Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235342e302f32342d3234203d3e203633313939.roa
File: 38322e3139382e3235342e302f32342d3234203d3e203633313939.roa (raw, json)
Hash identifier: 3vv8KmwQWzGlSK3Qtr8EX+7vt3VahzuhjvexXycSCb4=
Subject key identifier: 94:E7:56:98:98:FF:9D:B5:F6:AD:F4:07:82:BB:4F:58:88:A5:F6:69
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3D33FBCB979E1DD91FBD9088DF529C0F5917BB6F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235342e302f32342d3234203d3e203633313939.roa
Signing time: Tue 30 Sep 2025 11:33:36 +0000
ROA not before: Tue 30 Sep 2025 11:28:36 +0000
ROA not after: Tue 29 Sep 2026 11:33:36 +0000
asID: 63199
IP address blocks: 82.198.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:33:fb:cb:97:9e:1d:d9:1f:bd:90:88:df:52:9c:0f:59:17:bb:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 30 11:28:36 2025 GMT
Not After : Sep 29 11:33:36 2026 GMT
Subject: CN=94E7569898FF9DB5F6ADF40782BB4F5888A5F669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ac:65:c8:ab:af:04:98:7d:7e:7d:51:42:14:
68:8f:49:0b:90:e6:4f:bc:2f:cb:af:84:5a:56:5f:
06:f4:bc:55:d9:05:48:b3:e3:1d:cb:be:b5:c7:42:
e5:c9:d6:e1:c9:cc:56:97:fe:d0:72:2c:e4:fe:b3:
06:20:d5:46:d6:0d:7a:34:5b:9f:43:77:a6:42:df:
a9:30:55:4e:2d:ff:af:93:d5:88:9b:c1:45:1e:04:
60:6f:96:6e:26:a7:da:9a:24:b5:d7:6f:7a:d6:c9:
ea:da:59:d2:d6:ee:1a:7f:e8:20:7f:14:86:7a:43:
22:4b:a9:1b:d0:64:19:8b:cc:84:e9:ab:df:a3:7a:
70:3a:88:49:a9:84:01:5a:db:04:d5:d6:0a:15:8c:
ab:81:2f:6c:d2:96:cf:fe:94:92:6b:68:62:d8:6b:
ba:10:3a:cc:47:e7:55:29:fc:82:31:64:bb:ea:6d:
bf:92:8b:fb:a1:dc:b2:c8:6a:d0:5d:5c:61:a6:d0:
f7:9c:ea:d2:ce:e9:06:f4:6b:80:24:f1:84:2d:0f:
ea:91:08:2f:76:c3:02:36:4a:1c:ec:ec:83:f4:3b:
77:ac:b8:dd:e8:87:74:5e:0d:2b:a3:10:35:54:10:
80:97:24:07:ce:3b:bb:3d:1c:56:d6:e5:59:37:b5:
80:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E7:56:98:98:FF:9D:B5:F6:AD:F4:07:82:BB:4F:58:88:A5:F6:69
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235342e302f32342d3234203d3e203633313939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.198.254.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:c1:fa:45:20:c0:27:e6:66:e1:53:62:12:07:95:e2:a0:82:
b2:73:41:fa:ed:b0:c6:f0:1c:69:b0:f4:5d:ba:70:d6:5d:a0:
e0:1e:77:ea:b5:2d:c1:c2:b5:1c:f1:9a:7e:3c:9e:ce:bc:a4:
64:00:5d:ae:7c:f8:fb:a6:94:f6:74:7c:fd:68:c0:d4:81:85:
7b:4e:d0:54:7d:ae:0e:71:ca:de:62:b9:16:05:a1:b0:d7:7e:
a6:63:bb:43:27:96:16:57:c2:14:9d:c8:49:3f:8f:5c:3d:12:
b0:fe:90:5a:e3:97:d6:6d:fc:cf:02:ab:06:a5:32:16:c6:b1:
ac:f4:86:48:cf:ef:8d:b3:0a:b0:80:88:4c:48:32:26:83:bd:
8e:6f:30:07:e1:a8:3b:39:d4:8e:b4:ec:bf:aa:d8:10:8c:c4:
d7:3a:bf:11:17:12:45:0a:8b:f5:f3:cc:5a:60:33:0f:f3:f6:
8a:7e:1f:a3:33:54:6b:5f:dd:61:5d:03:e3:30:a0:10:07:dc:
78:62:c4:68:68:7d:1f:2b:0f:13:4b:27:33:2f:a6:bf:d0:2c:
87:98:4f:68:8c:ba:3d:54:8c:61:f5:96:6e:71:96:03:f7:d1:
89:fb:10:3d:0a:5b:5b:be:c9:2c:13:72:ec:f3:03:e5:3f:99:
3c:d6:6a:02
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPTP7y5eeHdkfvZCI31KcD1kXu28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MzAxMTI4MzZaFw0yNjA5MjkxMTMzMzZaMDMxMTAvBgNV
BAMTKDk0RTc1Njk4OThGRjlEQjVGNkFERjQwNzgyQkI0RjU4ODhBNUY2NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVrGXIq68EmH1+fVFCFGiPSQuQ
5k+8L8uvhFpWXwb0vFXZBUiz4x3LvrXHQuXJ1uHJzFaX/tByLOT+swYg1UbWDXo0
W59Dd6ZC36kwVU4t/6+T1YibwUUeBGBvlm4mp9qaJLXXb3rWyeraWdLW7hp/6CB/
FIZ6QyJLqRvQZBmLzITpq9+jenA6iEmphAFa2wTV1goVjKuBL2zSls/+lJJraGLY
a7oQOsxH51Up/IIxZLvqbb+Si/uh3LLIatBdXGGm0Pec6tLO6Qb0a4Ak8YQtD+qR
CC92wwI2Shzs7IP0O3esuN3oh3ReDSujEDVUEICXJAfOO7s9HFbW5Vk3tYB3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlOdWmJj/nbX2rfQHgrtPWIil9mkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM4MmUzMjM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzEzOTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Usb+MA0GCSqGSIb3DQEBCwUAA4IBAQBLwfpFIMAn5mbhU2ISB5XioIKyc0H67bDG
8BxpsPRdunDWXaDgHnfqtS3BwrUc8Zp+PJ7OvKRkAF2ufPj7ppT2dHz9aMDUgYV7
TtBUfa4OccreYrkWBaGw136mY7tDJ5YWV8IUnchJP49cPRKw/pBa45fWbfzPAqsG
pTIWxrGs9IZIz++NswqwgIhMSDImg72ObzAH4ag7OdSOtOy/qtgQjMTXOr8RFxJF
Cov188xaYDMP8/aKfh+jM1RrX91hXQPjMKAQB9x4YsRoaH0fKw8TSyczL6a/0CyH
mE9ojLo9VIxh9ZZucZYD99GJ+xA9CltbvsksE3Ls8wPlP5k81moC
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:00 2025 by rpki-client