Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234382e302f32342d3234203d3e20333938373034.roa
File: 37382e33312e3234382e302f32342d3234203d3e20333938373034.roa (raw, json)
Hash identifier: q9Cj1pGgAjJ93pwPdVcJwZ4kHUNSwwqZZTR+qWsxoFg=
Subject key identifier: D4:09:A5:36:E4:92:1F:93:B5:74:F6:93:DA:9A:9C:52:39:F0:58:EA
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 2470A7F6CE7F05D16C1FDFF604900C21710C6461
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234382e302f32342d3234203d3e20333938373034.roa
Signing time: Mon 19 May 2025 10:35:43 +0000
ROA not before: Mon 19 May 2025 10:30:43 +0000
ROA not after: Mon 18 May 2026 10:35:43 +0000
asID: 398704
IP address blocks: 78.31.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:70:a7:f6:ce:7f:05:d1:6c:1f:df:f6:04:90:0c:21:71:0c:64:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 19 10:30:43 2025 GMT
Not After : May 18 10:35:43 2026 GMT
Subject: CN=D409A536E4921F93B574F693DA9A9C5239F058EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e4:90:e2:3e:86:83:4c:77:25:e9:6a:32:3a:
2f:25:f0:dd:f9:20:78:55:59:a7:3b:26:f2:b5:73:
a9:5d:04:8e:21:8d:64:01:a1:75:85:ae:50:31:26:
24:3e:dc:eb:83:fd:56:0e:97:4f:12:91:c2:5d:d6:
ce:0b:7d:71:6a:9b:90:38:8e:09:25:9e:18:34:a2:
72:f5:a5:d2:be:5e:11:e5:55:f4:f4:ee:60:ad:15:
2b:4c:f0:cd:8d:03:18:01:1d:0e:11:1a:57:50:b7:
28:17:09:27:d1:14:4f:45:2b:fb:1f:b4:4d:b8:b0:
b9:cc:16:9e:34:eb:25:3c:77:ef:69:89:9a:1e:a3:
95:3d:ae:b0:ea:49:69:71:fc:0d:9c:3f:ae:b9:63:
39:6e:d9:c5:24:f0:54:99:6e:fc:dc:bf:26:ae:10:
07:49:e2:5d:7d:a5:e4:9d:3c:59:20:40:92:f4:55:
38:57:55:6f:61:57:d7:ab:11:1a:ef:7c:66:c4:e6:
b5:37:72:83:a3:84:7f:ea:30:47:3d:ae:26:fd:08:
ca:d0:93:89:c9:0e:f9:a1:ca:f6:dc:ae:c2:63:9f:
44:9b:e6:d2:1a:a4:0f:e0:40:ca:af:b2:f8:98:79:
65:94:9f:ab:4d:d2:00:18:49:61:ae:56:4e:94:91:
0f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:09:A5:36:E4:92:1F:93:B5:74:F6:93:DA:9A:9C:52:39:F0:58:EA
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234382e302f32342d3234203d3e20333938373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.248.0/24
Signature Algorithm: sha256WithRSAEncryption
30:15:08:05:81:ee:d5:e6:a8:dd:4d:87:5e:74:b5:bd:c9:87:
9f:e8:4e:76:67:2e:4f:19:a7:0e:31:82:68:7e:f1:1e:d0:fe:
07:82:12:1f:50:76:af:e6:66:11:41:97:9a:1e:eb:03:30:35:
42:71:9d:a8:09:ce:0f:5a:f2:7a:de:95:55:26:f2:8a:34:7a:
c3:a3:09:4d:97:f6:af:f2:42:13:14:32:a0:2a:ff:e1:97:43:
40:c8:71:49:3b:a5:3b:97:d3:95:cd:70:df:c2:ff:3e:c7:de:
ae:e4:bf:8b:90:e2:eb:b3:a2:77:24:49:7f:4c:e0:34:9d:d1:
65:a8:4d:80:40:c9:4d:d1:ee:0a:d8:a4:f2:1b:26:1f:93:be:
f7:54:3a:92:4e:bd:41:65:3c:be:3b:75:f7:10:e1:26:6a:4a:
c5:bc:8a:d5:5e:ac:f4:8a:15:14:f7:2c:9a:8d:56:6f:c7:b2:
43:ab:d8:ed:7c:dc:5b:62:60:87:08:0e:29:a7:cc:9a:d9:32:
c1:8a:8e:39:4a:d3:92:01:e3:85:27:98:cb:e6:9d:30:54:a9:
8e:7e:2a:79:7c:f7:37:bd:5a:19:7d:4a:29:fc:da:fe:30:21:
16:78:6a:18:6f:82:14:03:7e:95:a9:63:e8:0f:e0:8c:4b:52:
7d:e4:d0:b6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJHCn9s5/BdFsH9/2BJAMIXEMZGEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA1MTkxMDMwNDNaFw0yNjA1MTgxMDM1NDNaMDMxMTAvBgNV
BAMTKEQ0MDlBNTM2RTQ5MjFGOTNCNTc0RjY5M0RBOUE5QzUyMzlGMDU4RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDx5JDiPoaDTHcl6WoyOi8l8N35
IHhVWac7JvK1c6ldBI4hjWQBoXWFrlAxJiQ+3OuD/VYOl08SkcJd1s4LfXFqm5A4
jgklnhg0onL1pdK+XhHlVfT07mCtFStM8M2NAxgBHQ4RGldQtygXCSfRFE9FK/sf
tE24sLnMFp406yU8d+9piZoeo5U9rrDqSWlx/A2cP665Yzlu2cUk8FSZbvzcvyau
EAdJ4l19peSdPFkgQJL0VThXVW9hV9erERrvfGbE5rU3coOjhH/qMEc9rib9CMrQ
k4nJDvmhyvbcrsJjn0Sb5tIapA/gQMqvsviYeWWUn6tN0gAYSWGuVk6UkQ9PAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1AmlNuSSH5O1dPaT2pqcUjnwWOowHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzczODJlMzMzMTJlMzIzNDM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM4MzczMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Th/4MA0GCSqGSIb3DQEBCwUAA4IBAQAwFQgFge7V5qjdTYdedLW9yYef6E52Zy5P
GacOMYJofvEe0P4HghIfUHav5mYRQZeaHusDMDVCcZ2oCc4PWvJ63pVVJvKKNHrD
owlNl/av8kITFDKgKv/hl0NAyHFJO6U7l9OVzXDfwv8+x96u5L+LkOLrs6J3JEl/
TOA0ndFlqE2AQMlN0e4K2KTyGyYfk773VDqSTr1BZTy+O3X3EOEmakrFvIrVXqz0
ihUU9yyajVZvx7JDq9jtfNxbYmCHCA4pp8ya2TLBio45StOSAeOFJ5jL5p0wVKmO
fip5fPc3vVoZfUop/Nr+MCEWeGoYb4IUA36VqWPoD+CMS1J95NC2
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:12:20 2025 by rpki-client