Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132322e302f32342d3234203d3e2037303138.roa
File: 37382e32342e3132322e302f32342d3234203d3e2037303138.roa (raw, json)
Hash identifier: RiGLyTpjx/lhYnZMR/g3INSwpo5JHGzbqqOnRRhQZa8=
Subject key identifier: 15:EC:47:FF:8D:90:41:A3:40:29:FA:69:77:3F:4A:4D:5C:6A:B8:71
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 4C9E3DA6CA5D6B9BB9CA2CE2FE85F7273F540D78
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132322e302f32342d3234203d3e2037303138.roa
Signing time: Wed 02 Apr 2025 16:54:00 +0000
ROA not before: Wed 02 Apr 2025 16:49:00 +0000
ROA not after: Wed 01 Apr 2026 16:54:00 +0000
asID: 7018
IP address blocks: 78.24.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 06:09:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:9e:3d:a6:ca:5d:6b:9b:b9:ca:2c:e2:fe:85:f7:27:3f:54:0d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Apr 2 16:49:00 2025 GMT
Not After : Apr 1 16:54:00 2026 GMT
Subject: CN=15EC47FF8D9041A34029FA69773F4A4D5C6AB871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c8:83:ca:af:2d:67:83:27:ed:33:eb:7a:f0:
35:49:5b:4a:c7:11:58:7b:83:ba:3c:aa:69:03:f8:
5f:0c:6c:cf:47:df:ca:49:14:f5:f4:18:9a:0e:1c:
66:8a:b9:58:e1:e7:45:75:0c:f9:64:5d:4f:ff:c5:
4f:c5:62:d7:b9:0f:0b:bd:c7:de:5b:eb:99:82:d4:
b7:b0:dc:fc:fa:f8:f1:69:8c:12:7b:0b:ad:c3:5b:
d0:b3:d3:1a:c1:f4:dc:2a:a9:df:e5:8a:77:14:21:
90:0f:6d:1a:fd:59:67:e2:e9:66:34:45:af:c4:de:
cc:01:47:93:f4:b6:01:f7:af:1f:94:89:7d:0f:b4:
56:37:0f:67:4d:fc:76:db:f4:b2:0e:8e:8e:ca:11:
1a:20:cf:ea:75:48:45:55:a5:a2:ae:31:93:95:de:
6a:49:a4:5e:75:d2:1f:cd:8a:80:63:0d:b6:f8:5f:
8a:ea:1e:3d:93:88:87:e1:11:dc:47:6f:cf:a4:0c:
93:26:9d:1d:58:a6:c4:89:b4:25:3a:7e:1c:12:b0:
5c:22:20:78:d3:55:0d:a5:67:25:de:29:c9:27:10:
0e:61:4a:ed:a0:ea:6e:23:45:9b:23:0a:65:67:3e:
2d:6f:bc:cb:43:32:db:32:56:59:0d:21:d5:1c:50:
e9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:EC:47:FF:8D:90:41:A3:40:29:FA:69:77:3F:4A:4D:5C:6A:B8:71
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132322e302f32342d3234203d3e2037303138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.122.0/24
Signature Algorithm: sha256WithRSAEncryption
68:da:23:c1:4d:92:3f:ac:99:14:58:9a:07:3f:52:2b:0a:dd:
08:90:11:e1:a0:13:51:62:d2:6e:82:53:20:cc:c7:38:3c:42:
8a:ba:aa:0e:e3:46:ac:d8:92:b8:60:e9:db:aa:c5:68:76:5e:
0f:71:ca:1c:ca:5a:f3:92:4e:f0:63:35:9d:86:87:88:b2:c4:
16:f2:2d:aa:e6:cc:7c:72:54:e8:fe:6d:59:c8:05:ed:59:90:
b4:fc:cc:33:fa:b3:74:42:f4:3d:4b:0a:8d:9b:8d:4a:a4:74:
5a:ae:6b:d8:5f:02:d6:ac:26:17:e5:29:5f:48:ca:c3:9e:43:
2b:61:4a:3c:2a:37:5d:c8:73:81:bf:b3:2c:7f:45:a7:5f:52:
11:f9:33:2d:7c:a5:2d:e9:de:48:32:bb:98:fd:e6:9e:59:7f:
64:10:9d:78:a8:5e:00:60:a9:1f:1b:43:54:b2:e3:4d:30:ba:
7d:09:0f:f2:98:ee:34:a3:8b:20:50:4d:2e:28:79:83:3a:9b:
1b:7a:c2:00:05:55:03:80:b0:84:e6:02:56:13:17:21:48:1d:
ea:02:7b:7a:bb:c7:ca:c9:91:d4:4c:c7:d8:ce:8b:0f:48:c8:
c9:d6:bd:c7:85:ce:df:2f:c3:23:19:29:cf:5f:1e:be:42:72:
2e:7e:e2:96
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUTJ49pspda5u5yizi/oX3Jz9UDXgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yNTA0MDIxNjQ5MDBaFw0yNjA0MDExNjU0MDBaMDMxMTAvBgNV
BAMTKDE1RUM0N0ZGOEQ5MDQxQTM0MDI5RkE2OTc3M0Y0QTRENUM2QUI4NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNyIPKry1ngyftM+t68DVJW0rH
EVh7g7o8qmkD+F8MbM9H38pJFPX0GJoOHGaKuVjh50V1DPlkXU//xU/FYte5Dwu9
x95b65mC1Lew3Pz6+PFpjBJ7C63DW9Cz0xrB9Nwqqd/lincUIZAPbRr9WWfi6WY0
Ra/E3swBR5P0tgH3rx+UiX0PtFY3D2dN/Hbb9LIOjo7KERogz+p1SEVVpaKuMZOV
3mpJpF510h/NioBjDbb4X4rqHj2TiIfhEdxHb8+kDJMmnR1YpsSJtCU6fhwSsFwi
IHjTVQ2lZyXeKcknEA5hSu2g6m4jRZsjCmVnPi1vvMtDMtsyVlkNIdUcUOkrAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUFexH/42QQaNAKfppdz9KTVxquHEwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzczODJlMzIzNDJlMzEzMjMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzczMDMxMzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABOGHow
DQYJKoZIhvcNAQELBQADggEBAGjaI8FNkj+smRRYmgc/UisK3QiQEeGgE1Fi0m6C
UyDMxzg8Qoq6qg7jRqzYkrhg6duqxWh2Xg9xyhzKWvOSTvBjNZ2Gh4iyxBbyLarm
zHxyVOj+bVnIBe1ZkLT8zDP6s3RC9D1LCo2bjUqkdFqua9hfAtasJhflKV9IysOe
QythSjwqN13Ic4G/syx/RadfUhH5My18pS3p3kgyu5j95p5Zf2QQnXioXgBgqR8b
Q1Sy400wun0JD/KY7jSjiyBQTS4oeYM6mxt6wgAFVQOAsITmAlYTFyFIHeoCe3q7
x8rJkdRMx9jOiw9IyMnWvceFzt8vwyMZKc9fHr5Cci5+4pY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:47:48 2025 by rpki-client