Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132322e302f32342d3234203d3e20343031383338.roa
File: 37382e32342e3132322e302f32342d3234203d3e20343031383338.roa (raw, json)
Hash identifier: QSDJ1+8SgpwSggscxtnEW0fE8nG/Mt5ZyXJ/C5BJhqQ=
Subject key identifier: 1B:BB:73:39:E5:63:79:54:6C:65:39:C4:B9:67:4D:B1:E2:B2:71:F8
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 3A4A2EAF05E54812090DC8D5C9F1C61968DD2A5D
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132322e302f32342d3234203d3e20343031383338.roa
Signing time: Wed 13 Aug 2025 05:14:23 +0000
ROA not before: Wed 13 Aug 2025 05:09:23 +0000
ROA not after: Wed 12 Aug 2026 05:14:23 +0000
asID: 401838
IP address blocks: 78.24.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:4a:2e:af:05:e5:48:12:09:0d:c8:d5:c9:f1:c6:19:68:dd:2a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Aug 13 05:09:23 2025 GMT
Not After : Aug 12 05:14:23 2026 GMT
Subject: CN=1BBB7339E56379546C6539C4B9674DB1E2B271F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:96:69:00:9d:9f:31:c2:25:9e:45:ed:09:ee:
65:92:a6:1b:75:ff:12:7d:45:5f:e8:79:48:c9:1b:
d0:4c:c5:5e:06:70:dd:50:fe:00:81:50:3d:6f:ec:
71:70:28:b1:11:2b:ed:5e:91:f0:10:f2:9a:74:48:
80:be:13:03:9d:60:9f:51:df:6f:cc:ab:11:a0:e1:
dc:c1:a4:6d:12:a5:5b:2f:a2:54:5b:d2:d8:30:37:
6d:0f:ec:36:52:98:08:ec:9a:80:dc:17:68:ec:f5:
bd:d2:12:37:d9:c2:c8:d3:0c:af:cf:20:50:b7:b4:
ac:9b:d2:1b:4b:ed:37:b4:83:40:4a:9d:fb:e6:64:
f6:b1:c4:60:f9:44:d8:c2:d3:cc:6c:88:da:75:3f:
cf:20:ec:22:fc:6b:72:6a:9a:b9:6c:1f:da:71:76:
37:01:eb:ad:69:22:c2:fc:0c:d4:81:55:d1:9c:3a:
52:bd:68:9a:67:08:00:a3:62:21:06:9a:1c:63:9b:
39:a4:43:3c:29:8d:4f:60:6e:7d:88:e6:e4:c2:63:
3e:37:b5:19:a3:0a:0f:fd:ad:a8:71:25:2b:a9:ad:
72:49:63:3d:77:3d:f7:7a:d8:31:f0:39:ae:9a:5a:
f4:2a:05:ee:b6:23:0f:50:07:a7:44:17:fc:38:9a:
76:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:BB:73:39:E5:63:79:54:6C:65:39:C4:B9:67:4D:B1:E2:B2:71:F8
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132322e302f32342d3234203d3e20343031383338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.122.0/24
Signature Algorithm: sha256WithRSAEncryption
60:f9:11:b2:7b:a4:cf:7c:a5:cd:09:c6:56:81:d8:1c:fa:46:
3d:65:a6:31:00:07:69:0f:08:b1:b5:62:82:6c:68:d8:48:cd:
1c:c0:70:4b:68:c9:7f:19:66:53:e0:43:2b:cc:80:f7:3d:9d:
01:81:2c:d2:5c:e7:5c:d6:ac:14:7e:c3:8b:01:a5:97:af:28:
f8:07:2d:36:8e:c1:2a:13:f9:94:2b:fe:2e:e6:bd:b2:2f:40:
2f:3b:35:02:84:d7:a2:20:34:47:ae:73:16:8e:14:bc:0f:19:
c5:80:da:3a:ff:17:a5:79:03:b4:26:87:3e:ae:94:46:78:70:
70:9a:6e:87:92:2a:d2:ce:44:16:d5:05:c2:74:5f:04:35:a8:
65:fb:68:10:c9:2d:f4:0e:e6:c0:cf:56:3d:f8:6a:3a:c2:f3:
45:92:b3:59:58:b1:28:ad:23:8a:fa:1e:f6:85:a6:5b:e6:11:
7f:87:2b:c6:f7:e5:1d:e2:62:67:bc:dd:2f:22:4c:f4:8d:b9:
5c:60:cc:c9:8f:77:ef:d9:17:d5:f2:0b:d9:9c:6f:bc:06:a6:
2b:a7:63:dd:56:7d:f4:9e:8a:53:f8:15:a0:44:44:ea:43:7b:
9b:ef:cb:7f:6a:8e:f0:f9:ef:51:31:37:06:57:89:9b:99:e1:
5f:e5:1b:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOkourwXlSBIJDcjVyfHGGWjdKl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yNTA4MTMwNTA5MjNaFw0yNjA4MTIwNTE0MjNaMDMxMTAvBgNV
BAMTKDFCQkI3MzM5RTU2Mzc5NTQ2QzY1MzlDNEI5Njc0REIxRTJCMjcxRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDblmkAnZ8xwiWeRe0J7mWSpht1
/xJ9RV/oeUjJG9BMxV4GcN1Q/gCBUD1v7HFwKLERK+1ekfAQ8pp0SIC+EwOdYJ9R
32/MqxGg4dzBpG0SpVsvolRb0tgwN20P7DZSmAjsmoDcF2js9b3SEjfZwsjTDK/P
IFC3tKyb0htL7Te0g0BKnfvmZPaxxGD5RNjC08xsiNp1P88g7CL8a3JqmrlsH9px
djcB661pIsL8DNSBVdGcOlK9aJpnCACjYiEGmhxjmzmkQzwpjU9gbn2I5uTCYz43
tRmjCg/9rahxJSuprXJJYz13Pfd62DHwOa6aWvQqBe62Iw9QB6dEF/w4mnaVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUG7tzOeVjeVRsZTnEuWdNseKycfgwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzczODJlMzIzNDJlMzEzMjMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMxMzgzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Thh6MA0GCSqGSIb3DQEBCwUAA4IBAQBg+RGye6TPfKXNCcZWgdgc+kY9ZaYxAAdp
DwixtWKCbGjYSM0cwHBLaMl/GWZT4EMrzID3PZ0BgSzSXOdc1qwUfsOLAaWXryj4
By02jsEqE/mUK/4u5r2yL0AvOzUChNeiIDRHrnMWjhS8DxnFgNo6/xeleQO0Joc+
rpRGeHBwmm6HkirSzkQW1QXCdF8ENahl+2gQyS30DubAz1Y9+Go6wvNFkrNZWLEo
rSOK+h72haZb5hF/hyvG9+Ud4mJnvN0vIkz0jblcYMzJj3fv2RfV8gvZnG+8BqYr
p2PdVn30nopT+BWgRETqQ3ub78t/ao7w+e9RMTcGV4mbmeFf5Rs5
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:58:53 2025 by rpki-client