Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139332e302f32342d3234203d3e2033333230.roa
File: 3137382e3133322e3139332e302f32342d3234203d3e2033333230.roa (raw, json)
Hash identifier: oI+z5B0JaicbPoA0ktNCShJBGRgRTGuhGcC7A8+Ru9U=
Subject key identifier: A9:16:6E:31:9A:BB:05:E5:D5:7A:28:05:A6:46:17:F9:AC:73:4B:39
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 0C8DBB210E6C7247667A3F169E7341B1FED5D070
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139332e302f32342d3234203d3e2033333230.roa
Signing time: Tue 08 Jul 2025 23:53:54 +0000
ROA not before: Tue 08 Jul 2025 23:48:54 +0000
ROA not after: Tue 07 Jul 2026 23:53:54 +0000
asID: 3320
IP address blocks: 178.132.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:8d:bb:21:0e:6c:72:47:66:7a:3f:16:9e:73:41:b1:fe:d5:d0:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jul 8 23:48:54 2025 GMT
Not After : Jul 7 23:53:54 2026 GMT
Subject: CN=A9166E319ABB05E5D57A2805A64617F9AC734B39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:70:b6:35:17:3b:0b:bf:27:cc:00:8a:d6:62:
7e:2d:e8:ed:1d:de:f5:fb:97:f4:2f:ef:a0:4d:cd:
35:17:c0:17:65:d9:4a:a1:5a:ef:3c:7a:b3:ba:2b:
0a:80:eb:9b:f5:25:f7:20:93:fb:0f:2e:56:46:69:
54:81:4b:99:29:02:2a:8a:8b:35:0b:f6:38:5a:41:
9b:8f:29:45:8c:e1:be:c2:8a:62:6c:d7:6c:1a:9e:
0d:ed:29:cc:3c:b1:3e:a4:a4:2e:9f:e8:ae:a8:76:
c8:09:48:88:83:65:3d:5d:52:2f:f9:8d:41:94:b4:
07:98:8f:7a:fd:e8:dd:77:8a:54:42:73:86:f6:cc:
48:95:36:24:c3:74:dc:fe:6d:42:7e:1e:f6:73:46:
0b:68:37:9f:19:9a:47:d3:18:a8:6c:f5:aa:42:38:
b9:9a:53:f2:b5:97:fa:b3:7c:81:5e:66:fb:11:dd:
60:eb:5b:03:9a:3f:90:21:9e:30:58:55:d9:8f:4d:
aa:95:8c:9c:a9:f8:95:ac:9b:9d:34:9a:b4:08:62:
69:04:d2:f8:d6:38:87:8a:84:20:f9:0a:11:d7:fd:
f9:3e:52:94:71:01:6c:0e:f9:ea:1d:60:37:fc:fe:
54:37:75:cc:b8:16:93:af:a1:14:03:c1:f3:95:e3:
ec:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:16:6E:31:9A:BB:05:E5:D5:7A:28:05:A6:46:17:F9:AC:73:4B:39
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139332e302f32342d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.193.0/24
Signature Algorithm: sha256WithRSAEncryption
19:b8:13:71:bd:8e:b2:68:56:4a:a1:72:3f:36:52:7b:fd:d1:
1c:d1:be:58:69:b7:9a:a6:aa:fa:1b:42:0b:b4:5e:f8:82:da:
d1:ba:6c:3d:ac:15:83:e1:0b:d3:e4:91:f0:12:58:68:7c:aa:
d6:2e:09:25:7f:2a:0b:e6:d1:2d:27:e3:f6:51:08:fe:4c:c8:
05:8f:1e:66:b1:16:a5:d8:69:31:42:88:2f:e4:1d:af:e4:84:
0a:72:b6:9c:1d:1b:ca:97:64:8d:80:7c:90:81:1a:f3:c8:8a:
f0:70:5a:e2:fd:54:a4:7c:0e:79:7c:95:a8:5c:26:55:08:03:
22:1f:58:b4:dd:7e:52:32:0d:da:ee:2f:d2:d3:6d:c0:f8:b3:
be:f8:e9:8a:d9:06:c2:3f:3b:48:47:5c:11:7c:c1:dd:e8:cc:
76:0d:68:70:73:fe:d0:1e:6a:9e:9c:51:de:56:73:d6:1e:a7:
a9:e2:66:e5:46:ef:23:e3:42:05:5a:57:3b:52:fe:3d:81:aa:
6d:fe:97:13:98:71:3b:da:5c:18:f8:f9:63:d2:a8:ce:91:12:
fd:86:a1:a8:b1:35:fe:57:a2:8c:2a:45:4e:28:d7:25:fa:ca:
16:68:b6:53:67:1c:0c:1e:34:88:ce:69:f5:bd:ca:c2:f4:63:
0f:bf:e9:90
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDI27IQ5sckdmej8WnnNBsf7V0HAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTA3MDgyMzQ4NTRaFw0yNjA3MDcyMzUzNTRaMDMxMTAvBgNV
BAMTKEE5MTY2RTMxOUFCQjA1RTVENTdBMjgwNUE2NDYxN0Y5QUM3MzRCMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChcLY1FzsLvyfMAIrWYn4t6O0d
3vX7l/Qv76BNzTUXwBdl2UqhWu88erO6KwqA65v1Jfcgk/sPLlZGaVSBS5kpAiqK
izUL9jhaQZuPKUWM4b7CimJs12wang3tKcw8sT6kpC6f6K6odsgJSIiDZT1dUi/5
jUGUtAeYj3r96N13ilRCc4b2zEiVNiTDdNz+bUJ+HvZzRgtoN58ZmkfTGKhs9apC
OLmaU/K1l/qzfIFeZvsR3WDrWwOaP5AhnjBYVdmPTaqVjJyp+JWsm500mrQIYmkE
0vjWOIeKhCD5ChHX/fk+UpRxAWwO+eodYDf8/lQ3dcy4FpOvoRQDwfOV4+yVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqRZuMZq7BeXVeigFpkYX+axzSzkwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
soTBMA0GCSqGSIb3DQEBCwUAA4IBAQAZuBNxvY6yaFZKoXI/NlJ7/dEc0b5Yabea
pqr6G0ILtF74gtrRumw9rBWD4QvT5JHwElhofKrWLgklfyoL5tEtJ+P2UQj+TMgF
jx5msRal2GkxQogv5B2v5IQKcracHRvKl2SNgHyQgRrzyIrwcFri/VSkfA55fJWo
XCZVCAMiH1i03X5SMg3a7i/S023A+LO++OmK2QbCPztIR1wRfMHd6Mx2DWhwc/7Q
HmqenFHeVnPWHqep4mblRu8j40IFWlc7Uv49gapt/pcTmHE72lwY+Plj0qjOkRL9
hqGosTX+V6KMKkVOKNcl+soWaLZTZxwMHjSIzmn1vcrC9GMPv+mQ
-----END CERTIFICATE-----
Generated at Mon Jul 21 06:54:20 2025 by rpki-client