Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/37372e38312e3133372e302f32342d3234203d3e20333939363431.roa
File: 37372e38312e3133372e302f32342d3234203d3e20333939363431.roa (raw, json)
Hash identifier: xL9s9lGr6Y1GcoWPNRfoiIg5P1LyMl92tRndWKMRxvY=
Subject key identifier: F3:75:03:C9:30:AF:5C:5F:01:7F:F1:97:8F:65:8A:F5:50:4D:0F:10
Certificate issuer: /CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Certificate serial: 3EAA9F3768A6B532AF8AC67B4F4CEBF50448A13D
Authority key identifier: ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/37372e38312e3133372e302f32342d3234203d3e20333939363431.roa
Signing time: Fri 05 Sep 2025 20:55:00 +0000
ROA not before: Fri 05 Sep 2025 20:50:00 +0000
ROA not after: Fri 04 Sep 2026 20:55:00 +0000
asID: 399641
IP address blocks: 77.81.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 21:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:aa:9f:37:68:a6:b5:32:af:8a:c6:7b:4f:4c:eb:f5:04:48:a1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed9edb2a15871785fbae38e23c38820dbfa2cca4
Validity
Not Before: Sep 5 20:50:00 2025 GMT
Not After : Sep 4 20:55:00 2026 GMT
Subject: CN=F37503C930AF5C5F017FF1978F658AF5504D0F10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1f:d5:41:fd:f1:af:24:6b:bc:5d:48:5d:1c:
fb:8b:ae:ff:b0:59:32:9f:c1:fc:42:85:b7:cd:78:
9f:c3:70:1b:bc:a5:ff:57:8e:ac:a6:1f:58:23:46:
ce:dc:ea:64:37:5d:14:74:b5:f5:8a:12:cc:4b:b1:
1f:2f:98:b8:bb:28:d4:33:e4:78:0d:d5:71:37:1c:
6e:43:0c:43:e5:59:b5:c6:d4:da:0e:1a:78:74:1a:
08:85:0f:9a:e2:59:da:d2:f4:90:2e:9d:8f:a1:96:
a5:bf:c7:60:62:78:0c:12:69:14:8b:29:18:f3:ac:
7a:c9:2d:57:ab:e3:e8:c1:b4:03:44:cd:21:c9:8a:
47:91:a5:93:e3:0a:e3:84:cc:be:ae:a2:0c:2e:08:
05:48:a2:33:91:f1:10:6b:02:4d:06:6d:71:e0:c4:
89:93:1f:04:41:72:21:b6:4b:9a:b4:36:ef:f2:fc:
d7:30:58:65:97:40:9e:d0:3f:86:41:32:88:bc:b6:
34:5e:e2:56:d3:38:98:11:ed:6f:7b:5c:39:be:25:
f8:67:4d:61:00:e9:19:21:3d:3e:80:ce:63:4e:71:
df:e8:57:d0:be:3c:e9:3b:c5:0f:0b:39:96:d3:49:
05:a7:b0:d4:c1:8e:0c:aa:5b:6f:c9:91:0c:14:71:
a8:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:75:03:C9:30:AF:5C:5F:01:7F:F1:97:8F:65:8A:F5:50:4D:0F:10
X509v3 Authority Key Identifier:
keyid:ED:9E:DB:2A:15:87:17:85:FB:AE:38:E2:3C:38:82:0D:BF:A2:CC:A4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/ED9EDB2A15871785FBAE38E23C38820DBFA2CCA4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Z7bKhWHF4X7rjjiPDiCDb-izKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ea0de97f-7ee8-4ce0-b045-efac8c243c79/0/37372e38312e3133372e302f32342d3234203d3e20333939363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.137.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:6a:85:85:bd:03:f9:f9:8d:a9:97:cd:0d:c9:1c:7b:b1:01:
34:92:3c:53:f2:01:ad:71:70:88:3a:14:88:11:e1:af:75:f2:
25:d3:96:f9:16:ac:f0:4d:22:c0:ea:5f:c0:65:7a:ac:c5:f9:
d3:5d:5c:ce:46:7e:0c:77:d8:c2:a5:30:db:41:15:f1:50:28:
28:6b:2c:df:42:5e:cf:6a:5f:6d:3c:49:57:72:b7:28:aa:5b:
ea:25:a5:11:32:4a:11:f1:7e:9d:ec:0f:9c:bb:4e:d5:12:2e:
45:45:e1:bb:26:1c:21:f2:e7:01:72:6c:22:3e:a6:14:fa:0f:
fc:b7:bd:d8:e9:c1:14:47:e8:c9:5e:67:96:ad:5a:f0:1f:a3:
67:45:0d:01:85:92:98:f8:a2:b0:e1:14:9a:cf:14:0e:00:b8:
c1:09:f3:36:32:4d:b9:a2:c4:7a:86:93:6c:22:b7:cc:2c:83:
8e:37:81:f9:2e:0a:b0:16:46:0a:2d:c0:f9:b1:27:b8:8f:f4:
61:96:e4:d9:5c:12:4f:41:a0:4f:84:7c:80:ca:fe:87:96:2f:
b2:ee:67:c6:8d:98:2f:19:fb:b1:92:e2:e9:b6:b2:bd:26:60:
66:92:df:ee:97:c9:7f:9c:9f:bd:13:2f:b2:3e:bd:85:68:2b:
79:71:60:c1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPqqfN2imtTKvisZ7T0zr9QRIoT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZWQ5ZWRiMmExNTg3MTc4NWZiYWUzOGUyM2MzODgyMGRi
ZmEyY2NhNDAeFw0yNTA5MDUyMDUwMDBaFw0yNjA5MDQyMDU1MDBaMDMxMTAvBgNV
BAMTKEYzNzUwM0M5MzBBRjVDNUYwMTdGRjE5NzhGNjU4QUY1NTA0RDBGMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRH9VB/fGvJGu8XUhdHPuLrv+w
WTKfwfxChbfNeJ/DcBu8pf9XjqymH1gjRs7c6mQ3XRR0tfWKEsxLsR8vmLi7KNQz
5HgN1XE3HG5DDEPlWbXG1NoOGnh0GgiFD5riWdrS9JAunY+hlqW/x2BieAwSaRSL
KRjzrHrJLVer4+jBtANEzSHJikeRpZPjCuOEzL6uogwuCAVIojOR8RBrAk0GbXHg
xImTHwRBciG2S5q0Nu/y/NcwWGWXQJ7QP4ZBMoi8tjRe4lbTOJgR7W97XDm+Jfhn
TWEA6RkhPT6AzmNOcd/oV9C+POk7xQ8LOZbTSQWnsNTBjgyqW2/JkQwUcaiDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU83UDyTCvXF8Bf/GXj2WK9VBNDxAwHwYDVR0j
BBgwFoAU7Z7bKhWHF4X7rjjiPDiCDb+izKQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWEwZGU5N2YtN2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQz
Yzc5LzAvRUQ5RURCMkExNTg3MTc4NUZCQUUzOEUyM0MzODgyMERCRkEyQ0NBNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdaN2JLaFdIRjRYN3JqamlQRGlDRGIt
aXpLUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWEwZGU5N2Yt
N2VlOC00Y2UwLWIwNDUtZWZhYzhjMjQzYzc5LzAvMzczNzJlMzgzMTJlMzEzMzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM5MzYzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
TVGJMA0GCSqGSIb3DQEBCwUAA4IBAQBLaoWFvQP5+Y2pl80NyRx7sQE0kjxT8gGt
cXCIOhSIEeGvdfIl05b5FqzwTSLA6l/AZXqsxfnTXVzORn4Md9jCpTDbQRXxUCgo
ayzfQl7Pal9tPElXcrcoqlvqJaURMkoR8X6d7A+cu07VEi5FReG7Jhwh8ucBcmwi
PqYU+g/8t73Y6cEUR+jJXmeWrVrwH6NnRQ0BhZKY+KKw4RSazxQOALjBCfM2Mk25
osR6hpNsIrfMLIOON4H5LgqwFkYKLcD5sSe4j/RhluTZXBJPQaBPhHyAyv6Hli+y
7mfGjZgvGfuxkuLptrK9JmBmkt/ul8l/nJ+9Ey+yPr2FaCt5cWDB
-----END CERTIFICATE-----
Generated at Wed Sep 10 05:32:41 2025 by rpki-client