Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138322e302f32342d3234203d3e20313431303339.roa
File: 38332e3133362e3138322e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: uJgkcHo9DPHTmQt9dvIEkp8TWLoWEHmy4KGZCIlSyI4=
Subject key identifier: 8E:50:9D:D3:AE:E7:78:EE:C5:81:5B:09:A5:96:16:39:2E:2C:62:DC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1AF77593F9ACDC36F18A7E491931B44FD16B818D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138322e302f32342d3234203d3e20313431303339.roa
Signing time: Fri 22 Aug 2025 14:47:11 +0000
ROA not before: Fri 22 Aug 2025 14:42:11 +0000
ROA not after: Fri 21 Aug 2026 14:47:11 +0000
asID: 141039
IP address blocks: 83.136.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:f7:75:93:f9:ac:dc:36:f1:8a:7e:49:19:31:b4:4f:d1:6b:81:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:11 2025 GMT
Not After : Aug 21 14:47:11 2026 GMT
Subject: CN=8E509DD3AEE778EEC5815B09A59616392E2C62DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cd:c1:ca:af:7e:1f:b1:1b:aa:9d:19:dc:39:
67:13:e9:e9:9d:72:39:06:e1:2d:ef:01:8f:6c:fb:
e7:f2:f9:51:8f:96:de:72:c5:9e:6a:df:cf:00:e6:
29:3a:f8:ee:98:06:ec:52:7d:bb:58:66:ec:fd:61:
03:3b:22:e1:76:0f:5b:2e:4f:2b:26:bb:b1:25:82:
65:c6:e1:71:5a:db:75:df:c0:f6:62:e0:7e:f6:47:
cb:ac:29:b8:3f:86:99:4e:b6:8d:43:8e:f0:bb:57:
15:81:26:3c:b3:b6:4c:70:45:5a:68:01:21:b2:31:
1b:3f:9c:5e:e8:c7:49:98:c0:c5:98:3b:30:38:80:
1c:6f:2d:fa:21:cf:83:20:c9:f3:14:04:a7:97:63:
d1:c9:9d:5d:49:34:c1:9d:56:bc:1f:74:06:e9:f4:
b8:a6:a0:66:05:68:ce:65:5e:34:ae:b6:f3:81:47:
83:87:fe:14:01:7f:c7:46:02:6a:3e:bb:d3:8f:a0:
ae:55:5d:7f:d3:27:7f:96:7d:1d:5a:27:97:41:f4:
5a:3f:e9:41:44:4f:f6:e7:e0:06:24:7c:0f:74:ff:
1c:05:6e:4e:da:ac:9a:2e:99:16:65:01:19:d1:08:
ed:da:03:a5:fb:d8:32:2e:77:66:37:fc:5e:24:17:
29:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:50:9D:D3:AE:E7:78:EE:C5:81:5B:09:A5:96:16:39:2E:2C:62:DC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38332e3133362e3138322e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.182.0/24
Signature Algorithm: sha256WithRSAEncryption
98:0e:48:f1:69:ff:56:c4:02:46:b7:21:69:bf:e8:ab:5e:1f:
e7:95:6d:85:41:87:54:a5:72:c4:ed:0b:2c:d0:6b:31:15:19:
66:50:ec:21:d0:95:b9:3b:5c:fd:22:eb:85:75:33:37:fc:6c:
35:7e:4e:42:57:fb:f7:28:69:f1:e5:73:4a:e3:40:a4:7e:cd:
6c:50:98:c1:4e:d4:48:c2:ea:e0:c9:26:bd:3d:8a:5e:2a:e4:
88:db:40:36:ae:74:94:df:34:4b:6b:99:d0:2e:83:31:f1:e3:
2f:70:37:fa:0f:2b:ab:0e:c2:84:7c:97:f1:d9:00:b1:e8:94:
c6:99:cf:95:e7:b6:9a:0a:29:62:43:3d:b4:28:28:0a:a1:c4:
24:be:fb:41:41:39:8c:ab:ab:67:d4:3b:14:61:e5:27:cd:a0:
60:a7:dd:53:31:48:e0:31:f5:04:37:e5:50:34:5c:01:61:d1:
ec:11:d2:57:2a:44:09:53:34:02:15:06:49:c3:ec:63:39:27:
04:a4:65:b9:52:6b:9a:a4:8a:f5:49:04:0f:1f:ba:8c:95:76:
e8:7b:df:e8:8b:2a:27:4c:7b:05:3a:23:84:a3:4a:fc:f7:5b:
bd:42:c4:df:1f:f7:63:68:78:35:9d:a9:8c:a1:93:b0:d5:13:
50:7a:f7:46
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGvd1k/ms3Dbxin5JGTG0T9FrgY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTFaFw0yNjA4MjExNDQ3MTFaMDMxMTAvBgNV
BAMTKDhFNTA5REQzQUVFNzc4RUVDNTgxNUIwOUE1OTYxNjM5MkUyQzYyREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtzcHKr34fsRuqnRncOWcT6emd
cjkG4S3vAY9s++fy+VGPlt5yxZ5q388A5ik6+O6YBuxSfbtYZuz9YQM7IuF2D1su
Tysmu7ElgmXG4XFa23XfwPZi4H72R8usKbg/hplOto1DjvC7VxWBJjyztkxwRVpo
ASGyMRs/nF7ox0mYwMWYOzA4gBxvLfohz4MgyfMUBKeXY9HJnV1JNMGdVrwfdAbp
9LimoGYFaM5lXjSutvOBR4OH/hQBf8dGAmo+u9OPoK5VXX/TJ3+WfR1aJ5dB9Fo/
6UFET/bn4AYkfA90/xwFbk7arJoumRZlARnRCO3aA6X72DIud2Y3/F4kFykNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjlCd067neO7FgVsJpZYWOS4sYtwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMzJlMzEzMzM2MmUzMTM4
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzMDMzMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABTiLYwDQYJKoZIhvcNAQELBQADggEBAJgOSPFp/1bEAka3IWm/6KteH+eVbYVB
h1SlcsTtCyzQazEVGWZQ7CHQlbk7XP0i64V1Mzf8bDV+TkJX+/coafHlc0rjQKR+
zWxQmMFO1EjC6uDJJr09il4q5IjbQDaudJTfNEtrmdAugzHx4y9wN/oPK6sOwoR8
l/HZALHolMaZz5XntpoKKWJDPbQoKAqhxCS++0FBOYyrq2fUOxRh5SfNoGCn3VMx
SOAx9QQ35VA0XAFh0ewR0lcqRAlTNAIVBknD7GM5JwSkZblSa5qkivVJBA8fuoyV
duh73+iLKidMewU6I4SjSvz3W71CxN8f92NoeDWdqYyhk7DVE1B690Y=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:45:24 2025 by rpki-client