Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139322e302f32342d3234203d3e203134363138.roa
File: 3137382e3133322e3139322e302f32342d3234203d3e203134363138.roa (raw, json)
Hash identifier: UgtgsSF4DmUx+FqAs5WV6TWI9fyKhqfkEeJgaHpzYEc=
Subject key identifier: C8:99:E7:D9:83:C0:2E:DD:1A:03:97:7A:16:17:4E:4F:0D:F9:46:DE
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 13CD247FF9BD3EE395CCFAFABC9AD30457BE7D9D
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139322e302f32342d3234203d3e203134363138.roa
Signing time: Wed 12 Mar 2025 05:23:19 +0000
ROA not before: Wed 12 Mar 2025 05:18:19 +0000
ROA not after: Wed 11 Mar 2026 05:23:19 +0000
asID: 14618
IP address blocks: 178.132.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 08:16:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:cd:24:7f:f9:bd:3e:e3:95:cc:fa:fa:bc:9a:d3:04:57:be:7d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Mar 12 05:18:19 2025 GMT
Not After : Mar 11 05:23:19 2026 GMT
Subject: CN=C899E7D983C02EDD1A03977A16174E4F0DF946DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f4:85:40:e7:e0:dd:b9:4b:f5:80:5d:c4:67:
e1:2f:9d:9c:5a:3e:20:c0:37:5a:73:fe:27:c2:ea:
a9:07:e0:ca:25:fb:6b:69:8d:50:55:f4:0b:85:e5:
85:bd:71:db:14:c0:69:e3:79:6e:cc:4a:bf:8e:08:
47:b0:c6:04:44:9a:8d:40:05:99:b9:dc:d2:42:79:
0e:5e:a7:91:70:06:06:60:01:35:28:10:5e:2f:2a:
46:f3:ec:fc:90:83:52:85:c2:c2:3c:d4:e5:c8:3a:
ac:64:2d:5e:98:7d:79:51:64:e4:cc:ec:0f:72:7a:
15:a6:57:f5:d1:0a:f7:31:f1:87:aa:c4:1f:ec:ef:
9e:c5:aa:46:f9:31:01:a6:1e:e4:64:08:11:1c:da:
7f:98:a4:e4:47:f6:22:e6:8b:09:01:ba:ae:f1:b6:
20:0c:55:13:9e:69:f1:90:33:13:27:50:eb:63:29:
c2:dd:87:fc:ed:f4:12:28:2f:1e:0d:8a:75:37:81:
fa:45:ee:ff:71:bb:a1:a0:eb:10:8f:eb:3f:f3:29:
96:73:d6:22:ba:96:b3:c3:2e:dc:ac:c3:93:8f:8e:
98:3d:07:b9:fc:bf:19:ad:1c:43:07:b5:71:34:68:
79:b3:b1:e7:ed:fd:9b:73:d4:95:d2:0b:a4:bf:c0:
8a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:99:E7:D9:83:C0:2E:DD:1A:03:97:7A:16:17:4E:4F:0D:F9:46:DE
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139322e302f32342d3234203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.192.0/24
Signature Algorithm: sha256WithRSAEncryption
06:9c:a4:b1:76:f7:1b:14:a8:d6:91:f0:ba:67:f4:27:e6:95:
79:73:76:ed:bd:aa:4a:cc:b2:02:14:e0:43:0f:eb:dc:93:69:
61:e5:66:f3:0c:3d:e1:1a:86:9a:a3:ab:4d:43:1d:9d:1f:2f:
dc:d0:e0:cc:fe:18:86:6b:06:e7:80:02:e7:4d:1a:f5:75:4f:
b9:65:07:91:8a:5e:49:24:9c:e0:57:aa:7e:ef:f8:f0:72:a1:
a4:42:23:b5:ef:ab:1d:86:a7:a9:10:cf:78:b5:09:80:6a:0b:
bc:7c:8b:b7:ce:bf:98:84:a2:34:c4:4b:53:0c:2f:16:9c:29:
85:64:d8:a7:67:b5:bd:d2:71:b1:b3:b6:54:e1:bc:c3:5a:a7:
1d:52:ff:57:c7:84:5f:87:52:6c:1b:0e:0a:d7:65:57:16:f3:
a3:17:d0:8f:cf:56:cb:d2:59:03:95:ec:06:fd:ec:94:35:06:
4f:d8:08:1e:48:c1:c7:5f:6a:75:8e:8b:8b:78:05:d5:dc:fe:
fb:6a:c5:98:c5:22:a6:9a:a3:37:70:19:09:ce:d6:34:99:ca:
33:c7:4b:db:fe:da:db:d9:ea:f7:05:97:e2:f6:a8:01:ee:0f:
a0:62:7b:2b:61:46:e6:e3:e7:53:f1:14:7d:22:10:31:a3:a4:
b8:17:23:71
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE80kf/m9PuOVzPr6vJrTBFe+fZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAzMTIwNTE4MTlaFw0yNjAzMTEwNTIzMTlaMDMxMTAvBgNV
BAMTKEM4OTlFN0Q5ODNDMDJFREQxQTAzOTc3QTE2MTc0RTRGMERGOTQ2REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC49IVA5+DduUv1gF3EZ+EvnZxa
PiDAN1pz/ifC6qkH4Mol+2tpjVBV9AuF5YW9cdsUwGnjeW7MSr+OCEewxgREmo1A
BZm53NJCeQ5ep5FwBgZgATUoEF4vKkbz7PyQg1KFwsI81OXIOqxkLV6YfXlRZOTM
7A9yehWmV/XRCvcx8YeqxB/s757Fqkb5MQGmHuRkCBEc2n+YpORH9iLmiwkBuq7x
tiAMVROeafGQMxMnUOtjKcLdh/zt9BIoLx4NinU3gfpF7v9xu6Gg6xCP6z/zKZZz
1iK6lrPDLtysw5OPjpg9B7n8vxmtHEMHtXE0aHmzseft/Ztz1JXSC6S/wIodAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyJnn2YPALt0aA5d6FhdOTw35Rt4wHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACyhMAwDQYJKoZIhvcNAQELBQADggEBAAacpLF29xsUqNaR8Lpn9CfmlXlzdu29
qkrMsgIU4EMP69yTaWHlZvMMPeEahpqjq01DHZ0fL9zQ4Mz+GIZrBueAAudNGvV1
T7llB5GKXkkknOBXqn7v+PByoaRCI7Xvqx2Gp6kQz3i1CYBqC7x8i7fOv5iEojTE
S1MMLxacKYVk2Kdntb3ScbGztlThvMNapx1S/1fHhF+HUmwbDgrXZVcW86MX0I/P
VsvSWQOV7Ab97JQ1Bk/YCB5IwcdfanWOi4t4BdXc/vtqxZjFIqaaozdwGQnO1jSZ
yjPHS9v+2tvZ6vcFl+L2qAHuD6BieythRubj51PxFH0iEDGjpLgXI3E=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:54:24 2025 by rpki-client