Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/37372e3234342e3132382e302f32302d3230203d3e203432363839.roa
File: 37372e3234342e3132382e302f32302d3230203d3e203432363839.roa (raw, json)
Hash identifier: 4q1LykYrZ6pVbmqZkPQ8KI0eDYY9csdSSS59OnW/Z4A=
Subject key identifier: A8:AD:D6:22:AE:98:65:F0:2F:41:8F:FE:DC:6B:EB:64:2A:0A:4C:58
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 7C0E91EC0E6430CF6716B0E90CD1E389C2FEE9AD
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/37372e3234342e3132382e302f32302d3230203d3e203432363839.roa
Signing time: Tue 18 Feb 2025 11:21:32 +0000
ROA not before: Tue 18 Feb 2025 11:16:32 +0000
ROA not after: Tue 17 Feb 2026 11:21:32 +0000
asID: 42689
IP address blocks: 77.244.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.mft
rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 23:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:0e:91:ec:0e:64:30:cf:67:16:b0:e9:0c:d1:e3:89:c2:fe:e9:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Feb 18 11:16:32 2025 GMT
Not After : Feb 17 11:21:32 2026 GMT
Subject: CN=A8ADD622AE9865F02F418FFEDC6BEB642A0A4C58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:95:96:50:94:7d:3f:c0:cb:d4:8a:0e:1d:72:
ab:bf:a6:24:40:71:42:57:5d:c8:2b:60:42:45:f9:
1c:a7:33:be:98:49:45:80:c6:e9:8f:2f:b4:3a:9c:
60:19:4d:cd:96:b7:60:8c:ae:bb:7e:48:e5:15:b2:
92:1c:91:43:ae:f1:6b:fb:59:48:15:2c:16:78:1a:
6a:d9:38:8b:cb:32:80:88:5e:df:56:0c:df:85:da:
8b:01:1f:67:95:99:5f:27:e8:99:04:92:65:14:46:
21:22:77:46:33:cb:a4:23:c6:75:c9:cb:3c:09:f0:
c8:ff:ad:88:36:0d:27:85:30:aa:61:ec:9b:42:e7:
22:9d:07:9b:81:55:6d:68:60:f1:87:80:c5:09:c0:
ae:11:c6:82:11:15:8c:f1:80:37:a4:a9:5e:87:e6:
2b:07:a1:35:e0:72:ad:9e:66:99:04:3d:3d:90:e1:
73:5f:1c:3d:2d:51:51:63:5a:ad:9b:cc:1b:d1:ea:
59:cd:5b:36:9d:06:96:0c:c8:c2:a8:a1:b5:74:a9:
c3:68:ad:ff:b5:9a:ed:69:18:31:fd:ca:10:a2:61:
95:6f:4e:d2:e6:09:5d:42:60:2c:ac:73:73:5f:c1:
aa:8f:e9:71:29:3f:fc:ea:c3:c9:b6:3d:c7:84:7c:
5c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:AD:D6:22:AE:98:65:F0:2F:41:8F:FE:DC:6B:EB:64:2A:0A:4C:58
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/37372e3234342e3132382e302f32302d3230203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.244.128.0/20
Signature Algorithm: sha256WithRSAEncryption
89:61:5e:11:7f:b8:fb:0e:2e:23:32:ce:7b:26:a2:09:ac:f3:
1e:3b:1e:75:89:ed:34:d8:90:5e:5a:bb:2b:08:d6:50:18:11:
75:44:40:c3:68:00:1f:ad:c9:5e:87:a3:ac:57:e9:ba:03:d8:
3c:97:cd:b1:2e:04:fd:96:99:84:8b:15:fa:c7:73:43:c6:bd:
74:b4:ec:d7:a4:f2:62:f4:66:09:39:4a:b6:c8:ac:78:73:f3:
b5:56:d4:61:b8:20:ed:cb:14:81:45:2b:62:74:90:6c:39:41:
c8:9d:b7:f7:37:d8:69:47:ce:ad:dd:3e:62:c9:95:85:87:c3:
ff:1f:cd:e4:57:2f:95:9d:33:96:64:ff:e7:00:d0:23:84:d7:
ec:57:3a:45:b9:52:92:ee:b2:6e:83:ee:2a:69:37:94:89:95:
13:bf:5c:f1:e3:2c:88:55:cd:15:47:39:e0:88:d4:d2:70:f8:
df:09:02:c4:8b:0b:1a:de:9d:d2:7d:f9:4e:90:fa:a8:2b:33:
c3:4b:cc:e5:e3:bd:d3:81:50:b2:33:bb:0d:63:57:10:21:76:
42:ee:e6:be:f7:b6:66:06:16:bd:bc:66:04:1e:6f:9f:1b:0d:
6a:42:40:7f:13:75:d7:03:55:a2:b8:c6:55:39:ab:6e:be:07:
93:a6:2a:e6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfA6R7A5kMM9nFrDpDNHjicL+6a0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNTAyMTgxMTE2MzJaFw0yNjAyMTcxMTIxMzJaMDMxMTAvBgNV
BAMTKEE4QURENjIyQUU5ODY1RjAyRjQxOEZGRURDNkJFQjY0MkEwQTRDNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzlZZQlH0/wMvUig4dcqu/piRA
cUJXXcgrYEJF+RynM76YSUWAxumPL7Q6nGAZTc2Wt2CMrrt+SOUVspIckUOu8Wv7
WUgVLBZ4GmrZOIvLMoCIXt9WDN+F2osBH2eVmV8n6JkEkmUURiEid0Yzy6QjxnXJ
yzwJ8Mj/rYg2DSeFMKph7JtC5yKdB5uBVW1oYPGHgMUJwK4RxoIRFYzxgDekqV6H
5isHoTXgcq2eZpkEPT2Q4XNfHD0tUVFjWq2bzBvR6lnNWzadBpYMyMKoobV0qcNo
rf+1mu1pGDH9yhCiYZVvTtLmCV1CYCysc3NfwaqP6XEpP/zqw8m2PceEfFxJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqK3WIq6YZfAvQY/+3GvrZCoKTFgwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzczNzJlMzIzNDM0MmUzMTMy
MzgyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
TfSAMA0GCSqGSIb3DQEBCwUAA4IBAQCJYV4Rf7j7Di4jMs57JqIJrPMeOx51ie00
2JBeWrsrCNZQGBF1REDDaAAfrcleh6OsV+m6A9g8l82xLgT9lpmEixX6x3NDxr10
tOzXpPJi9GYJOUq2yKx4c/O1VtRhuCDtyxSBRStidJBsOUHInbf3N9hpR86t3T5i
yZWFh8P/H83kVy+VnTOWZP/nANAjhNfsVzpFuVKS7rJug+4qaTeUiZUTv1zx4yyI
Vc0VRzngiNTScPjfCQLEiwsa3p3SfflOkPqoKzPDS8zl473TgVCyM7sNY1cQIXZC
7ua+97ZmBha9vGYEHm+fGw1qQkB/E3XXA1WiuMZVOatuvgeTpirm
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:51:08 2025 by rpki-client