Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139342e302f32342d3234203d3e2033333230.roa
File: 3137382e3133322e3139342e302f32342d3234203d3e2033333230.roa (raw, json)
Hash identifier: fQsEWjsrThcFlJLP0H4ir/IvOeNDAQWZ1RZpyw7wV08=
Subject key identifier: 6E:19:20:B3:D6:CB:5F:34:17:90:8C:9D:E4:9F:3C:2A:E4:6E:82:64
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 4932B7BC2F217A391C531D4FFE8122D6BD91D43A
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139342e302f32342d3234203d3e2033333230.roa
Signing time: Sat 25 Jan 2025 13:45:35 +0000
ROA not before: Sat 25 Jan 2025 13:40:35 +0000
ROA not after: Sat 24 Jan 2026 13:45:35 +0000
asID: 3320
IP address blocks: 178.132.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:32:b7:bc:2f:21:7a:39:1c:53:1d:4f:fe:81:22:d6:bd:91:d4:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 25 13:40:35 2025 GMT
Not After : Jan 24 13:45:35 2026 GMT
Subject: CN=6E1920B3D6CB5F3417908C9DE49F3C2AE46E8264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:42:58:5b:b7:15:e3:b6:a7:60:86:f4:77:2b:
bf:a0:db:16:9d:08:8d:0b:1a:4f:cd:07:74:8b:6f:
68:7a:36:a9:af:d4:dd:1b:a2:2a:b8:fa:a8:0e:db:
08:79:d5:f1:12:70:58:94:8b:33:22:5b:3e:f4:2a:
16:a3:04:67:e6:b4:bd:41:3d:9e:bd:d6:0d:28:43:
0a:70:7c:49:23:55:84:0e:d7:a6:a5:9b:1e:56:da:
33:4e:40:0a:18:70:ed:49:80:2c:ad:b7:ee:cf:a6:
13:45:c6:3f:77:19:44:de:e3:bd:69:85:da:82:51:
0f:82:0a:71:0f:52:a4:9f:68:f3:32:f7:c4:5d:3a:
ec:f5:1f:b5:fd:fd:f7:71:47:6d:6c:bf:0e:74:f4:
bd:c0:1b:b5:37:b1:05:e7:fb:ad:a4:ed:ff:e9:74:
1e:09:b8:0f:73:e3:6e:a9:1f:fa:13:50:34:72:4b:
c9:b7:c5:ab:11:1a:17:d6:bd:66:3c:f0:20:f2:d3:
e9:23:a0:90:34:89:e8:e7:79:88:8e:1e:25:1c:13:
f9:3c:a5:29:d4:5d:d0:99:c2:91:e1:ed:97:17:fd:
fb:d7:cb:46:7c:a3:12:2a:4e:9d:06:62:20:29:8d:
78:a5:4d:87:c2:53:23:92:01:f1:ae:b6:ef:fc:7d:
0b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:19:20:B3:D6:CB:5F:34:17:90:8C:9D:E4:9F:3C:2A:E4:6E:82:64
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139342e302f32342d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.194.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:94:5b:38:94:e9:c7:b8:b6:43:fb:bd:63:8c:72:0e:99:8c:
0c:35:c7:61:ff:e5:0d:90:f5:2c:be:91:6c:3c:ce:1d:c3:91:
a9:9b:0b:52:c8:6b:cd:fb:c5:b8:10:c6:8b:10:4f:cd:91:12:
cd:24:c8:97:6a:95:0c:55:18:2e:e4:44:f8:3f:67:b4:02:47:
29:79:81:c0:47:53:51:60:56:74:df:3a:bf:a2:54:58:ec:fa:
e5:8b:40:de:cf:1b:1f:fd:f7:c9:65:9e:45:df:00:6f:10:a4:
d1:ef:d6:f8:6b:80:18:9c:2f:43:26:ac:ac:e5:03:44:5c:0c:
5f:31:4e:c9:57:32:69:01:53:39:dd:2e:a5:19:f5:e6:95:a1:
62:40:9b:4d:28:a7:87:93:e9:d1:96:69:ea:1e:81:7c:d9:2c:
a3:24:3a:24:72:2b:2a:7e:bf:5e:1b:fe:2a:c3:a0:aa:de:12:
aa:ac:6f:f5:49:30:ca:ce:26:b6:ce:b4:8e:de:70:96:a2:6e:
33:de:a5:df:fa:46:6f:6c:c6:84:10:fd:c2:e3:5d:32:cd:9d:
e9:be:02:31:d4:e3:59:1e:d8:73:84:03:b0:a9:6b:f8:ed:a7:
db:1c:f5:98:12:5b:1d:82:43:14:6d:88:99:d2:b7:7f:61:10:
c3:e8:f2:8b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSTK3vC8hejkcUx1P/oEi1r2R1DowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjUxMzQwMzVaFw0yNjAxMjQxMzQ1MzVaMDMxMTAvBgNV
BAMTKDZFMTkyMEIzRDZDQjVGMzQxNzkwOEM5REU0OUYzQzJBRTQ2RTgyNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGQlhbtxXjtqdghvR3K7+g2xad
CI0LGk/NB3SLb2h6Nqmv1N0boiq4+qgO2wh51fEScFiUizMiWz70KhajBGfmtL1B
PZ691g0oQwpwfEkjVYQO16almx5W2jNOQAoYcO1JgCytt+7PphNFxj93GUTe471p
hdqCUQ+CCnEPUqSfaPMy98RdOuz1H7X9/fdxR21svw509L3AG7U3sQXn+62k7f/p
dB4JuA9z426pH/oTUDRyS8m3xasRGhfWvWY88CDy0+kjoJA0iejneYiOHiUcE/k8
pSnUXdCZwpHh7ZcX/fvXy0Z8oxIqTp0GYiApjXilTYfCUyOSAfGutu/8fQs7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUbhkgs9bLXzQXkIyd5J88KuRugmQwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
soTCMA0GCSqGSIb3DQEBCwUAA4IBAQC9lFs4lOnHuLZD+71jjHIOmYwMNcdh/+UN
kPUsvpFsPM4dw5GpmwtSyGvN+8W4EMaLEE/NkRLNJMiXapUMVRgu5ET4P2e0Akcp
eYHAR1NRYFZ03zq/olRY7Prli0Dezxsf/ffJZZ5F3wBvEKTR79b4a4AYnC9DJqys
5QNEXAxfMU7JVzJpAVM53S6lGfXmlaFiQJtNKKeHk+nRlmnqHoF82SyjJDokcisq
fr9eG/4qw6Cq3hKqrG/1STDKzia2zrSO3nCWom4z3qXf+kZvbMaEEP3C410yzZ3p
vgIx1ONZHthzhAOwqWv47afbHPWYElsdgkMUbYiZ0rd/YRDD6PKL
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:10 2025 by rpki-client