Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231372e302f32342d3234203d3e20323132353034.roa
File: 38332e3135302e3231372e302f32342d3234203d3e20323132353034.roa (raw, json)
Hash identifier: k8RY7QTEncAN/MOxUGAuMRRlssrdtl7ahwCsdlVrRY0=
Subject key identifier: E6:6D:F6:F2:97:0D:4E:9E:AD:00:BC:B2:2C:C0:4E:57:B0:49:7D:14
Certificate issuer: /CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Certificate serial: 59F4F796F3A63A634EF1D4B98BC4DFCAE5DC763F
Authority key identifier: 5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231372e302f32342d3234203d3e20323132353034.roa
Signing time: Mon 09 Jun 2025 18:54:09 +0000
ROA not before: Mon 09 Jun 2025 18:49:09 +0000
ROA not after: Mon 08 Jun 2026 18:54:09 +0000
asID: 212504
IP address blocks: 83.150.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.mft
rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:f4:f7:96:f3:a6:3a:63:4e:f1:d4:b9:8b:c4:df:ca:e5:dc:76:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e5179bb1757068d7028510feeb1177aa7cc8818
Validity
Not Before: Jun 9 18:49:09 2025 GMT
Not After : Jun 8 18:54:09 2026 GMT
Subject: CN=E66DF6F2970D4E9EAD00BCB22CC04E57B0497D14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:47:ba:a3:f7:28:a9:aa:ca:5a:00:e6:11:ac:
3c:a6:ff:72:4b:dd:6b:ad:15:af:23:7a:6f:8e:e2:
4b:e8:67:4c:14:83:7b:46:5e:77:62:52:c6:81:99:
17:c7:f3:04:0c:5a:19:d4:24:28:80:5d:f6:64:d8:
bc:93:06:d9:c1:8e:29:b6:a4:c1:12:26:78:92:a5:
92:f3:42:4f:24:fe:84:76:35:7f:25:3b:a0:a0:ad:
f7:1d:47:eb:53:ce:06:92:5c:b0:a3:89:ea:52:dc:
72:ce:09:a8:20:f7:86:07:30:d6:0b:e6:30:d9:b8:
2b:db:db:36:59:f5:26:26:c6:c4:5b:1e:66:7c:a8:
5c:25:c1:6d:54:62:a9:86:f4:47:e5:42:b9:0d:07:
b5:b7:ad:aa:54:7d:64:65:4b:dd:94:c0:c3:da:2f:
ae:cf:94:d1:4f:e6:79:40:d2:a2:cf:74:f3:c4:02:
5c:39:d5:46:cf:6b:e0:49:96:eb:94:77:e2:5c:88:
35:03:91:99:97:82:34:66:6e:29:bc:87:94:d0:ae:
88:27:27:33:bc:4b:1e:ea:99:0b:3b:cd:47:b5:77:
75:07:f7:cf:ba:91:b6:d6:75:a0:b2:e9:b0:fc:78:
df:79:11:4b:3e:2d:7e:ca:13:4c:6f:14:c2:55:48:
d0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:6D:F6:F2:97:0D:4E:9E:AD:00:BC:B2:2C:C0:4E:57:B0:49:7D:14
X509v3 Authority Key Identifier:
keyid:5E:51:79:BB:17:57:06:8D:70:28:51:0F:EE:B1:17:7A:A7:CC:88:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/5E5179BB1757068D7028510FEEB1177AA7CC8818.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlF5uxdXBo1wKFEP7rEXeqfMiBg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/83e4757f-d37f-4fd6-a69b-d74bdd6b87dc/0/38332e3135302e3231372e302f32342d3234203d3e20323132353034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.150.217.0/24
Signature Algorithm: sha256WithRSAEncryption
82:0d:6e:81:df:d4:91:76:21:7e:ea:7e:9b:63:59:9b:72:24:
16:06:ec:f3:41:a3:84:2d:c8:d0:dd:58:fc:85:4a:3f:b0:e5:
8a:b3:45:08:47:6a:66:1c:73:b1:8d:09:dd:dd:b7:43:78:e9:
e6:3a:e0:4a:8f:79:36:d5:a8:b8:61:1f:e0:68:b9:d7:4f:22:
1e:0d:e0:dd:d2:9a:e4:f2:f9:92:85:bf:d2:32:7e:81:1c:1a:
ea:eb:8e:a8:1e:fb:85:25:1d:f7:1a:4b:e6:7f:86:3b:96:1f:
ac:06:b6:a3:6d:65:41:15:0f:ca:36:b7:1e:b1:4b:c2:ed:f7:
14:58:0e:fa:79:60:41:61:ff:f3:e0:77:d9:c1:b0:14:3d:00:
46:e1:c6:e7:0c:28:05:ba:1a:45:00:41:93:0b:be:02:ab:ec:
fe:c7:93:12:d2:08:94:e7:14:a4:3b:65:e4:58:f9:b4:fc:51:
37:1c:7a:b2:5c:eb:16:d6:d1:6f:b7:c2:01:fd:84:6f:1f:5a:
66:e0:2f:59:7a:86:8e:98:7a:d2:d2:d7:fb:e9:ac:f2:d4:91:
95:71:b9:62:86:2e:12:f0:4d:0f:45:ae:a9:10:4d:04:4d:72:
32:85:2a:e3:c0:63:28:0c:fb:00:eb:ff:84:dc:7a:ec:59:61:
05:a9:97:40
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWfT3lvOmOmNO8dS5i8TfyuXcdj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWU1MTc5YmIxNzU3MDY4ZDcwMjg1MTBmZWViMTE3N2Fh
N2NjODgxODAeFw0yNTA2MDkxODQ5MDlaFw0yNjA2MDgxODU0MDlaMDMxMTAvBgNV
BAMTKEU2NkRGNkYyOTcwRDRFOUVBRDAwQkNCMjJDQzA0RTU3QjA0OTdEMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCR7qj9yipqspaAOYRrDym/3JL
3WutFa8jem+O4kvoZ0wUg3tGXndiUsaBmRfH8wQMWhnUJCiAXfZk2LyTBtnBjim2
pMESJniSpZLzQk8k/oR2NX8lO6CgrfcdR+tTzgaSXLCjiepS3HLOCagg94YHMNYL
5jDZuCvb2zZZ9SYmxsRbHmZ8qFwlwW1UYqmG9EflQrkNB7W3rapUfWRlS92UwMPa
L67PlNFP5nlA0qLPdPPEAlw51UbPa+BJluuUd+JciDUDkZmXgjRmbim8h5TQrogn
JzO8Sx7qmQs7zUe1d3UH98+6kbbWdaCy6bD8eN95EUs+LX7KE0xvFMJVSNDbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5m328pcNTp6tALyyLMBOV7BJfRQwHwYDVR0j
BBgwFoAUXlF5uxdXBo1wKFEP7rEXeqfMiBgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODNlNDc1N2YtZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4
N2RjLzAvNUU1MTc5QkIxNzU3MDY4RDcwMjg1MTBGRUVCMTE3N0FBN0NDODgxOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hsRjV1eGRYQm8xd0tGRVA3ckVYZXFm
TWlCZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODNlNDc1N2Yt
ZDM3Zi00ZmQ2LWE2OWItZDc0YmRkNmI4N2RjLzAvMzgzMzJlMzEzNTMwMmUzMjMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNTMwMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTltkwDQYJKoZIhvcNAQELBQADggEBAIINboHf1JF2IX7qfptjWZtyJBYG7PNB
o4QtyNDdWPyFSj+w5YqzRQhHamYcc7GNCd3dt0N46eY64EqPeTbVqLhhH+BouddP
Ih4N4N3SmuTy+ZKFv9IyfoEcGurrjqge+4UlHfcaS+Z/hjuWH6wGtqNtZUEVD8o2
tx6xS8Lt9xRYDvp5YEFh//Pgd9nBsBQ9AEbhxucMKAW6GkUAQZMLvgKr7P7HkxLS
CJTnFKQ7ZeRY+bT8UTccerJc6xbW0W+3wgH9hG8fWmbgL1l6ho6YetLS1/vprPLU
kZVxuWKGLhLwTQ9FrqkQTQRNcjKFKuPAYygM+wDr/4TceuxZYQWpl0A=
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:56:38 2025 by rpki-client