Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3235312e302f32342d3234203d3e20333938373034.roa
File: 37382e33312e3235312e302f32342d3234203d3e20333938373034.roa (raw, json)
Hash identifier: tqH4DNqVPFu5KhRV8vMNlbComnPjRpNZODa9ZeqKsrU=
Subject key identifier: 9D:08:40:5A:BF:01:A4:9C:5D:E5:AB:27:54:1C:32:EE:48:8A:B7:9A
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 62CCD96755C70CA28616D31AE00512F7E33C6B69
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3235312e302f32342d3234203d3e20333938373034.roa
Signing time: Mon 19 May 2025 10:35:56 +0000
ROA not before: Mon 19 May 2025 10:30:56 +0000
ROA not after: Mon 18 May 2026 10:35:56 +0000
asID: 398704
IP address blocks: 78.31.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:cc:d9:67:55:c7:0c:a2:86:16:d3:1a:e0:05:12:f7:e3:3c:6b:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: May 19 10:30:56 2025 GMT
Not After : May 18 10:35:56 2026 GMT
Subject: CN=9D08405ABF01A49C5DE5AB27541C32EE488AB79A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a3:e9:79:4b:8b:d5:cf:d8:f7:51:14:5b:7a:
03:43:58:e1:0a:31:af:67:d9:01:66:bf:31:de:52:
a9:8b:13:58:e5:38:34:b7:88:f2:4b:c1:c9:86:af:
c7:78:29:b9:c3:48:c1:37:bf:bb:76:f1:61:57:0b:
32:5b:0a:41:2f:75:c2:21:0a:20:06:0a:d5:ef:48:
48:1e:c6:52:7e:73:23:e1:f2:e3:dd:2f:b7:6b:ca:
4c:8f:ea:78:dc:d3:07:6d:a7:0a:bc:5c:ae:ce:97:
54:69:a2:18:4b:fe:cb:bc:6b:12:38:02:1f:46:c8:
1d:56:c0:72:c8:87:69:8a:9b:75:5b:2a:9b:52:1d:
33:ab:21:b9:14:d4:6f:ac:80:9a:c7:85:0a:9c:64:
b7:6a:07:4b:8c:68:33:57:df:e0:cc:75:0e:4a:f8:
ca:fa:7d:fb:c4:51:26:0c:99:c7:9e:e3:aa:95:51:
87:45:6e:15:e6:29:4d:97:7c:83:d6:ea:2b:a4:c3:
59:ae:81:3c:d7:e5:16:e2:c4:bc:e7:83:e6:fc:cb:
80:3d:f8:1d:ff:50:9e:03:79:e6:3f:cf:dd:f2:c3:
fb:2f:fc:78:88:09:2d:10:9f:ac:f9:8b:da:ef:20:
9b:e2:e5:e5:94:ee:dc:4a:f4:58:db:41:ac:5f:89:
1c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:08:40:5A:BF:01:A4:9C:5D:E5:AB:27:54:1C:32:EE:48:8A:B7:9A
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3235312e302f32342d3234203d3e20333938373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.251.0/24
Signature Algorithm: sha256WithRSAEncryption
21:8a:e0:c1:7a:df:a0:1c:75:04:e1:dd:85:1f:35:c6:8c:54:
5d:6b:11:52:99:d8:5d:f5:aa:75:bd:f8:e2:61:56:6c:30:91:
ce:3e:26:7a:48:e5:4b:ae:44:69:62:9d:1f:8f:a5:40:77:f2:
bb:13:4d:35:7f:82:58:ee:58:cf:08:d7:8c:a0:19:1f:8e:21:
71:b6:c8:6d:c6:82:ec:b8:a3:1c:40:5e:73:1e:62:89:bc:90:
82:e0:03:34:7b:a8:7f:ac:48:c0:bc:dc:81:97:10:89:50:3d:
6a:b8:34:9e:c4:69:3a:96:c5:3a:ea:01:28:4e:3f:8f:33:69:
9f:2b:0a:d7:f8:70:ac:8e:32:92:c3:0d:5a:bd:b5:6a:a5:d3:
34:6a:59:10:e7:78:07:db:cf:ac:7f:01:1c:1b:2b:86:b2:40:
10:65:60:97:58:3d:d5:66:9b:10:ce:dc:c0:a4:d0:84:db:02:
92:d6:d8:6b:72:51:49:12:7f:43:aa:73:7d:b7:df:e0:ce:8e:
23:3d:26:86:d5:0b:d1:b7:59:38:32:64:d9:67:61:28:61:c6:
b2:a2:a3:5e:40:e9:a6:26:5a:55:f2:29:18:50:8d:3b:77:ba:
b4:02:83:80:10:46:14:97:77:55:e1:42:c0:c3:20:e7:ac:f6:
3e:30:b1:4a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYszZZ1XHDKKGFtMa4AUS9+M8a2kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA1MTkxMDMwNTZaFw0yNjA1MTgxMDM1NTZaMDMxMTAvBgNV
BAMTKDlEMDg0MDVBQkYwMUE0OUM1REU1QUIyNzU0MUMzMkVFNDg4QUI3OUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuo+l5S4vVz9j3URRbegNDWOEK
Ma9n2QFmvzHeUqmLE1jlODS3iPJLwcmGr8d4KbnDSME3v7t28WFXCzJbCkEvdcIh
CiAGCtXvSEgexlJ+cyPh8uPdL7drykyP6njc0wdtpwq8XK7Ol1RpohhL/su8axI4
Ah9GyB1WwHLIh2mKm3VbKptSHTOrIbkU1G+sgJrHhQqcZLdqB0uMaDNX3+DMdQ5K
+Mr6ffvEUSYMmcee46qVUYdFbhXmKU2XfIPW6iukw1mugTzX5RbixLzng+b8y4A9
+B3/UJ4DeeY/z93yw/sv/HiICS0Qn6z5i9rvIJvi5eWU7txK9FjbQaxfiRw9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnQhAWr8BpJxd5asnVBwy7kiKt5owHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzczODJlMzMzMTJlMzIzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM4MzczMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Th/7MA0GCSqGSIb3DQEBCwUAA4IBAQAhiuDBet+gHHUE4d2FHzXGjFRdaxFSmdhd
9ap1vfjiYVZsMJHOPiZ6SOVLrkRpYp0fj6VAd/K7E001f4JY7ljPCNeMoBkfjiFx
tshtxoLsuKMcQF5zHmKJvJCC4AM0e6h/rEjAvNyBlxCJUD1quDSexGk6lsU66gEo
Tj+PM2mfKwrX+HCsjjKSww1avbVqpdM0alkQ53gH28+sfwEcGyuGskAQZWCXWD3V
ZpsQztzApNCE2wKS1thrclFJEn9DqnN9t9/gzo4jPSaG1QvRt1k4MmTZZ2EoYcay
oqNeQOmmJlpV8ikYUI07d7q0AoOAEEYUl3dV4ULAwyDnrPY+MLFK
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:41:50 2025 by rpki-client