Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37322e302f32342d3234203d3e20313531383732.roa
File: 3137382e3234382e37322e302f32342d3234203d3e20313531383732.roa (raw, json)
Hash identifier: 562I7wk8pDZNtdMzcEoC9Q7KQUjR9i2cYfXfdpaRXg8=
Subject key identifier: AA:9E:60:1A:74:07:D3:E7:3D:81:50:E6:11:6B:6A:7F:B2:32:58:0C
Certificate issuer: /CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Certificate serial: 5468B3390EFA0EEAE4A295009FBA5AE63DE8D906
Authority key identifier: BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37322e302f32342d3234203d3e20313531383732.roa
Signing time: Tue 18 Feb 2025 17:34:33 +0000
ROA not before: Tue 18 Feb 2025 17:29:33 +0000
ROA not after: Tue 17 Feb 2026 17:34:33 +0000
asID: 151872
IP address blocks: 178.248.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.mft
rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 03:31:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:68:b3:39:0e:fa:0e:ea:e4:a2:95:00:9f:ba:5a:e6:3d:e8:d9:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d
Validity
Not Before: Feb 18 17:29:33 2025 GMT
Not After : Feb 17 17:34:33 2026 GMT
Subject: CN=AA9E601A7407D3E73D8150E6116B6A7FB232580C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f3:62:41:be:ba:31:d8:c7:fd:a2:62:d4:5a:
85:33:df:cb:00:31:3f:cd:47:c0:e2:57:a8:8d:28:
df:d4:36:78:71:e0:46:d6:26:f3:4e:4a:28:d3:66:
87:5d:90:5d:96:4f:57:a3:25:fe:8a:70:a3:7e:f7:
a6:78:6b:fb:e7:3d:19:6b:3a:c0:b2:ff:4b:51:2d:
34:dd:52:d5:55:2b:f1:d7:ba:90:d6:d5:1e:58:e2:
d1:e6:f2:87:7b:17:84:9b:d1:19:8b:98:33:62:61:
17:d1:c9:55:f2:b9:4b:ef:3a:d3:4b:a4:0b:e4:11:
a6:9e:27:54:4d:dd:b5:d8:fa:5f:82:e7:66:3c:b8:
74:f8:53:54:da:2f:1c:3e:36:72:e8:83:da:2e:2b:
e1:51:dd:32:f9:cc:30:de:fb:05:c2:60:45:76:28:
ea:4e:f7:6d:e7:32:d4:ce:47:ca:93:11:03:d3:3d:
8d:64:aa:ef:23:8f:30:f7:61:dd:ab:61:f3:8a:58:
f8:1d:e3:36:b1:f5:78:fd:fc:9c:aa:4b:9a:1c:5e:
10:78:ea:97:74:ef:27:b8:0b:c6:3d:50:f2:d8:43:
10:79:09:ff:ae:28:bd:1d:a8:a3:7a:12:95:a9:c4:
6a:b9:de:3e:85:34:e6:38:3d:ad:15:8f:79:4c:29:
7c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9E:60:1A:74:07:D3:E7:3D:81:50:E6:11:6B:6A:7F:B2:32:58:0C
X509v3 Authority Key Identifier:
keyid:BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3137382e3234382e37322e302f32342d3234203d3e20313531383732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.72.0/24
Signature Algorithm: sha256WithRSAEncryption
20:fd:11:b8:a9:7f:bf:32:e0:5e:e0:c2:00:3a:d8:0f:11:bb:
82:c8:de:73:99:72:8e:4d:92:e5:5e:d7:b6:ba:8c:ee:a2:3e:
8e:9f:3d:bd:89:07:32:df:21:96:42:59:3a:0e:ee:6f:81:0f:
51:2c:62:16:17:b3:16:ef:61:33:47:7d:11:61:a9:02:8c:aa:
bf:98:07:c7:36:14:36:0d:fa:af:d2:40:01:51:65:7d:8a:cc:
23:8d:91:73:e9:0c:01:77:d1:92:03:08:f6:c5:81:e3:62:69:
86:d6:56:3f:78:b1:30:5d:79:98:fb:9e:b0:f0:aa:61:a1:05:
da:ee:51:2f:8f:29:ba:a7:90:fc:f6:79:96:63:de:ae:c8:ff:
5a:3b:5b:d6:e8:b9:9b:84:5d:30:6d:01:6e:bb:9a:74:21:96:
f4:98:6e:7c:5a:1c:37:c5:7d:61:a7:a9:24:52:98:4e:f9:a9:
97:69:68:93:c8:3c:1b:8f:dd:68:09:83:07:0f:24:b9:48:6a:
5b:93:9a:ef:69:54:2a:c1:1d:49:ad:e3:4d:c0:bf:9c:4d:69:
b4:8d:ab:0d:82:cb:d7:7b:c1:1f:d3:b5:15:5c:02:4c:0c:02:
a6:be:11:35:79:2f:f5:3c:2d:ea:e5:82:4c:5f:5d:32:b3:c2:
6f:95:dd:44
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVGizOQ76DurkopUAn7pa5j3o2QYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmUwYmI3ODg2OWNkYjJhZDBjOTcxYTZhODU4YTMwMjEz
ZWFlYzQ3ZDAeFw0yNTAyMTgxNzI5MzNaFw0yNjAyMTcxNzM0MzNaMDMxMTAvBgNV
BAMTKEFBOUU2MDFBNzQwN0QzRTczRDgxNTBFNjExNkI2QTdGQjIzMjU4MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS82JBvrox2Mf9omLUWoUz38sA
MT/NR8DiV6iNKN/UNnhx4EbWJvNOSijTZoddkF2WT1ejJf6KcKN+96Z4a/vnPRlr
OsCy/0tRLTTdUtVVK/HXupDW1R5Y4tHm8od7F4Sb0RmLmDNiYRfRyVXyuUvvOtNL
pAvkEaaeJ1RN3bXY+l+C52Y8uHT4U1TaLxw+NnLog9ouK+FR3TL5zDDe+wXCYEV2
KOpO923nMtTOR8qTEQPTPY1kqu8jjzD3Yd2rYfOKWPgd4zax9Xj9/JyqS5ocXhB4
6pd07ye4C8Y9UPLYQxB5Cf+uKL0dqKN6EpWpxGq53j6FNOY4Pa0Vj3lMKXzFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqp5gGnQH0+c9gVDmEWtqf7IyWAwwHwYDVR0j
BBgwFoAUvgu3iGnNsq0MlxpqhYowIT6uxH0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWMxNDMzODctZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUx
ZTRhLzAvQkUwQkI3ODg2OUNEQjJBRDBDOTcxQTZBODU4QTMwMjEzRUFFQzQ3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZndTNpR25Oc3EwTWx4cHFoWW93SVQ2
dXhIMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMxNDMzODct
ZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUxZTRhLzAvMzEzNzM4MmUzMjM0MzgyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzEzODM3MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACy+EgwDQYJKoZIhvcNAQELBQADggEBACD9Ebipf78y4F7gwgA62A8Ru4LI3nOZ
co5NkuVe17a6jO6iPo6fPb2JBzLfIZZCWToO7m+BD1EsYhYXsxbvYTNHfRFhqQKM
qr+YB8c2FDYN+q/SQAFRZX2KzCONkXPpDAF30ZIDCPbFgeNiaYbWVj94sTBdeZj7
nrDwqmGhBdruUS+PKbqnkPz2eZZj3q7I/1o7W9bouZuEXTBtAW67mnQhlvSYbnxa
HDfFfWGnqSRSmE75qZdpaJPIPBuP3WgJgwcPJLlIaluTmu9pVCrBHUmt403Av5xN
abSNqw2Cy9d7wR/TtRVcAkwMAqa+ETV5L/U8LerlgkxfXTKzwm+V3UQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:15:34 2025 by rpki-client