Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234392e302f32342d3234203d3e20333938373034.roa
File: 37382e33312e3234392e302f32342d3234203d3e20333938373034.roa (raw, json)
Hash identifier: tF0G2c0yHA4ssXiHhfy9UWXwCsVULgWTaKRODFGVk0o=
Subject key identifier: D0:1A:16:5F:B9:CD:D8:AF:8E:36:69:98:B1:6D:14:09:EE:8D:49:03
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 3882881855FF88AE99C19F3569DD432DA02209F8
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234392e302f32342d3234203d3e20333938373034.roa
Signing time: Mon 19 May 2025 10:35:50 +0000
ROA not before: Mon 19 May 2025 10:30:50 +0000
ROA not after: Mon 18 May 2026 10:35:50 +0000
asID: 398704
IP address blocks: 78.31.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:82:88:18:55:ff:88:ae:99:c1:9f:35:69:dd:43:2d:a0:22:09:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 19 10:30:50 2025 GMT
Not After : May 18 10:35:50 2026 GMT
Subject: CN=D01A165FB9CDD8AF8E366998B16D1409EE8D4903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fe:7e:b7:c3:17:45:b8:0c:cd:00:ac:b8:5c:
3e:cf:c1:f0:1c:64:bc:ca:9f:91:a3:7c:cf:f1:e9:
6a:cc:6e:40:13:9d:38:c4:31:eb:dc:62:fe:7b:a4:
8b:40:2a:17:cc:a3:61:9c:cf:2e:4b:c4:7a:2f:b7:
6a:cc:70:1c:ca:a0:21:68:f7:87:e5:5e:11:1f:59:
c1:45:7b:88:d9:cd:79:72:eb:96:3a:37:dc:8b:47:
fb:98:6e:45:6d:21:e6:a0:ce:6d:06:07:c9:15:dc:
34:4c:81:95:ae:29:25:7d:51:77:c7:69:03:86:73:
2f:a7:03:8d:c7:c1:36:44:f3:bd:ea:73:de:61:4d:
87:37:ae:3a:3a:2a:7c:c6:6f:48:1b:a5:db:e2:93:
29:ff:ab:f2:97:56:2d:53:dd:f9:fe:82:ac:84:b8:
4e:fc:e3:02:a2:e9:93:f8:78:79:08:39:56:c6:2c:
5e:d9:d6:55:e4:86:14:b0:18:ac:be:62:07:0a:e3:
7b:cd:62:a5:29:41:95:bc:c5:cc:4e:e3:02:3b:ff:
3e:53:bd:1d:a7:10:61:13:83:8c:4b:0d:35:6e:5e:
6e:42:c9:e2:3a:3c:ad:1f:dd:81:41:04:7f:8f:45:
47:23:c8:52:2f:9a:de:9f:6f:1d:98:2b:c6:d8:2b:
14:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1A:16:5F:B9:CD:D8:AF:8E:36:69:98:B1:6D:14:09:EE:8D:49:03
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234392e302f32342d3234203d3e20333938373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:f4:2f:c7:d7:62:14:f4:70:29:48:d6:1b:dc:7b:be:ab:3a:
14:43:be:be:39:cf:89:70:a6:55:a7:d9:05:c1:af:8e:a7:42:
7a:c9:9c:c9:00:51:c6:27:4a:fb:c3:29:6a:b0:37:5a:25:dd:
b4:12:75:05:10:b2:45:a6:6e:05:b5:f9:58:68:26:f4:84:8f:
8e:31:64:3c:f6:0b:85:74:3f:35:d1:cf:a5:0b:f1:f0:c3:f0:
c0:5f:a7:73:c4:75:49:6f:c8:80:de:70:46:b7:44:ca:62:db:
a7:28:19:df:d6:f1:91:0c:9e:cc:8d:f0:7c:ec:30:e6:df:99:
b7:67:cd:7f:e2:cc:30:5d:76:f3:76:5d:17:b1:8c:75:d4:2e:
61:e6:03:6b:55:2b:8d:38:2a:3d:92:f8:b0:8f:04:9a:96:db:
49:6e:f3:82:44:cd:d9:b5:de:52:76:6a:fa:ee:22:a2:66:2d:
b2:8f:ae:43:d9:c0:3f:33:0a:92:5a:66:f5:29:60:34:e1:ab:
bc:07:6c:c8:97:e4:7d:3c:db:64:d4:00:f3:db:62:3a:a7:3d:
10:96:40:e8:69:5f:8c:6f:2b:ef:b0:50:9a:bf:f1:1f:10:60:
b0:56:0a:7c:ad:6d:b6:ab:a4:36:2a:ce:2e:ca:e8:a3:c4:c4:
04:60:38:94
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOIKIGFX/iK6ZwZ81ad1DLaAiCfgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA1MTkxMDMwNTBaFw0yNjA1MTgxMDM1NTBaMDMxMTAvBgNV
BAMTKEQwMUExNjVGQjlDREQ4QUY4RTM2Njk5OEIxNkQxNDA5RUU4RDQ5MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDr/n63wxdFuAzNAKy4XD7PwfAc
ZLzKn5GjfM/x6WrMbkATnTjEMevcYv57pItAKhfMo2Gczy5LxHovt2rMcBzKoCFo
94flXhEfWcFFe4jZzXly65Y6N9yLR/uYbkVtIeagzm0GB8kV3DRMgZWuKSV9UXfH
aQOGcy+nA43HwTZE873qc95hTYc3rjo6KnzGb0gbpdvikyn/q/KXVi1T3fn+gqyE
uE784wKi6ZP4eHkIOVbGLF7Z1lXkhhSwGKy+YgcK43vNYqUpQZW8xcxO4wI7/z5T
vR2nEGETg4xLDTVuXm5CyeI6PK0f3YFBBH+PRUcjyFIvmt6fbx2YK8bYKxS3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0BoWX7nN2K+ONmmYsW0UCe6NSQMwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzczODJlMzMzMTJlMzIzNDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM4MzczMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Th/5MA0GCSqGSIb3DQEBCwUAA4IBAQB99C/H12IU9HApSNYb3Hu+qzoUQ76+Oc+J
cKZVp9kFwa+Op0J6yZzJAFHGJ0r7wylqsDdaJd20EnUFELJFpm4FtflYaCb0hI+O
MWQ89guFdD810c+lC/Hww/DAX6dzxHVJb8iA3nBGt0TKYtunKBnf1vGRDJ7MjfB8
7DDm35m3Z81/4swwXXbzdl0XsYx11C5h5gNrVSuNOCo9kviwjwSalttJbvOCRM3Z
td5Sdmr67iKiZi2yj65D2cA/MwqSWmb1KWA04au8B2zIl+R9PNtk1ADz22I6pz0Q
lkDoaV+MbyvvsFCav/EfEGCwVgp8rW22q6Q2Ks4uyuijxMQEYDiU
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:35:42 2025 by rpki-client