Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132352e302f32342d3234203d3e20343031383338.roa
File: 37382e32342e3132352e302f32342d3234203d3e20343031383338.roa (raw, json)
Hash identifier: qgaqtIbvWlmZK0f99yeifoHSkIPhxGYhski+5gJ4Rv4=
Subject key identifier: 03:EA:BE:A4:0B:2A:72:08:AF:F8:AB:CC:0F:F2:6B:2A:4A:9F:05:CD
Certificate issuer: /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial: 32D2F7E56FCCB75000E5476BE01887513156FFF1
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132352e302f32342d3234203d3e20343031383338.roa
Signing time: Wed 13 Aug 2025 05:14:13 +0000
ROA not before: Wed 13 Aug 2025 05:09:13 +0000
ROA not after: Wed 12 Aug 2026 05:14:13 +0000
asID: 401838
IP address blocks: 78.24.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.mft
rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:d2:f7:e5:6f:cc:b7:50:00:e5:47:6b:e0:18:87:51:31:56:ff:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Validity
Not Before: Aug 13 05:09:13 2025 GMT
Not After : Aug 12 05:14:13 2026 GMT
Subject: CN=03EABEA40B2A7208AFF8ABCC0FF26B2A4A9F05CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:75:b2:09:43:2f:48:c1:6c:97:58:17:3e:81:
1e:3a:72:4d:c4:73:37:57:e5:46:67:6f:9c:ef:01:
83:51:79:ab:ff:68:45:0b:06:45:e1:80:93:b0:bd:
09:e3:aa:75:8a:c5:f1:ff:75:c4:76:8a:08:b7:32:
0a:df:98:79:77:21:6f:5c:92:b9:02:13:0d:38:bf:
66:4e:6b:7d:c6:f7:c9:f2:77:23:0f:12:8f:a9:98:
63:20:00:26:56:4a:a4:dc:14:57:9d:4a:70:dd:e8:
7b:de:2e:f0:b6:f8:fe:e4:33:17:e7:20:00:fb:77:
77:0e:1b:9b:cd:9a:0f:9e:02:12:9c:a9:da:51:81:
a6:21:a5:d4:04:dc:3d:a6:63:22:f0:5f:3c:5a:0d:
71:cb:d0:3c:ad:aa:fa:fa:01:49:d2:f2:88:61:66:
5e:75:63:2b:01:78:9b:18:67:ac:4e:3f:32:bc:11:
17:7e:e3:82:33:53:1f:58:f9:a9:c2:b9:ee:26:b1:
d3:b2:24:b1:35:65:07:04:9f:f0:37:be:09:2e:08:
f8:b6:39:89:2d:83:b0:ba:f1:27:6f:b7:de:da:4a:
78:7b:e8:01:96:37:c8:a3:8a:83:70:2c:b7:b3:4a:
20:5e:0e:db:10:ea:bd:fe:60:1c:3c:4d:7c:d5:e1:
fd:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:EA:BE:A4:0B:2A:72:08:AF:F8:AB:CC:0F:F2:6B:2A:4A:9F:05:CD
X509v3 Authority Key Identifier:
keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/37382e32342e3132352e302f32342d3234203d3e20343031383338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.125.0/24
Signature Algorithm: sha256WithRSAEncryption
17:06:9f:65:5c:fb:af:44:7a:ee:09:32:f1:fc:c9:ed:bc:79:
f9:46:d5:08:b0:ff:24:d7:40:0a:2c:d4:58:e5:a5:38:c0:b8:
d4:15:49:6b:dc:3e:41:5f:27:98:88:16:cc:e5:26:fc:9e:61:
a6:bb:d9:15:cb:7c:20:aa:bd:35:86:3c:4c:9b:41:bb:5b:87:
5c:00:e0:a8:25:1e:48:45:cb:32:62:0e:3c:10:7c:eb:89:8d:
e8:5a:05:5c:5f:ac:c1:f0:33:e4:a6:4a:bc:0a:14:a6:00:43:
71:83:5c:46:b5:21:1b:e6:43:76:09:e0:b6:82:12:45:38:9c:
49:e8:11:dd:4d:ed:70:e4:70:66:33:31:b9:c8:da:fa:d2:68:
a0:2c:f5:2c:af:96:a7:f7:8b:72:d7:62:2b:22:65:e4:69:a0:
63:33:e0:12:e9:6e:06:ee:74:e5:e4:e6:79:d6:45:da:b3:62:
75:3c:b5:5c:bf:15:83:2f:14:c5:2a:a4:bb:84:b5:b4:3b:c0:
20:ec:f4:6f:db:60:ef:42:b0:54:3b:85:a5:cb:2d:8b:d2:cd:
6b:6a:72:16:ed:3c:62:f0:e4:c7:36:21:66:c8:b4:a3:c4:f6:
54:fe:3b:e1:af:4a:89:64:2a:8c:b5:ec:0b:e3:0e:30:e6:66:
34:75:ab:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMtL35W/Mt1AA5Udr4BiHUTFW//EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yNTA4MTMwNTA5MTNaFw0yNjA4MTIwNTE0MTNaMDMxMTAvBgNV
BAMTKDAzRUFCRUE0MEIyQTcyMDhBRkY4QUJDQzBGRjI2QjJBNEE5RjA1Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCudbIJQy9IwWyXWBc+gR46ck3E
czdX5UZnb5zvAYNReav/aEULBkXhgJOwvQnjqnWKxfH/dcR2igi3MgrfmHl3IW9c
krkCEw04v2ZOa33G98nydyMPEo+pmGMgACZWSqTcFFedSnDd6HveLvC2+P7kMxfn
IAD7d3cOG5vNmg+eAhKcqdpRgaYhpdQE3D2mYyLwXzxaDXHL0Dytqvr6AUnS8ohh
Zl51YysBeJsYZ6xOPzK8ERd+44IzUx9Y+anCue4msdOyJLE1ZQcEn/A3vgkuCPi2
OYktg7C68Sdvt97aSnh76AGWN8ijioNwLLezSiBeDtsQ6r3+YBw8TXzV4f1lAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUA+q+pAsqcgiv+KvMD/JrKkqfBc0wHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzczODJlMzIzNDJlMzEzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMxMzgzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Thh9MA0GCSqGSIb3DQEBCwUAA4IBAQAXBp9lXPuvRHruCTLx/MntvHn5RtUIsP8k
10AKLNRY5aU4wLjUFUlr3D5BXyeYiBbM5Sb8nmGmu9kVy3wgqr01hjxMm0G7W4dc
AOCoJR5IRcsyYg48EHzriY3oWgVcX6zB8DPkpkq8ChSmAENxg1xGtSEb5kN2CeC2
ghJFOJxJ6BHdTe1w5HBmMzG5yNr60migLPUsr5an94ty12IrImXkaaBjM+AS6W4G
7nTl5OZ51kXas2J1PLVcvxWDLxTFKqS7hLW0O8Ag7PRv22DvQrBUO4Wlyy2L0s1r
anIW7Txi8OTHNiFmyLSjxPZU/jvhr0qJZCqMtewL4w4w5mY0dav7
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:00:22 2025 by rpki-client