Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa
File: 37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: Xcs69e4i6Comw5dc1AiOcDedrsCoxMBJiVVdHTLOpD8=
Subject key identifier: 07:3E:F2:F7:15:88:AD:AE:86:B9:82:77:7C:EE:43:6F:D9:77:1F:F1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5BF5C0A16CE9F37FB2C4A6B39769E2C795A0A83D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 27 Jan 2025 09:45:16 +0000
ROA not before: Mon 27 Jan 2025 09:40:16 +0000
ROA not after: Mon 26 Jan 2026 09:45:16 +0000
asID: 201341
IP address blocks: 77.237.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:f5:c0:a1:6c:e9:f3:7f:b2:c4:a6:b3:97:69:e2:c7:95:a0:a8:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:16 2025 GMT
Not After : Jan 26 09:45:16 2026 GMT
Subject: CN=073EF2F71588ADAE86B982777CEE436FD9771FF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9d:38:3a:46:c2:36:63:6b:b7:27:b4:a2:a6:
e4:ba:23:27:0f:80:2b:12:ba:18:68:8c:6a:41:e8:
9b:e4:08:85:84:89:b4:f0:12:a6:f0:db:ca:87:3f:
6c:f8:04:5c:15:3a:50:40:1f:8f:75:70:bd:bf:80:
91:cf:cc:5e:45:cc:de:59:5b:1b:e7:69:30:1b:c1:
9d:ad:97:c4:fc:5f:32:c7:26:d9:59:d3:d1:32:b6:
59:19:d8:fb:38:49:64:fd:74:70:f5:e8:64:b1:44:
29:11:a6:cb:b9:35:ac:83:fa:51:43:74:d4:a6:89:
e9:67:f4:cb:db:3d:f6:14:4f:2a:00:bb:16:34:07:
0b:dd:de:5a:77:66:10:cf:36:8f:8f:61:e4:82:1a:
41:29:37:31:17:35:38:76:4b:8e:40:38:03:01:f6:
22:c3:b4:38:0f:8b:30:cf:3e:02:10:22:9e:5c:b8:
ba:33:ca:f8:cf:9a:13:63:a2:b3:9e:7d:7c:ca:83:
46:48:a8:ac:3a:a3:91:51:17:eb:80:c1:81:13:6d:
7d:a5:ce:fb:13:fe:97:bd:e5:e0:ac:54:86:fb:55:
06:0c:ef:be:0f:ea:55:83:9e:dd:58:e8:94:45:82:
8e:0f:b6:b1:b0:10:36:c3:29:af:90:4d:86:e0:ca:
db:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:3E:F2:F7:15:88:AD:AE:86:B9:82:77:7C:EE:43:6F:D9:77:1F:F1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232362e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.226.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:81:40:26:3a:03:3d:1b:81:5e:ea:c9:82:44:fd:10:a2:46:
31:8f:4e:cb:8e:4a:8c:5a:4c:0d:de:1c:4f:cd:42:d0:aa:42:
40:9e:a9:07:8c:41:60:48:21:f1:3b:bb:3a:1c:56:8e:80:48:
2e:67:ce:bb:1d:88:d3:d7:b0:65:c1:9c:76:66:72:53:92:1e:
e7:d3:76:d2:f1:ac:4f:a7:dd:63:d7:ca:50:eb:ea:37:e1:c0:
46:6e:05:8c:58:84:66:a2:82:45:95:87:77:5b:3f:b2:9d:71:
9b:dc:d0:f8:16:6e:1f:55:1a:08:df:d6:c1:f0:19:47:f2:f0:
0a:10:1b:a9:84:10:7f:5b:96:57:ff:80:87:84:a4:a9:c7:ed:
75:71:84:19:c8:b3:13:49:61:0e:fb:2d:ca:bb:2c:d0:ec:36:
36:e4:4e:f3:db:72:65:27:61:37:0d:69:11:dd:84:30:fe:78:
89:16:a6:3a:60:07:26:93:f8:2f:18:80:8e:05:9e:e5:11:20:
b5:14:77:45:0a:2f:66:9a:66:e3:10:9e:11:98:8a:ce:f7:4f:
91:5d:c2:fc:30:dd:75:68:f3:f7:88:df:72:c5:17:6c:ef:61:
6e:d3:8c:b3:55:64:cb:5f:38:3f:65:54:84:84:1b:28:c7:04:
bb:70:70:95
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUW/XAoWzp83+yxKazl2nix5WgqD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTZaFw0yNjAxMjYwOTQ1MTZaMDMxMTAvBgNV
BAMTKDA3M0VGMkY3MTU4OEFEQUU4NkI5ODI3NzdDRUU0MzZGRDk3NzFGRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDnTg6RsI2Y2u3J7SipuS6IycP
gCsSuhhojGpB6JvkCIWEibTwEqbw28qHP2z4BFwVOlBAH491cL2/gJHPzF5FzN5Z
WxvnaTAbwZ2tl8T8XzLHJtlZ09EytlkZ2Ps4SWT9dHD16GSxRCkRpsu5NayD+lFD
dNSmieln9MvbPfYUTyoAuxY0Bwvd3lp3ZhDPNo+PYeSCGkEpNzEXNTh2S45AOAMB
9iLDtDgPizDPPgIQIp5cuLozyvjPmhNjorOefXzKg0ZIqKw6o5FRF+uAwYETbX2l
zvsT/pe95eCsVIb7VQYM774P6lWDnt1Y6JRFgo4PtrGwEDbDKa+QTYbgyttNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBz7y9xWIra6GuYJ3fO5Db9l3H/EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzIzMzM3MmUzMjMy
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABN7eIwDQYJKoZIhvcNAQELBQADggEBAD2BQCY6Az0bgV7qyYJE/RCiRjGPTsuO
SoxaTA3eHE/NQtCqQkCeqQeMQWBIIfE7uzocVo6ASC5nzrsdiNPXsGXBnHZmclOS
HufTdtLxrE+n3WPXylDr6jfhwEZuBYxYhGaigkWVh3dbP7KdcZvc0PgWbh9VGgjf
1sHwGUfy8AoQG6mEEH9bllf/gIeEpKnH7XVxhBnIsxNJYQ77Lcq7LNDsNjbkTvPb
cmUnYTcNaRHdhDD+eIkWpjpgByaT+C8YgI4FnuURILUUd0UKL2aaZuMQnhGYis73
T5Fdwvww3XVo8/eI33LFF2zvYW7TjLNVZMtfOD9lVISEGyjHBLtwcJU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:11:00 2025 by rpki-client