Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/37372e38332e3235332e302f32342d3234203d3e20333938333835.roa
File: 37372e38332e3235332e302f32342d3234203d3e20333938333835.roa (raw, json)
Hash identifier: oAOTNgxw6bYQVCzHD93BNrqwf7e2+dYeRkUxzvhfYNE=
Subject key identifier: BF:17:78:A6:07:98:42:35:AC:9D:4D:28:1D:96:65:11:3D:49:97:25
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 1C17F1A24381A9E7B2BF42AF9D2C9B1CE7AD1AD0
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/37372e38332e3235332e302f32342d3234203d3e20333938333835.roa
Signing time: Thu 23 Jan 2025 17:53:52 +0000
ROA not before: Thu 23 Jan 2025 17:48:52 +0000
ROA not after: Thu 22 Jan 2026 17:53:52 +0000
asID: 398385
IP address blocks: 77.83.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.mft
rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 05:18:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:17:f1:a2:43:81:a9:e7:b2:bf:42:af:9d:2c:9b:1c:e7:ad:1a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Jan 23 17:48:52 2025 GMT
Not After : Jan 22 17:53:52 2026 GMT
Subject: CN=BF1778A607984235AC9D4D281D9665113D499725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:22:68:91:09:07:6a:9b:7c:9e:3f:05:65:dc:
02:cf:c6:41:80:57:eb:8c:c3:79:ed:48:01:2a:8b:
49:f2:d8:13:3e:1c:08:18:25:c3:5d:dc:cb:aa:81:
27:6a:2f:6f:bb:81:85:11:f0:68:6c:72:9e:2b:95:
db:73:93:f1:c1:82:39:d7:24:a6:26:ef:85:3d:1d:
01:76:d9:25:b2:5e:8e:e1:18:8b:09:0a:23:6b:b7:
c6:9f:ce:51:e5:30:a9:35:38:e4:e5:37:5c:75:32:
61:18:50:f5:8f:f2:34:e4:62:e6:6a:57:e5:b9:29:
f6:47:c4:eb:3c:67:cf:27:49:11:a0:0a:42:3b:f1:
7c:64:18:e2:e3:13:f0:f7:a2:4b:69:ef:27:4a:59:
e5:5d:a7:38:ec:c1:05:6a:ba:e9:2f:dc:b7:b7:7f:
3a:b3:94:59:d2:e9:6e:e0:11:af:62:97:f7:cb:ad:
22:43:3e:79:b9:bc:4f:70:95:1f:7b:8c:6d:87:99:
69:15:1f:1a:5c:bb:4e:8a:38:ac:c8:de:62:43:f7:
71:b9:f1:c4:74:bb:67:d6:86:80:a3:8e:33:85:f9:
96:49:b2:94:6f:72:d1:d0:7f:78:fe:81:b3:46:12:
1c:35:a6:38:68:60:9e:47:ff:90:23:a9:4f:23:6f:
85:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:17:78:A6:07:98:42:35:AC:9D:4D:28:1D:96:65:11:3D:49:97:25
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/37372e38332e3235332e302f32342d3234203d3e20333938333835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.253.0/24
Signature Algorithm: sha256WithRSAEncryption
44:37:05:64:83:fb:2c:1f:3c:4b:9a:dc:18:96:2c:cd:86:08:
de:a5:30:6c:71:04:95:9a:4b:5a:d7:2b:6d:5d:33:d7:f1:58:
09:7a:f1:d5:fd:3c:04:33:a7:20:b9:8b:22:ce:6a:db:a2:2c:
6f:1b:7b:e0:8b:43:32:7e:93:44:b3:9d:4b:d3:30:44:aa:93:
94:c5:e5:04:df:95:d9:09:4b:7a:de:dc:21:55:e2:07:f7:7d:
9a:1b:79:5a:d0:6e:8a:63:57:b7:c8:b3:bb:f8:ba:bf:76:bf:
d6:df:db:cb:37:b9:a4:62:07:12:63:c0:74:f7:9a:45:02:c9:
10:93:25:5c:e4:ed:92:42:ad:4c:1f:6a:0a:ff:9b:37:ae:8a:
ee:4e:13:86:63:c6:97:74:56:b9:1f:4f:ee:44:d6:01:67:8d:
96:b0:bf:80:62:4a:71:52:4d:a9:a0:4c:1f:64:3f:0e:7c:39:
ff:0d:66:a9:d1:fb:45:39:9f:10:26:d7:dd:92:34:60:f6:dc:
96:02:90:03:b0:71:77:a8:27:e8:a0:88:4b:6d:0b:fc:7f:29:
92:e8:e4:0d:2d:a6:56:de:82:ce:15:de:e0:1e:6a:c4:65:66:
77:d9:3a:7e:89:79:44:e0:13:34:7b:d6:21:5a:46:9b:b8:14:
48:3e:2c:51
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHBfxokOBqeeyv0KvnSybHOetGtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNTAxMjMxNzQ4NTJaFw0yNjAxMjIxNzUzNTJaMDMxMTAvBgNV
BAMTKEJGMTc3OEE2MDc5ODQyMzVBQzlENEQyODFEOTY2NTExM0Q0OTk3MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9ImiRCQdqm3yePwVl3ALPxkGA
V+uMw3ntSAEqi0ny2BM+HAgYJcNd3MuqgSdqL2+7gYUR8Ghscp4rldtzk/HBgjnX
JKYm74U9HQF22SWyXo7hGIsJCiNrt8afzlHlMKk1OOTlN1x1MmEYUPWP8jTkYuZq
V+W5KfZHxOs8Z88nSRGgCkI78XxkGOLjE/D3oktp7ydKWeVdpzjswQVquukv3Le3
fzqzlFnS6W7gEa9il/fLrSJDPnm5vE9wlR97jG2HmWkVHxpcu06KOKzI3mJD93G5
8cR0u2fWhoCjjjOF+ZZJspRvctHQf3j+gbNGEhw1pjhoYJ5H/5AjqU8jb4U7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUvxd4pgeYQjWsnU0oHZZlET1JlyUwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzczNzJlMzgzMzJlMzIzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM4MzMzODM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
TVP9MA0GCSqGSIb3DQEBCwUAA4IBAQBENwVkg/ssHzxLmtwYlizNhgjepTBscQSV
mkta1yttXTPX8VgJevHV/TwEM6cguYsizmrboixvG3vgi0MyfpNEs51L0zBEqpOU
xeUE35XZCUt63twhVeIH932aG3la0G6KY1e3yLO7+Lq/dr/W39vLN7mkYgcSY8B0
95pFAskQkyVc5O2SQq1MH2oK/5s3roruThOGY8aXdFa5H0/uRNYBZ42WsL+AYkpx
Uk2poEwfZD8OfDn/DWap0ftFOZ8QJtfdkjRg9tyWApADsHF3qCfooIhLbQv8fymS
6OQNLaZW3oLOFd7gHmrEZWZ32Tp+iXlE4BM0e9YhWkabuBRIPixR
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:37:22 2025 by rpki-client