Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132332e302f32342d3234203d3e20343031383338.roa
File: 37382e32342e3132332e302f32342d3234203d3e20343031383338.roa (raw, json)
Hash identifier: XbX1Gid500oTFj6vAef29FZUEz5FTkMATGNQOQiD6pY=
Subject key identifier: E3:C6:5B:F9:19:AE:03:43:11:18:A8:BB:27:AA:01:55:58:C3:DA:54
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 3B918BA423297CA3F4D2A4CC3808EF44B60C490B
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132332e302f32342d3234203d3e20343031383338.roa
Signing time: Wed 13 Aug 2025 05:14:12 +0000
ROA not before: Wed 13 Aug 2025 05:09:12 +0000
ROA not after: Wed 12 Aug 2026 05:14:12 +0000
asID: 401838
IP address blocks: 78.24.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:91:8b:a4:23:29:7c:a3:f4:d2:a4:cc:38:08:ef:44:b6:0c:49:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Aug 13 05:09:12 2025 GMT
Not After : Aug 12 05:14:12 2026 GMT
Subject: CN=E3C65BF919AE03431118A8BB27AA015558C3DA54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8e:f2:a7:15:9e:52:50:a9:e8:5d:75:a0:e5:
84:b0:81:8a:40:30:35:cb:62:b8:12:9c:f7:b1:54:
79:b9:39:4f:05:df:b3:1f:3f:b0:db:dc:5e:54:74:
2f:54:4b:1b:71:07:93:ea:cc:27:9e:6c:d2:39:42:
a8:38:24:8c:04:23:cb:d2:a7:f1:74:b7:fd:58:2b:
a0:fc:45:f7:b5:46:b5:22:3c:23:e3:97:cc:62:af:
79:a1:6f:8a:af:1f:c9:89:ad:03:1e:26:2b:6e:1c:
4c:a5:af:a3:06:54:8e:b1:68:6d:31:1d:81:e0:f7:
ce:10:89:d8:86:c2:6f:69:97:50:54:8a:d8:b4:0e:
01:a6:8f:d4:ac:f7:aa:d9:88:e6:c8:25:9f:76:9f:
67:8e:58:97:cf:a3:66:90:88:6d:53:c5:af:f5:d1:
51:6a:32:7b:42:34:2d:f4:ff:4f:cc:31:ee:69:8f:
02:03:86:15:54:77:c1:97:85:5f:60:54:2b:df:8d:
b3:38:ae:2f:ed:db:e5:ba:74:66:ba:55:12:d3:fe:
ee:0d:4d:1f:c6:10:bb:11:b5:65:80:ef:bd:29:b7:
89:b0:f1:07:9c:1d:ad:e4:d6:9c:8b:fe:ea:8d:54:
4e:a5:54:dd:09:08:c6:af:47:d7:db:b4:d1:cf:12:
91:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C6:5B:F9:19:AE:03:43:11:18:A8:BB:27:AA:01:55:58:C3:DA:54
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132332e302f32342d3234203d3e20343031383338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.123.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:fe:04:e7:be:20:d4:b4:f7:8d:e5:01:27:c5:f8:16:1e:4f:
4d:62:d6:ae:70:69:78:1e:7d:9f:d9:de:20:92:9b:33:3b:cc:
87:74:ad:6a:81:63:ef:99:6a:43:2b:f5:0b:d4:65:a6:e7:88:
96:85:2c:05:2d:35:8a:75:33:ed:01:fc:48:d8:4a:81:f5:75:
1e:7b:bf:e2:e5:74:e6:40:3b:e5:51:63:5a:5d:51:6f:7c:f2:
f7:01:93:63:b7:58:a0:02:cc:81:e4:17:22:b1:e5:d7:4d:4c:
6a:27:1b:fb:0f:3f:49:ba:12:24:c0:43:08:6b:72:b3:a6:e6:
0f:cf:ef:c3:b6:33:22:bd:dd:81:b5:ba:7e:e1:59:1c:2e:56:
cd:20:27:7d:2c:99:f6:46:10:af:9f:74:e8:63:7a:00:30:fc:
1a:e9:f3:c2:24:01:2e:81:a9:0d:7e:6d:3f:5d:18:6b:19:23:
b3:a6:b9:d5:f2:3c:0a:07:4f:66:71:2a:77:18:3e:47:21:36:
3e:cb:4f:40:69:24:0b:c9:74:47:a6:d3:25:34:ac:78:c9:e5:
00:6b:ba:f1:71:43:01:5d:2d:49:1f:e4:96:2b:d4:7c:20:ec:
79:5a:c7:b6:62:ce:8b:01:fe:f5:ed:bc:02:37:a9:f7:86:2e:
18:6e:53:fc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUO5GLpCMpfKP00qTMOAjvRLYMSQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yNTA4MTMwNTA5MTJaFw0yNjA4MTIwNTE0MTJaMDMxMTAvBgNV
BAMTKEUzQzY1QkY5MTlBRTAzNDMxMTE4QThCQjI3QUEwMTU1NThDM0RBNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0jvKnFZ5SUKnoXXWg5YSwgYpA
MDXLYrgSnPexVHm5OU8F37MfP7Db3F5UdC9USxtxB5PqzCeebNI5Qqg4JIwEI8vS
p/F0t/1YK6D8Rfe1RrUiPCPjl8xir3mhb4qvH8mJrQMeJituHEylr6MGVI6xaG0x
HYHg984QidiGwm9pl1BUiti0DgGmj9Ss96rZiObIJZ92n2eOWJfPo2aQiG1Txa/1
0VFqMntCNC30/0/MMe5pjwIDhhVUd8GXhV9gVCvfjbM4ri/t2+W6dGa6VRLT/u4N
TR/GELsRtWWA770pt4mw8QecHa3k1pyL/uqNVE6lVN0JCMavR9fbtNHPEpHnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU48Zb+RmuA0MRGKi7J6oBVVjD2lQwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzczODJlMzIzNDJlMzEzMjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMxMzgzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Thh7MA0GCSqGSIb3DQEBCwUAA4IBAQAa/gTnviDUtPeN5QEnxfgWHk9NYtaucGl4
Hn2f2d4gkpszO8yHdK1qgWPvmWpDK/UL1GWm54iWhSwFLTWKdTPtAfxI2EqB9XUe
e7/i5XTmQDvlUWNaXVFvfPL3AZNjt1igAsyB5BciseXXTUxqJxv7Dz9JuhIkwEMI
a3KzpuYPz+/DtjMivd2Btbp+4VkcLlbNICd9LJn2RhCvn3ToY3oAMPwa6fPCJAEu
gakNfm0/XRhrGSOzprnV8jwKB09mcSp3GD5HITY+y09AaSQLyXRHptMlNKx4yeUA
a7rxcUMBXS1JH+SWK9R8IOx5Wse2Ys6LAf717bwCN6n3hi4YblP8
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:58:40 2025 by rpki-client