Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139332e302f32342d3234203d3e20313337383937.roa
File: 3137382e3133322e3139332e302f32342d3234203d3e20313337383937.roa (raw, json)
Hash identifier: s4Y/izMDulZ/3Kz0krN/1L/BeycxY8YfdP25Q2Ar+GA=
Subject key identifier: 5C:A9:3B:A5:3D:73:40:95:60:BF:71:0D:4D:7A:AF:E8:2D:85:3A:83
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 0E54178B359415117141B1493A860FC87E76A28E
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139332e302f32342d3234203d3e20313337383937.roa
Signing time: Sun 26 Jan 2025 14:39:22 +0000
ROA not before: Sun 26 Jan 2025 14:34:22 +0000
ROA not after: Sun 25 Jan 2026 14:39:22 +0000
asID: 137897
IP address blocks: 178.132.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:54:17:8b:35:94:15:11:71:41:b1:49:3a:86:0f:c8:7e:76:a2:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 26 14:34:22 2025 GMT
Not After : Jan 25 14:39:22 2026 GMT
Subject: CN=5CA93BA53D73409560BF710D4D7AAFE82D853A83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ed:04:a8:be:fb:74:2f:9e:9b:10:2d:b6:ae:
91:d5:3b:72:75:72:0a:10:d8:d6:02:20:30:7e:96:
07:41:20:d4:8d:73:cd:fe:16:71:19:2f:a8:79:14:
c5:39:09:3b:f4:b5:ed:22:97:43:ee:6c:1b:c4:11:
aa:d4:02:d9:d4:0c:e3:31:09:ea:25:30:c1:49:6d:
b3:24:c7:34:da:31:78:67:17:13:f5:69:6d:9d:ae:
84:3d:2b:fa:c0:9f:b5:c5:9c:e0:05:aa:ec:1d:dc:
20:87:51:a2:e3:ab:88:ba:9b:2d:05:b9:02:05:90:
ee:e3:22:e3:e0:af:66:f6:a7:ea:d9:ee:3a:c2:fc:
41:c7:2b:f7:ce:5f:3b:cb:c5:51:bf:dd:f4:b3:f3:
84:c7:5c:42:9b:4e:31:84:25:ee:e3:47:25:45:66:
be:8a:43:d8:b2:68:a8:e0:0e:7c:a9:da:44:93:53:
a3:a0:b5:24:a6:d0:06:23:74:9c:64:30:53:1d:50:
73:64:4d:ed:c4:2b:bc:cd:39:56:8a:bc:54:4d:4b:
e5:10:7b:59:3f:70:be:6c:75:d1:3c:fe:04:b0:52:
b5:26:5f:89:67:50:1f:2f:65:f0:f8:08:d2:b3:df:
3a:83:43:6d:fa:63:48:7c:20:1a:38:64:5a:7d:f0:
78:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A9:3B:A5:3D:73:40:95:60:BF:71:0D:4D:7A:AF:E8:2D:85:3A:83
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139332e302f32342d3234203d3e20313337383937.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.193.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:14:19:c7:93:7a:5e:26:41:f9:e0:05:8a:fd:08:69:64:0c:
72:8d:2b:e4:0c:46:32:64:05:29:1a:0f:d1:63:ef:c2:92:26:
33:3e:6a:08:1b:67:2e:e8:a2:1a:0e:61:a3:68:91:bf:b0:2a:
8c:c6:d7:fa:c5:49:5f:98:10:07:f9:89:52:d2:84:29:b6:f9:
76:07:d7:d6:26:f6:e9:d2:2e:08:93:c0:83:bb:bc:1e:73:9d:
c5:35:0b:bd:20:27:fc:07:b7:d6:9c:81:f8:00:21:4d:d8:fe:
18:ab:75:31:5c:cf:fb:03:1c:85:ea:76:9a:52:d9:5a:cf:05:
f8:ba:97:65:c8:6c:07:51:97:a7:2d:62:51:bb:2c:b1:31:b5:
23:16:97:ec:24:38:1a:b7:69:6e:74:e9:60:2e:21:e7:21:b8:
7c:42:2d:9f:57:df:72:6a:29:1e:68:11:03:90:74:e2:8c:0e:
4b:96:51:20:b6:7e:ab:7f:8c:63:2a:bc:03:fd:12:57:00:f9:
1b:35:a1:3c:3c:c4:4c:e2:23:77:b7:6b:7d:cf:d6:31:76:c9:
e6:8d:be:ef:b2:a0:b0:a3:f9:14:11:d2:e0:36:d1:2f:da:cb:
a6:56:3d:fe:63:a6:50:e9:76:56:fc:a9:2a:98:98:f8:a6:57:
57:f7:a0:00
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDlQXizWUFRFxQbFJOoYPyH52oo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjYxNDM0MjJaFw0yNjAxMjUxNDM5MjJaMDMxMTAvBgNV
BAMTKDVDQTkzQkE1M0Q3MzQwOTU2MEJGNzEwRDREN0FBRkU4MkQ4NTNBODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL7QSovvt0L56bEC22rpHVO3J1
cgoQ2NYCIDB+lgdBINSNc83+FnEZL6h5FMU5CTv0te0il0PubBvEEarUAtnUDOMx
CeolMMFJbbMkxzTaMXhnFxP1aW2droQ9K/rAn7XFnOAFquwd3CCHUaLjq4i6my0F
uQIFkO7jIuPgr2b2p+rZ7jrC/EHHK/fOXzvLxVG/3fSz84THXEKbTjGEJe7jRyVF
Zr6KQ9iyaKjgDnyp2kSTU6OgtSSm0AYjdJxkMFMdUHNkTe3EK7zNOVaKvFRNS+UQ
e1k/cL5sddE8/gSwUrUmX4lnUB8vZfD4CNKz3zqDQ236Y0h8IBo4ZFp98HjrAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUXKk7pT1zQJVgv3ENTXqv6C2FOoMwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNzM4MzkzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEwTANBgkqhkiG9w0BAQsFAAOCAQEAqhQZx5N6XiZB+eAFiv0IaWQMco0r
5AxGMmQFKRoP0WPvwpImMz5qCBtnLuiiGg5ho2iRv7AqjMbX+sVJX5gQB/mJUtKE
Kbb5dgfX1ib26dIuCJPAg7u8HnOdxTULvSAn/Ae31pyB+AAhTdj+GKt1MVzP+wMc
hep2mlLZWs8F+LqXZchsB1GXpy1iUbsssTG1IxaX7CQ4GrdpbnTpYC4h5yG4fEIt
n1ffcmopHmgRA5B04owOS5ZRILZ+q3+MYyq8A/0SVwD5GzWhPDzETOIjd7drfc/W
MXbJ5o2+77KgsKP5FBHS4DbRL9rLplY9/mOmUOl2VvypKpiY+KZXV/egAA==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:51:35 2025 by rpki-client