : May 8 09:37:54 2026 GMT
Subject: CN=99D309CF2CFED613DEF2AB796F360829C935B908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:10:a9:0e:61:4d:97:3f:e0:1e:ce:08:6b:70:
35:6a:1c:f3:1e:f9:34:cc:fd:0a:ed:9d:f6:df:c7:
4f:59:48:6c:21:2d:e6:b6:34:9b:12:8e:15:82:c6:
64:f0:74:06:0a:1e:97:f0:4d:13:b4:b6:f6:d0:f2:
6f:9f:1f:5b:bd:c9:98:dc:b3:24:a0:59:73:e1:28:
7c:32:5a:5e:22:96:38:7f:14:08:9e:7e:24:34:48:
69:17:01:90:ca:14:7a:2f:38:20:cd:ba:2b:ac:a7:
25:56:30:16:34:85:db:f8:2e:a0:c9:6b:9e:d9:fc:
06:04:6b:64:a9:fe:45:ec:4b:76:c1:50:91:d3:6c:
57:35:9e:7d:86:1b:8d:02:c8:d6:a7:1f:2c:8b:6c:
00:f3:4d:1f:15:44:2e:2e:89:00:7d:45:9c:09:aa:
a2:b9:2f:4a:8a:bb:5f:6a:39:c1:35:30:0d:e6:45:
1a:f8:21:ed:37:18:f4:88:cd:cc:39:65:9d:de:61:
94:5b:be:a4:3c:1d:9c:f0:50:42:cd:84:92:bf:c0:
54:67:d3:f0:7d:c4:df:ed:c0:b0:94:52:12:bb:cc:
aa:ee:24:7f:fb:bb:1f:64:e7:8e:61:54:93:c8:d5:
a6:84:6f:26:66:30:be:a9:d1:b0:e7:fe:90:4e:a2:
b6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D3:09:CF:2C:FE:D6:13:DE:F2:AB:79:6F:36:08:29:C9:35:B9:08
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38362e33382e332e302f32342d3234203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.3.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:e8:e0:0f:6f:b0:56:66:87:40:cb:aa:bb:68:83:21:5d:41:
a1:1a:15:a2:10:0a:84:3e:f8:6e:41:ea:8f:5b:81:07:bb:e2:
b0:2b:89:2a:a6:61:3a:7d:97:0b:13:34:6b:04:a0:ef:44:51:
9a:bd:7e:1a:e4:af:2c:b9:89:6f:96:44:bf:d2:e1:03:3f:92:
1f:d6:ca:15:25:2c:32:88:f0:67:dc:cb:52:fe:c3:ee:fc:e6:
6c:1c:eb:4e:ea:2c:7e:22:d5:99:e0:9c:0d:09:a3:8b:be:a8:
42:89:96:42:27:c5:07:02:6e:31:aa:98:3e:d2:c3:cc:85:10:
75:47:ea:87:ce:ca:fa:0b:0b:42:67:b9:5b:e9:15:dc:08:ca:
20:13:6a:21:e0:cb:bf:15:d6:b1:f1:59:1b:7c:4e:a9:f8:a9:
a5:6a:4f:52:fb:7a:8c:a6:82:48:95:e4:cc:6c:3e:6b:55:f2:
43:ae:7e:8c:e1:a5:84:92:a5:fa:5a:64:6e:c5:b3:d4:c2:f9:
40:9e:76:5f:7b:dd:73:63:e1:31:4f:43:7d:fb:b5:3a:cb:d8:
e5:c1:f1:44:5c:97:5b:32:fb:ad:6d:a0:9c:a5:1d:09:94:45:
47:0c:fe:47:15:0c:66:8c:c6:4f:aa:9c:9f:5e:da:ec:8d:08:
52:2b:b9:61
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgITJzv0aDkb6fGqjP3j0RawgKOLWDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg5ZGY4NTk5N2IxYjliMzU4ZTFjNDNmMzY3NjVhYTBhNGEw
MjE0NGFlMB4XDTI1MDUwOTA5MzI1NFoXDTI2MDUwODA5Mzc1NFowMzExMC8GA1UE
AxMoOTlEMzA5Q0YyQ0ZFRDYxM0RFRjJBQjc5NkYzNjA4MjlDOTM1QjkwODCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN0QqQ5hTZc/4B7OCGtwNWoc8x75
NMz9Cu2d9t/HT1lIbCEt5rY0mxKOFYLGZPB0Bgoel/BNE7S29tDyb58fW73JmNyz
JKBZc+EofDJaXiKWOH8UCJ5+JDRIaRcBkMoUei84IM26K6ynJVYwFjSF2/guoMlr
ntn8BgRrZKn+RexLdsFQkdNsVzWefYYbjQLI1qcfLItsAPNNHxVELi6JAH1FnAmq
orkvSoq7X2o5wTUwDeZFGvgh7TcY9IjNzDllnd5hlFu+pDwdnPBQQs2Ekr/AVGfT
8H3E3+3AsJRSErvMqu4kf/u7H2TnjmFUk8jVpoRvJmYwvqnRsOf+kE6itoUCAwEA
AaOCAjcwggIzMB0GA1UdDgQWBBSZ0wnPLP7WE97yq3lvNggpyTW5CDAfBgNVHSME
GDAWgBSd+FmXsbmzWOHEPzZ2WqCkoCFErjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS8wMDJlMGJhMy1mZTYwLTQ1YjEtOTE2MC04NjhhMmY4YTQz
YjEvMy85REY4NTk5N0IxQjlCMzU4RTFDNDNGMzY3NjVBQTBBNEEwMjE0NEFFLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvbmZoWmw3RzVzMWpoeEQ4MmRscWdwS0Fo
Uks0LmNlcjCBpwYIKwYBBQUHAQsEgZowgZcwgZQGCCsGAQUFBzALhoGHcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wMDJlMGJhMy1m
ZTYwLTQ1YjEtOTE2MC04NjhhMmY4YTQzYjEvMy8zODM2MmUzMzM4MmUzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzNDMxMzkucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABWJgMwDQYJ
KoZIhvcNAQELBQADggEBAK3o4A9vsFZmh0DLqrtogyFdQaEaFaIQCoQ++G5B6o9b
gQe74rAriSqmYTp9lwsTNGsEoO9EUZq9fhrkryy5iW+WRL/S4QM/kh/WyhUlLDKI
8Gfcy1L+w+785mwc607qLH4i1ZngnA0Jo4u+qEKJlkInxQcCbjGqmD7Sw8yFEHVH
6ofOyvoLC0JnuVvpFdwIyiATaiHgy78V1rHxWRt8Tqn4qaVqT1L7eoymgkiV5Mxs
PmtV8kOufozhpYSSpfpaZG7Fs9TC+UCedl973XNj4TFPQ337tTrL2OXB8URcl1sy
+61toJylHQmURUcM/kcVDGaMxk+qnJ9e2uyNCFIruWE=
-----END CERTIFICATE-----
Generated at Mon May 12 11:12:27 2025 by rpki-client