Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3230382e34382e302f32342d3332203d3e203531313637.roa
File: 38352e3230382e34382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: afsOZiP426Di6OLCSYa4guzqvQVX0m9JGU42DEMXnL8=
Subject key identifier: D8:80:15:85:EF:8E:0E:6F:76:C2:0B:88:6E:B4:4F:91:45:EF:D9:44
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7B2AC813F8E7EC60E03A97415DA60E36CD74BADF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3230382e34382e302f32342d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:22 +0000
ROA not before: Fri 22 Aug 2025 14:42:22 +0000
ROA not after: Fri 21 Aug 2026 14:47:22 +0000
asID: 51167
IP address blocks: 85.208.48.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:2a:c8:13:f8:e7:ec:60:e0:3a:97:41:5d:a6:0e:36:cd:74:ba:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:22 2025 GMT
Not After : Aug 21 14:47:22 2026 GMT
Subject: CN=D8801585EF8E0E6F76C20B886EB44F9145EFD944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:37:fa:9c:c6:2e:07:3b:15:12:7d:4f:be:b3:
d6:a8:cb:78:9d:a9:8f:10:81:92:b2:76:6b:52:85:
30:6a:1e:c9:42:3e:17:d8:ca:08:84:ef:c8:61:d2:
d0:f1:80:a2:83:b6:ac:50:f6:01:b4:f7:5a:4a:43:
cf:0b:c3:e1:e0:7d:b3:0e:19:70:d3:14:db:e5:2d:
1d:8e:5e:03:c5:b2:3b:f0:1d:e1:6c:04:c5:26:54:
2d:e1:91:6e:bc:4e:53:ab:a1:0c:1c:30:e8:39:a7:
f3:af:eb:ac:ba:cd:30:8e:a6:29:2b:a8:59:0d:15:
dd:f9:e5:b7:5c:9e:61:28:77:8e:04:45:4c:8b:f7:
1f:40:3d:84:e4:1b:ff:90:33:07:f3:a4:2a:72:39:
8d:23:a6:84:7d:56:82:09:e0:9d:71:c8:10:07:1c:
72:c7:87:39:33:ab:da:d7:f4:8e:41:b8:4b:86:ad:
c4:72:c8:3f:e3:6b:c4:96:98:a4:45:e5:89:f4:68:
20:76:2c:73:2c:7f:14:3c:d8:e2:12:17:57:e1:56:
0a:6e:de:b0:cc:fd:60:aa:b1:9d:26:3b:d5:fc:94:
2a:7c:1f:f4:bd:a3:fa:06:e5:90:7f:fc:76:55:f0:
bf:6c:4e:9c:cf:24:98:6e:d5:d7:94:35:5c:60:6a:
bf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:80:15:85:EF:8E:0E:6F:76:C2:0B:88:6E:B4:4F:91:45:EF:D9:44
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3230382e34382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.48.0/24
Signature Algorithm: sha256WithRSAEncryption
66:03:ec:cf:9f:ec:18:fb:e3:b6:35:e6:8c:38:b2:f5:15:51:
c1:04:20:93:45:39:9b:e9:e2:f6:eb:0a:e5:35:ea:31:7b:95:
56:ac:27:d7:ec:ad:e8:b8:dd:18:6b:a7:96:9e:34:3c:7b:92:
53:33:00:0a:62:18:c6:2f:df:a5:f7:fc:36:43:05:91:74:19:
3c:da:3b:da:d5:17:1b:15:6c:e6:2a:9c:51:4c:02:69:5f:ee:
e9:50:85:93:55:99:6c:64:26:b0:69:79:a5:ad:6a:bc:1e:5b:
61:71:b4:e9:98:a9:7b:11:1c:ed:83:01:60:11:36:3d:d5:cb:
45:1e:83:e9:6f:69:ad:ad:5e:fc:f7:56:32:3c:bd:6d:6f:78:
0d:cf:14:fc:63:7a:f4:c4:e9:78:6a:3c:a5:6c:0b:2a:9c:a4:
94:2c:46:8f:84:90:7a:b7:7c:9e:88:f1:a6:13:d5:94:c7:af:
ee:49:e8:a5:87:0c:5d:86:e2:6b:5a:b6:e0:d4:aa:59:94:4f:
40:df:19:a7:e4:6e:e7:3e:06:9f:69:8e:ea:fe:5d:fe:7d:1c:
e7:ef:13:d5:8f:ea:75:7c:36:04:5f:6f:5d:b8:0e:41:49:6b:
ae:48:b1:1a:7a:ee:9a:05:af:13:36:12:b4:8c:ca:ec:a8:f4:
03:82:e1:ce
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeyrIE/jn7GDgOpdBXaYONs10ut8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMjJaFw0yNjA4MjExNDQ3MjJaMDMxMTAvBgNV
BAMTKEQ4ODAxNTg1RUY4RTBFNkY3NkMyMEI4ODZFQjQ0RjkxNDVFRkQ5NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpN/qcxi4HOxUSfU++s9aoy3id
qY8QgZKydmtShTBqHslCPhfYygiE78hh0tDxgKKDtqxQ9gG091pKQ88Lw+HgfbMO
GXDTFNvlLR2OXgPFsjvwHeFsBMUmVC3hkW68TlOroQwcMOg5p/Ov66y6zTCOpikr
qFkNFd355bdcnmEod44ERUyL9x9APYTkG/+QMwfzpCpyOY0jpoR9VoIJ4J1xyBAH
HHLHhzkzq9rX9I5BuEuGrcRyyD/ja8SWmKRF5Yn0aCB2LHMsfxQ82OISF1fhVgpu
3rDM/WCqsZ0mO9X8lCp8H/S9o/oG5ZB//HZV8L9sTpzPJJhu1deUNVxgar8hAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2IAVhe+ODm92wguIbrRPkUXv2UQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMDM4MmUzNDM4
MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXQ
MDANBgkqhkiG9w0BAQsFAAOCAQEAZgPsz5/sGPvjtjXmjDiy9RVRwQQgk0U5m+ni
9usK5TXqMXuVVqwn1+yt6LjdGGunlp40PHuSUzMACmIYxi/fpff8NkMFkXQZPNo7
2tUXGxVs5iqcUUwCaV/u6VCFk1WZbGQmsGl5pa1qvB5bYXG06ZipexEc7YMBYBE2
PdXLRR6D6W9pra1e/PdWMjy9bW94Dc8U/GN69MTpeGo8pWwLKpyklCxGj4SQerd8
nojxphPVlMev7knopYcMXYbia1q24NSqWZRPQN8Zp+Ru5z4Gn2mO6v5d/n0c5+8T
1Y/qdXw2BF9vXbgOQUlrrkixGnrumgWvEzYStIzK7Kj0A4Lhzg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:45:03 2025 by rpki-client