Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232392e302f32342d3234203d3e20313336373837.roa
File: 37372e3233372e3232392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: cqifrnuEqLfx/UsxqmXDvtB7OrcDtop1yhn5aHEqAhk=
Subject key identifier: C9:44:C9:42:87:84:0E:1A:F5:43:BD:4E:8F:56:66:7D:BB:B4:BE:6E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0DE22EF7D69139C37480752E1C22BF47FEBB26FE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232392e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 31 Dec 2024 19:44:42 +0000
ROA not before: Tue 31 Dec 2024 19:39:42 +0000
ROA not after: Tue 30 Dec 2025 19:44:42 +0000
asID: 136787
IP address blocks: 77.237.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:e2:2e:f7:d6:91:39:c3:74:80:75:2e:1c:22:bf:47:fe:bb:26:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 31 19:39:42 2024 GMT
Not After : Dec 30 19:44:42 2025 GMT
Subject: CN=C944C94287840E1AF543BD4E8F56667DBBB4BE6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:78:c6:52:ae:44:34:93:5c:4b:c6:24:6b:61:
80:d4:9c:e2:7a:f6:11:11:b0:14:4b:c4:f6:ce:da:
ce:fb:ce:5b:fa:b5:fe:2a:50:1e:f3:b1:d4:a3:d5:
79:b7:31:8a:fc:d7:1b:3b:95:90:49:7c:1a:68:90:
30:13:e3:a2:a7:14:1d:3f:88:78:a1:26:90:b8:d4:
e3:bd:09:0c:88:97:41:2e:6e:6c:04:4f:be:35:25:
7c:69:8f:93:1e:59:fa:9b:25:77:c5:85:2a:c3:54:
56:7e:12:4a:33:45:5c:f1:1c:ad:5b:64:9c:01:cd:
2a:e0:a9:b6:43:3e:e4:3d:72:c4:c8:7b:97:7e:ad:
ca:6f:4f:b5:fa:db:56:9e:dd:20:b7:e0:14:1e:90:
61:25:e4:b5:99:e3:f7:95:55:c3:ce:7d:f8:5e:62:
86:11:a3:b6:6f:e5:45:a1:d0:f0:2e:64:8e:45:9d:
b4:d1:70:4a:1a:a2:24:f9:8c:81:99:7c:c7:43:30:
76:58:6e:7b:5f:b0:25:fa:5a:80:70:4f:0f:65:d1:
d6:3e:cc:d8:9f:93:34:07:3e:c2:c0:81:77:0e:f1:
25:3d:f5:b2:33:8d:2c:27:3b:6a:12:bc:d6:a2:0d:
5e:59:87:ec:4a:63:12:bf:b7:58:90:0a:5d:48:4a:
aa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:44:C9:42:87:84:0E:1A:F5:43:BD:4E:8F:56:66:7D:BB:B4:BE:6E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3232392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.229.0/24
Signature Algorithm: sha256WithRSAEncryption
26:be:cd:bc:89:0f:e3:00:06:0a:88:b2:fd:33:1a:99:6e:aa:
d7:0f:3a:8b:b6:76:3c:02:10:d9:7b:e2:99:1b:7e:e0:de:18:
86:8d:03:b8:f4:59:e2:eb:d8:ce:2e:cd:29:d5:22:76:1b:9e:
0d:ef:9e:09:5d:e7:5a:85:f5:17:56:cf:0e:bb:80:b7:c0:79:
e9:e7:a3:07:f1:2b:bc:6d:3e:af:c7:20:5e:83:e5:09:1a:1a:
a5:f0:84:41:48:7e:1a:07:d7:c8:62:37:48:8f:78:93:27:64:
60:61:e7:42:16:6c:88:3c:99:eb:63:b9:47:84:6c:58:d4:85:
ca:f5:98:c1:ac:81:a4:5b:4c:19:06:f5:4b:d3:83:99:c6:97:
71:e5:d1:0c:79:fc:4d:64:88:2e:29:95:d3:f7:04:60:e3:15:
5f:8d:c0:ed:c4:58:39:93:ee:eb:a8:87:d5:16:d5:39:33:29:
30:2a:eb:6a:31:58:42:5e:2e:92:65:e6:df:a5:c8:b5:d7:ec:
0f:07:85:bb:5d:c8:55:70:87:24:3a:87:6a:ce:ee:5e:ff:2a:
26:55:80:7e:e1:64:e1:9a:86:d9:1b:31:5e:70:38:6c:13:9d:
dc:0e:bb:9e:0d:fb:39:8b:30:30:b4:e7:65:d3:5a:c2:c1:ee:
98:78:22:9a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDeIu99aROcN0gHUuHCK/R/67Jv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMzExOTM5NDJaFw0yNTEyMzAxOTQ0NDJaMDMxMTAvBgNV
BAMTKEM5NDRDOTQyODc4NDBFMUFGNTQzQkQ0RThGNTY2NjdEQkJCNEJFNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSeMZSrkQ0k1xLxiRrYYDUnOJ6
9hERsBRLxPbO2s77zlv6tf4qUB7zsdSj1Xm3MYr81xs7lZBJfBpokDAT46KnFB0/
iHihJpC41OO9CQyIl0EubmwET741JXxpj5MeWfqbJXfFhSrDVFZ+EkozRVzxHK1b
ZJwBzSrgqbZDPuQ9csTIe5d+rcpvT7X621ae3SC34BQekGEl5LWZ4/eVVcPOffhe
YoYRo7Zv5UWh0PAuZI5FnbTRcEoaoiT5jIGZfMdDMHZYbntfsCX6WoBwTw9l0dY+
zNifkzQHPsLAgXcO8SU99bIzjSwnO2oSvNaiDV5Zh+xKYxK/t1iQCl1ISqqLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyUTJQoeEDhr1Q71Oj1Zmfbu0vm4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzIzMzM3MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABN7eUwDQYJKoZIhvcNAQELBQADggEBACa+zbyJD+MABgqIsv0zGpluqtcPOou2
djwCENl74pkbfuDeGIaNA7j0WeLr2M4uzSnVInYbng3vngld51qF9RdWzw67gLfA
eennowfxK7xtPq/HIF6D5QkaGqXwhEFIfhoH18hiN0iPeJMnZGBh50IWbIg8metj
uUeEbFjUhcr1mMGsgaRbTBkG9UvTg5nGl3Hl0Qx5/E1kiC4pldP3BGDjFV+NwO3E
WDmT7uuoh9UW1TkzKTAq62oxWEJeLpJl5t+lyLXX7A8HhbtdyFVwhyQ6h2rO7l7/
KiZVgH7hZOGahtkbMV5wOGwTndwOu54N+zmLMDC052XTWsLB7ph4Ipo=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:13:52 2025 by rpki-client