Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/322e35382e37342e302f32342d3234203d3e20323132323338.roa
File: 322e35382e37342e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: G5UBm3tFQ79skl/6j4smsd+ojHl4o88VVtoc8Ir+Tno=
Subject key identifier: 7A:9E:A5:1F:71:0F:B6:13:1E:D8:4F:28:80:A5:7D:30:C6:AC:21:6E
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 636EDCD546F1C418F0F07D2733073B001F54AE28
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/322e35382e37342e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 30 Jun 2025 21:29:48 +0000
ROA not before: Mon 30 Jun 2025 21:24:48 +0000
ROA not after: Mon 29 Jun 2026 21:29:48 +0000
asID: 212238
IP address blocks: 2.58.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:6e:dc:d5:46:f1:c4:18:f0:f0:7d:27:33:07:3b:00:1f:54:ae:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 30 21:24:48 2025 GMT
Not After : Jun 29 21:29:48 2026 GMT
Subject: CN=7A9EA51F710FB6131ED84F2880A57D30C6AC216E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ba:79:87:8e:14:73:3c:1e:f1:fe:36:d5:f8:
31:62:f2:b2:ac:47:cd:6c:0c:6a:bf:aa:5b:86:1b:
81:af:f7:f1:e9:f3:2f:08:5a:84:d6:a7:85:18:75:
7e:d5:30:ed:80:6b:13:54:c9:9d:ef:13:74:2a:5d:
84:b0:a5:25:71:5a:3e:2a:3b:aa:71:9f:d6:ad:99:
60:5f:73:d6:48:83:b8:5d:90:20:f6:b3:c6:6a:b5:
6a:d8:9b:ca:87:7d:15:bf:3e:91:dc:29:e5:7e:3d:
bb:5c:59:08:86:cc:f3:9e:8a:5e:9c:9e:2d:4b:45:
43:60:01:2a:86:26:bb:3a:a8:54:2e:3b:f3:09:c2:
1a:16:f1:46:a1:ee:c8:e4:3d:fd:03:b6:27:8f:2a:
7b:a2:d6:91:48:2d:08:fd:a5:a8:de:81:ad:18:08:
e8:8f:78:81:01:f8:f3:99:04:75:94:6d:fe:0c:27:
85:d9:30:52:dc:9a:7d:e1:61:21:2c:b2:65:3b:04:
29:09:da:80:fd:71:23:7b:d0:32:75:10:d7:a6:d4:
a0:e3:b2:26:b8:de:6b:0b:61:78:8a:b0:65:6a:32:
94:84:8f:7d:e2:7e:23:98:f9:1b:d1:0a:cb:3f:07:
0e:72:89:5e:ea:62:0e:cb:aa:f9:73:fe:54:c5:9b:
75:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9E:A5:1F:71:0F:B6:13:1E:D8:4F:28:80:A5:7D:30:C6:AC:21:6E
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/322e35382e37342e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.74.0/24
Signature Algorithm: sha256WithRSAEncryption
82:22:11:87:84:ec:4e:c5:69:02:ea:98:44:df:ed:5c:f5:ed:
d8:69:51:1a:40:1c:e5:ae:25:10:38:3a:f3:26:bd:18:6b:55:
e2:67:7d:b7:f1:ba:93:c0:63:b7:d7:a4:2c:8e:7e:3f:5f:a4:
bd:1a:d8:96:74:88:a7:41:53:a7:d1:49:3c:b4:e0:ed:50:f1:
73:26:e4:a9:03:da:95:c8:fb:8d:bf:c6:92:14:da:01:4d:92:
58:30:47:f5:98:6d:d8:f6:12:74:af:16:0b:cb:a7:e8:f4:31:
a4:cf:22:96:e4:7a:37:86:fb:2d:e9:b6:8c:ec:a3:f8:ec:63:
e2:e0:fc:1b:8d:95:9e:04:94:85:cc:84:37:de:dc:15:e0:bd:
c3:c9:2a:db:c9:af:cb:34:dd:3f:0e:99:03:3f:b7:55:60:bd:
75:ad:3d:9f:8a:dc:2d:84:69:5e:e9:a6:1f:fd:16:a2:6b:22:
fd:bd:c5:37:4d:c2:c6:c9:d4:54:5b:e8:e1:f7:fb:6d:52:ed:
e9:3c:59:76:c3:fe:1a:87:88:72:df:b0:42:cd:67:7e:6f:68:
b3:21:a5:22:24:9c:da:91:95:31:cd:81:09:dd:cd:5d:23:77:
29:f3:17:72:bb:63:9e:55:c6:d8:4c:83:3c:ea:97:b5:c3:c0:
3e:4f:ef:45
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUY27c1UbxxBjw8H0nMwc7AB9UrigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MzAyMTI0NDhaFw0yNjA2MjkyMTI5NDhaMDMxMTAvBgNV
BAMTKDdBOUVBNTFGNzEwRkI2MTMxRUQ4NEYyODgwQTU3RDMwQzZBQzIxNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVunmHjhRzPB7x/jbV+DFi8rKs
R81sDGq/qluGG4Gv9/Hp8y8IWoTWp4UYdX7VMO2AaxNUyZ3vE3QqXYSwpSVxWj4q
O6pxn9atmWBfc9ZIg7hdkCD2s8ZqtWrYm8qHfRW/PpHcKeV+PbtcWQiGzPOeil6c
ni1LRUNgASqGJrs6qFQuO/MJwhoW8Uah7sjkPf0DtiePKnui1pFILQj9pajega0Y
COiPeIEB+POZBHWUbf4MJ4XZMFLcmn3hYSEssmU7BCkJ2oD9cSN70DJ1ENem1KDj
sia43msLYXiKsGVqMpSEj33ifiOY+RvRCss/Bw5yiV7qYg7Lqvlz/lTFm3V1AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUep6lH3EPthMe2E8ogKV9MMasIW4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMjJlMzUzODJlMzcz
NDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AAI6SjANBgkqhkiG9w0BAQsFAAOCAQEAgiIRh4TsTsVpAuqYRN/tXPXt2GlRGkAc
5a4lEDg68ya9GGtV4md9t/G6k8Bjt9ekLI5+P1+kvRrYlnSIp0FTp9FJPLTg7VDx
cybkqQPalcj7jb/GkhTaAU2SWDBH9Zht2PYSdK8WC8un6PQxpM8iluR6N4b7Lem2
jOyj+Oxj4uD8G42VngSUhcyEN97cFeC9w8kq28mvyzTdPw6ZAz+3VWC9da09n4rc
LYRpXummH/0Womsi/b3FN03CxsnUVFvo4ff7bVLt6TxZdsP+GoeIct+wQs1nfm9o
syGlIiSc2pGVMc2BCd3NXSN3KfMXcrtjnlXG2EyDPOqXtcPAPk/vRQ==
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:30:17 2025 by rpki-client