Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139332e302f32342d3234203d3e2039333034.roa
File: 3137382e3133322e3139332e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: cD4QR5rz9Bun5T9ETNZNZ1LDrPz0pvy5466LVp0WqDQ=
Subject key identifier: 2E:68:FD:30:FD:FB:A5:60:98:FE:32:D1:42:47:92:28:B7:19:6B:FD
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 4F5A2BE8E95A1C458F7721B654DEAF263DC8EA80
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139332e302f32342d3234203d3e2039333034.roa
Signing time: Sun 26 Jan 2025 14:39:22 +0000
ROA not before: Sun 26 Jan 2025 14:34:22 +0000
ROA not after: Sun 25 Jan 2026 14:39:22 +0000
asID: 9304
IP address blocks: 178.132.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:5a:2b:e8:e9:5a:1c:45:8f:77:21:b6:54:de:af:26:3d:c8:ea:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 26 14:34:22 2025 GMT
Not After : Jan 25 14:39:22 2026 GMT
Subject: CN=2E68FD30FDFBA56098FE32D142479228B7196BFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:12:05:1d:d6:bc:55:75:df:19:af:3b:b7:57:
fa:8e:00:ba:45:f7:53:b2:7d:d1:06:ac:88:70:88:
50:fc:80:dc:98:b1:d1:a8:ce:ae:bd:d4:75:13:55:
c1:5d:79:7a:99:85:ee:b4:31:09:81:64:e9:b5:17:
d6:d1:fe:02:18:03:f7:9a:cf:c6:46:58:d1:69:b4:
eb:b8:d5:75:fe:e3:01:49:43:49:3a:22:db:96:fa:
3c:7f:67:ff:8b:c3:50:1e:67:6c:ce:f6:94:90:14:
f1:42:02:0c:bb:f2:04:3a:88:c2:ef:64:06:6c:58:
51:9b:6d:38:cf:d1:8f:65:eb:dc:d3:76:cf:52:39:
4a:ec:4c:b7:b4:0d:47:fe:42:65:fc:2e:06:a8:16:
61:3d:7e:0d:2b:f9:c6:43:58:c6:ac:fa:57:83:0b:
85:25:15:56:35:46:51:38:f1:90:38:e7:cd:64:70:
fc:b8:6b:5b:aa:8d:00:04:ab:2c:22:a7:92:f4:6a:
d6:d0:f6:b1:98:7c:9c:0d:4e:fe:9b:cb:0f:3a:e0:
81:b4:23:76:ad:d9:ec:09:1a:f0:bc:b0:8f:5d:cc:
3c:e5:bb:d2:47:22:1b:f7:7c:77:da:4f:7a:5e:a1:
5a:25:73:b7:15:a7:78:86:53:cb:65:05:a0:29:30:
87:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:68:FD:30:FD:FB:A5:60:98:FE:32:D1:42:47:92:28:B7:19:6B:FD
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139332e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.193.0/24
Signature Algorithm: sha256WithRSAEncryption
07:ce:5b:6c:3c:43:a9:8e:6d:00:7d:74:64:53:be:7a:1e:0d:
02:74:c1:9d:1d:6a:a5:90:e7:8e:43:51:f5:56:ea:9c:e3:5a:
d9:11:52:67:eb:e2:e4:30:40:10:be:ca:06:bf:75:6f:b9:3e:
89:bc:f6:25:c8:73:c6:df:18:6a:6a:6b:4b:a8:74:a3:2d:04:
b5:ed:47:c3:f1:90:e2:ac:9c:dc:04:9d:a0:f6:d2:79:3b:30:
44:cb:e8:c0:de:34:fd:9a:c7:53:ec:eb:c2:ec:8c:e9:22:3f:
f2:16:80:0e:17:ef:73:8f:2a:e5:93:eb:a1:76:b5:3a:33:56:
47:cc:26:6c:4b:18:ae:73:a7:8f:4d:16:20:b6:a3:03:61:12:
42:65:6b:58:5b:76:be:d1:60:34:1f:90:49:1f:c0:e4:75:a6:
84:a9:ad:03:d2:71:b5:e8:a2:bf:a4:a4:83:2f:2f:97:76:3f:
d1:03:e1:5c:c1:10:22:30:c4:bf:89:95:23:11:e4:f1:f8:3a:
ab:0e:aa:70:2f:df:b9:ee:78:02:31:b3:06:58:80:d3:be:36:
97:76:08:63:b2:a5:65:1c:29:94:30:ab:0e:27:9f:0b:39:f3:
13:9b:bb:2f:66:bf:23:98:2b:83:2b:e4:82:a3:37:df:69:8a:
4c:89:19:44
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUT1or6OlaHEWPdyG2VN6vJj3I6oAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjYxNDM0MjJaFw0yNjAxMjUxNDM5MjJaMDMxMTAvBgNV
BAMTKDJFNjhGRDMwRkRGQkE1NjA5OEZFMzJEMTQyNDc5MjI4QjcxOTZCRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4EgUd1rxVdd8Zrzu3V/qOALpF
91OyfdEGrIhwiFD8gNyYsdGozq691HUTVcFdeXqZhe60MQmBZOm1F9bR/gIYA/ea
z8ZGWNFptOu41XX+4wFJQ0k6ItuW+jx/Z/+Lw1AeZ2zO9pSQFPFCAgy78gQ6iMLv
ZAZsWFGbbTjP0Y9l69zTds9SOUrsTLe0DUf+QmX8LgaoFmE9fg0r+cZDWMas+leD
C4UlFVY1RlE48ZA4581kcPy4a1uqjQAEqywip5L0atbQ9rGYfJwNTv6byw864IG0
I3at2ewJGvC8sI9dzDzlu9JHIhv3fHfaT3peoVolc7cVp3iGU8tlBaApMIc7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULmj9MP37pWCY/jLRQkeSKLcZa/0wHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzMzMDM0LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
soTBMA0GCSqGSIb3DQEBCwUAA4IBAQAHzltsPEOpjm0AfXRkU756Hg0CdMGdHWql
kOeOQ1H1Vuqc41rZEVJn6+LkMEAQvsoGv3VvuT6JvPYlyHPG3xhqamtLqHSjLQS1
7UfD8ZDirJzcBJ2g9tJ5OzBEy+jA3jT9msdT7OvC7IzpIj/yFoAOF+9zjyrlk+uh
drU6M1ZHzCZsSxiuc6ePTRYgtqMDYRJCZWtYW3a+0WA0H5BJH8DkdaaEqa0D0nG1
6KK/pKSDLy+Xdj/RA+FcwRAiMMS/iZUjEeTx+DqrDqpwL9+57ngCMbMGWIDTvjaX
dghjsqVlHCmUMKsOJ58LOfMTm7svZr8jmCuDK+SCozffaYpMiRlE
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:20 2025 by rpki-client