Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/37372e3234362e3234302e302f32342d3234203d3e203133333437.roa
File: 37372e3234362e3234302e302f32342d3234203d3e203133333437.roa (raw, json)
Hash identifier: 8dmyIVl1xfWSQlImAzdtHKnEErtwf9VZhG0c0l+lwWM=
Subject key identifier: C5:CB:C9:77:DA:E3:37:63:15:A3:F1:11:B5:60:B2:1D:E7:7F:CC:03
Certificate issuer: /CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Certificate serial: 5194228D5723913C8ACCC8C616D00FB86174F698
Authority key identifier: FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/37372e3234362e3234302e302f32342d3234203d3e203133333437.roa
Signing time: Thu 27 Mar 2025 14:57:46 +0000
ROA not before: Thu 27 Mar 2025 14:52:46 +0000
ROA not after: Thu 26 Mar 2026 14:57:46 +0000
asID: 13347
IP address blocks: 77.246.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.mft
rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:18:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:94:22:8d:57:23:91:3c:8a:cc:c8:c6:16:d0:0f:b8:61:74:f6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff426f19ba67bc89de5ae6df487c1c8c1e752e27
Validity
Not Before: Mar 27 14:52:46 2025 GMT
Not After : Mar 26 14:57:46 2026 GMT
Subject: CN=C5CBC977DAE3376315A3F111B560B21DE77FCC03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f7:72:ce:9b:ef:c4:ef:a2:bf:9d:18:65:76:
97:02:50:7b:10:36:b8:26:50:d8:c8:c0:d1:06:ea:
e2:7b:47:76:ea:e6:94:97:67:5e:4c:3a:73:ea:3a:
d0:d6:c9:b2:18:ee:59:17:5c:27:77:77:70:e3:72:
e6:a2:96:2b:bb:98:e7:e2:94:c9:e8:cf:0f:a2:53:
df:fe:99:2c:e4:09:1b:fa:3c:9f:48:89:6a:f0:4c:
47:7c:59:d6:c9:03:49:6b:ac:58:b3:48:08:2d:ad:
61:b5:56:e9:42:6a:8a:18:f5:39:59:c7:28:2e:42:
a0:93:12:5e:19:52:08:3b:bd:76:0d:8d:c2:78:81:
78:31:3d:24:e7:03:43:a1:77:27:a0:96:2c:f3:01:
99:f3:94:7c:be:2c:29:07:af:38:a9:83:ea:ae:44:
ed:9c:a4:75:e7:0b:99:5b:32:79:fd:cf:fc:6b:57:
30:22:76:e9:4d:77:7a:1c:f0:5a:ec:eb:3f:12:89:
21:8c:c0:d0:e7:28:97:75:3d:fe:ad:ce:56:21:bb:
7c:cb:5e:6c:b5:a5:5e:be:71:d3:fe:71:27:ac:95:
6e:59:fa:47:54:f4:70:7e:77:8e:5e:8b:57:d6:08:
42:28:32:f1:59:ec:a2:39:5b:80:a9:cd:f3:30:6f:
9b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CB:C9:77:DA:E3:37:63:15:A3:F1:11:B5:60:B2:1D:E7:7F:CC:03
X509v3 Authority Key Identifier:
keyid:FF:42:6F:19:BA:67:BC:89:DE:5A:E6:DF:48:7C:1C:8C:1E:75:2E:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/FF426F19BA67BC89DE5AE6DF487C1C8C1E752E27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0JvGbpnvIneWubfSHwcjB51Lic.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/468b081e-ba93-465f-9b6e-7fbd63bdff63/0/37372e3234362e3234302e302f32342d3234203d3e203133333437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.240.0/24
Signature Algorithm: sha256WithRSAEncryption
24:b3:0d:b6:2f:7b:01:6d:d8:32:29:3a:3c:2b:26:2f:70:21:
1c:c8:eb:fb:0a:16:5e:01:0b:91:6d:e7:7d:ba:8f:6a:66:1d:
74:d5:89:e7:02:88:02:e6:ec:db:21:12:3b:6e:e5:7b:f3:16:
5b:f0:19:b3:c5:c0:6c:01:9e:1a:42:23:f3:73:02:1c:19:89:
24:6e:fe:06:e8:48:24:8b:c3:98:e3:56:71:72:e7:56:1e:79:
4d:8f:0a:b9:7c:b1:ab:c5:28:b4:25:57:69:d2:0e:b6:b8:0a:
ec:a8:26:ab:3d:a0:75:bf:3a:68:6c:51:52:0c:56:7e:77:f4:
59:b6:3c:11:e8:1a:19:2e:c6:ff:4c:f6:da:f5:a4:f0:74:a7:
40:e5:bd:ba:09:57:62:fb:50:38:ea:93:3d:81:37:67:52:82:
37:06:45:e0:4f:86:41:6c:0f:b0:01:24:30:9c:45:39:23:67:
23:c3:97:6c:c2:2d:ec:9c:8e:a0:32:73:50:04:9d:3a:77:97:
99:69:e5:c4:00:e0:13:f9:8e:60:2f:98:c6:11:60:ec:36:3b:
4d:19:5a:6b:f0:14:8b:b3:bf:70:91:9f:f4:ec:57:1e:99:d5:
f7:69:ee:a9:86:ef:ce:84:ce:85:74:ec:99:2e:b2:7b:26:b7:
df:4f:2f:33
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUZQijVcjkTyKzMjGFtAPuGF09pgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZmY0MjZmMTliYTY3YmM4OWRlNWFlNmRmNDg3YzFjOGMx
ZTc1MmUyNzAeFw0yNTAzMjcxNDUyNDZaFw0yNjAzMjYxNDU3NDZaMDMxMTAvBgNV
BAMTKEM1Q0JDOTc3REFFMzM3NjMxNUEzRjExMUI1NjBCMjFERTc3RkNDMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF93LOm+/E76K/nRhldpcCUHsQ
NrgmUNjIwNEG6uJ7R3bq5pSXZ15MOnPqOtDWybIY7lkXXCd3d3Djcuailiu7mOfi
lMnozw+iU9/+mSzkCRv6PJ9IiWrwTEd8WdbJA0lrrFizSAgtrWG1VulCaooY9TlZ
xyguQqCTEl4ZUgg7vXYNjcJ4gXgxPSTnA0OhdyeglizzAZnzlHy+LCkHrzipg+qu
RO2cpHXnC5lbMnn9z/xrVzAidulNd3oc8Frs6z8SiSGMwNDnKJd1Pf6tzlYhu3zL
Xmy1pV6+cdP+cSeslW5Z+kdU9HB+d45ei1fWCEIoMvFZ7KI5W4CpzfMwb5vXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxcvJd9rjN2MVo/ERtWCyHed/zAMwHwYDVR0j
BBgwFoAU/0JvGbpnvIneWubfSHwcjB51LicwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUtYmE5My00NjVmLTliNmUtN2ZiZDYzYmRm
ZjYzLzAvRkY0MjZGMTlCQTY3QkM4OURFNUFFNkRGNDg3QzFDOEMxRTc1MkUyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL18wSnZHYnBudkluZVd1YmZTSHdjakI1
MUxpYy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDY4YjA4MWUt
YmE5My00NjVmLTliNmUtN2ZiZDYzYmRmZjYzLzAvMzczNzJlMzIzNDM2MmUzMjM0
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzMzNDM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
TfbwMA0GCSqGSIb3DQEBCwUAA4IBAQAksw22L3sBbdgyKTo8KyYvcCEcyOv7ChZe
AQuRbed9uo9qZh101YnnAogC5uzbIRI7buV78xZb8BmzxcBsAZ4aQiPzcwIcGYkk
bv4G6Egki8OY41ZxcudWHnlNjwq5fLGrxSi0JVdp0g62uArsqCarPaB1vzpobFFS
DFZ+d/RZtjwR6BoZLsb/TPba9aTwdKdA5b26CVdi+1A46pM9gTdnUoI3BkXgT4ZB
bA+wASQwnEU5I2cjw5dswi3snI6gMnNQBJ06d5eZaeXEAOAT+Y5gL5jGEWDsNjtN
GVpr8BSLs79wkZ/07FcemdX3ae6phu/OhM6FdOyZLrJ7JrffTy8z
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:28:05 2025 by rpki-client