Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134392e36322e33362e302f32342d3234203d3e203239383032.roa
File: 3134392e36322e33362e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: nEasXk5UaO0mifUSeEzdy86UdBebgPALn5oy7oBHR6I=
Subject key identifier: 85:4E:A1:2E:05:71:3F:D9:7A:38:F1:72:74:C7:68:BD:8B:A3:60:55
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 01A0E98596E161D6DED1959791FD198969E6EAFD
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134392e36322e33362e302f32342d3234203d3e203239383032.roa
Signing time: Wed 02 Jul 2025 17:59:57 +0000
ROA not before: Wed 02 Jul 2025 17:54:57 +0000
ROA not after: Wed 01 Jul 2026 17:59:57 +0000
asID: 29802
IP address blocks: 149.62.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Jul 2025 12:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:a0:e9:85:96:e1:61:d6:de:d1:95:97:91:fd:19:89:69:e6:ea:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jul 2 17:54:57 2025 GMT
Not After : Jul 1 17:59:57 2026 GMT
Subject: CN=854EA12E05713FD97A38F17274C768BD8BA36055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4e:2d:05:01:96:91:80:47:39:8c:8d:5f:9a:
b9:aa:3c:5a:99:09:9d:3f:60:fa:25:2f:1f:eb:28:
b1:18:8f:7d:73:c7:ae:af:a7:53:23:58:87:6f:41:
67:40:d8:e9:49:f3:00:0c:f5:5b:70:c5:92:b5:1c:
20:17:02:80:bd:14:b4:61:5a:76:c6:89:34:c0:9b:
fb:7f:ca:32:53:67:f5:dc:d4:71:5f:2b:69:14:33:
0f:f7:52:34:b9:fb:6d:74:38:f3:7c:d6:a9:03:91:
a6:42:24:4f:3b:ce:e1:6f:ed:86:ab:82:94:cb:42:
c9:93:a5:39:83:b9:64:1f:bc:0a:1c:11:b5:a0:a7:
73:8f:f4:37:2f:da:bf:e0:89:0c:0f:02:58:14:ec:
b7:77:2b:5c:ac:21:a0:58:e8:11:3f:02:57:78:01:
ca:33:2c:28:19:2a:ee:28:81:9a:b5:e1:63:df:d5:
b7:f9:ef:9a:16:e4:4d:fa:aa:ff:be:b3:b4:3e:de:
4a:f2:90:38:4a:78:60:8b:80:c3:6c:a4:82:b7:b0:
15:54:ff:4d:75:7f:1e:3a:73:f1:bb:fb:f3:46:97:
c3:fa:86:e0:53:49:10:47:a0:e8:6d:d1:3a:9d:02:
24:69:8e:bf:ff:96:99:d8:69:98:62:a3:16:79:fb:
4a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4E:A1:2E:05:71:3F:D9:7A:38:F1:72:74:C7:68:BD:8B:A3:60:55
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134392e36322e33362e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.36.0/24
Signature Algorithm: sha256WithRSAEncryption
52:84:e9:22:2c:d9:f0:74:72:21:71:67:be:b6:c8:b1:0c:fe:
76:24:53:12:80:6a:5f:98:e3:3c:a2:8c:4a:25:9e:88:52:da:
f0:e1:7a:c3:0c:98:89:e5:71:15:ca:c3:ea:10:f4:0b:3f:39:
3b:d5:98:84:56:a8:06:4f:05:97:95:2e:22:dd:0f:89:d6:e9:
8e:0a:ff:9e:04:20:70:b9:81:d5:0f:15:88:52:33:c3:fc:ee:
76:54:f4:b5:11:c3:94:f1:4a:25:81:79:27:69:7c:a2:79:96:
5b:a0:b3:fd:ff:01:77:bf:10:d0:80:11:ff:5e:eb:81:23:9f:
fe:1a:7f:4b:7e:3f:64:2e:c7:ff:af:3d:e1:54:48:5e:59:f1:
5b:3f:4a:aa:74:ff:56:8a:78:0c:0f:29:c6:52:32:b5:03:26:
49:ec:1d:26:f3:84:2e:d1:84:27:50:95:04:eb:e3:fd:03:b5:
ce:66:62:46:2c:ec:10:58:e9:6b:8e:54:99:7f:e1:fc:c4:1e:
4f:c4:2d:66:e1:87:84:b2:34:b5:8c:2c:81:8c:cd:ad:ba:e2:
12:df:15:b5:4e:24:9a:e7:ec:c6:85:64:2b:20:98:a2:0d:dc:
42:60:66:eb:3b:80:2b:ab:71:4c:4c:1a:48:0f:fd:4f:7e:b7:
59:2e:88:64
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUAaDphZbhYdbe0ZWXkf0ZiWnm6v0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA3MDIxNzU0NTdaFw0yNjA3MDExNzU5NTdaMDMxMTAvBgNV
BAMTKDg1NEVBMTJFMDU3MTNGRDk3QTM4RjE3Mjc0Qzc2OEJEOEJBMzYwNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDATi0FAZaRgEc5jI1fmrmqPFqZ
CZ0/YPolLx/rKLEYj31zx66vp1MjWIdvQWdA2OlJ8wAM9VtwxZK1HCAXAoC9FLRh
WnbGiTTAm/t/yjJTZ/Xc1HFfK2kUMw/3UjS5+210OPN81qkDkaZCJE87zuFv7Yar
gpTLQsmTpTmDuWQfvAocEbWgp3OP9Dcv2r/giQwPAlgU7Ld3K1ysIaBY6BE/Ald4
AcozLCgZKu4ogZq14WPf1bf575oW5E36qv++s7Q+3krykDhKeGCLgMNspIK3sBVU
/011fx46c/G7+/NGl8P6huBTSRBHoOht0TqdAiRpjr//lpnYaZhioxZ5+0o3AgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUhU6hLgVxP9l6OPFydMdovYujYFUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM0MzkyZTM2MzIy
ZTMzMzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAlT4kMA0GCSqGSIb3DQEBCwUAA4IBAQBShOkiLNnwdHIhcWe+tsixDP52JFMS
gGpfmOM8ooxKJZ6IUtrw4XrDDJiJ5XEVysPqEPQLPzk71ZiEVqgGTwWXlS4i3Q+J
1umOCv+eBCBwuYHVDxWIUjPD/O52VPS1EcOU8UolgXknaXyieZZboLP9/wF3vxDQ
gBH/XuuBI5/+Gn9Lfj9kLsf/rz3hVEheWfFbP0qqdP9WingMDynGUjK1AyZJ7B0m
84Qu0YQnUJUE6+P9A7XOZmJGLOwQWOlrjlSZf+H8xB5PxC1m4YeEsjS1jCyBjM2t
uuIS3xW1TiSa5+zGhWQrIJiiDdxCYGbrO4Arq3FMTBpID/1PfrdZLohk
-----END CERTIFICATE-----
Generated at Mon Jul 7 03:42:18 2025 by rpki-client