Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139352e302f32342d3234203d3e20313335333931.roa
File: 3137382e3133322e3139352e302f32342d3234203d3e20313335333931.roa (raw, json)
Hash identifier: RVvsf+GbQ+gvRF/WRSFeBmTdyh0atmXnd8DAVmdlYaw=
Subject key identifier: 2E:60:4A:FB:DF:D5:B9:A1:E1:66:7B:23:7C:DA:0F:AC:34:C6:D7:88
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 3B2B480B89E2EA741B143650E1E824AE1E7A85A8
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139352e302f32342d3234203d3e20313335333931.roa
Signing time: Tue 11 Feb 2025 01:57:39 +0000
ROA not before: Tue 11 Feb 2025 01:52:39 +0000
ROA not after: Tue 10 Feb 2026 01:57:39 +0000
asID: 135391
IP address blocks: 178.132.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:2b:48:0b:89:e2:ea:74:1b:14:36:50:e1:e8:24:ae:1e:7a:85:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Feb 11 01:52:39 2025 GMT
Not After : Feb 10 01:57:39 2026 GMT
Subject: CN=2E604AFBDFD5B9A1E1667B237CDA0FAC34C6D788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:14:bc:c9:bf:45:2a:9f:c5:30:15:d1:4c:57:
fb:4e:46:84:d6:37:eb:45:8a:6c:57:ab:ae:41:eb:
00:53:d0:ce:2c:83:9e:e7:9b:36:d0:28:15:3e:12:
c6:0a:9f:e7:fe:03:8f:b1:fc:09:55:aa:d2:37:a7:
06:ee:6d:5a:6c:29:88:67:58:66:15:ff:42:02:32:
0a:78:4c:44:b1:97:59:ca:e7:07:c9:3b:2a:cf:90:
de:1a:49:37:fb:d2:79:dc:a3:21:48:9d:ef:63:6b:
1c:ac:b4:67:37:95:51:88:bb:c5:7e:93:42:46:25:
44:d8:fb:2c:88:8c:a7:5a:7f:b5:64:f0:2c:8a:e3:
47:cd:82:da:74:50:aa:74:c0:c5:e9:3b:04:c0:84:
9c:38:40:8d:e4:f3:41:1c:b0:93:27:fc:09:0e:03:
e2:fc:66:9c:0a:e8:2b:08:0d:20:7b:4b:65:91:46:
73:1c:ee:b8:7b:9b:0f:b1:8a:46:b5:f6:cb:b5:b2:
b9:f7:0c:64:fe:90:db:92:24:0a:25:ea:3d:b5:5d:
3c:1b:63:52:1f:02:c4:35:9f:58:46:43:09:7a:8f:
17:3b:da:81:a2:5e:5c:5c:82:25:15:6f:03:e2:91:
38:40:a6:1e:61:de:6d:22:e4:81:af:70:05:a3:d0:
5c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:60:4A:FB:DF:D5:B9:A1:E1:66:7B:23:7C:DA:0F:AC:34:C6:D7:88
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139352e302f32342d3234203d3e20313335333931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.195.0/24
Signature Algorithm: sha256WithRSAEncryption
63:7a:ec:3e:16:e0:f0:02:5c:83:b2:ca:2b:51:57:fb:df:dc:
9e:7b:0e:13:a8:77:c4:f6:c6:e6:11:22:46:43:96:6c:2c:3a:
b3:77:ce:9f:6f:ef:16:37:f6:aa:e5:52:96:66:70:d3:bd:b1:
1a:0c:e2:23:14:8d:bc:1f:ea:9e:74:e7:d0:a2:ca:86:d3:f6:
be:e8:63:24:38:3c:14:c1:e3:4b:d7:b7:42:17:36:29:93:8e:
46:1b:55:54:ac:bb:8e:30:7a:0d:f0:7c:c5:29:7b:9d:b7:e6:
a7:27:6d:43:64:13:23:3b:05:92:5f:ad:d0:43:c3:c2:b4:b4:
d2:01:02:a4:b9:ee:d6:fd:dd:55:26:fc:cc:e2:fe:d4:f8:0b:
0a:c5:21:fa:b0:4e:d0:ae:d3:b0:e7:b2:6e:e0:17:f9:17:03:
45:23:40:70:24:df:3a:f2:37:9f:88:df:f8:bd:5d:0d:c5:12:
3e:bf:0f:1d:8a:e6:e4:84:52:fd:68:c1:b4:e0:29:a9:2f:75:
34:54:1a:1a:b8:bc:86:2d:3b:4a:50:60:fb:2c:83:ab:8a:c4:
16:f8:3d:47:9f:36:d8:3c:20:25:58:f1:35:11:8a:a0:4d:22:
74:ae:79:e0:46:99:d8:bc:b2:60:4c:e0:8a:0f:0e:c2:41:cf:
51:85:90:91
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOytIC4ni6nQbFDZQ4egkrh56hagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAyMTEwMTUyMzlaFw0yNjAyMTAwMTU3MzlaMDMxMTAvBgNV
BAMTKDJFNjA0QUZCREZENUI5QTFFMTY2N0IyMzdDREEwRkFDMzRDNkQ3ODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxFLzJv0Uqn8UwFdFMV/tORoTW
N+tFimxXq65B6wBT0M4sg57nmzbQKBU+EsYKn+f+A4+x/AlVqtI3pwbubVpsKYhn
WGYV/0ICMgp4TESxl1nK5wfJOyrPkN4aSTf70nncoyFIne9jaxystGc3lVGIu8V+
k0JGJUTY+yyIjKdaf7Vk8CyK40fNgtp0UKp0wMXpOwTAhJw4QI3k80EcsJMn/AkO
A+L8ZpwK6CsIDSB7S2WRRnMc7rh7mw+xika19su1srn3DGT+kNuSJAol6j21XTwb
Y1IfAsQ1n1hGQwl6jxc72oGiXlxcgiUVbwPikThAph5h3m0i5IGvcAWj0FzBAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQULmBK+9/VuaHhZnsjfNoPrDTG14gwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNTMzMzkzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEwzANBgkqhkiG9w0BAQsFAAOCAQEAY3rsPhbg8AJcg7LKK1FX+9/cnnsO
E6h3xPbG5hEiRkOWbCw6s3fOn2/vFjf2quVSlmZw072xGgziIxSNvB/qnnTn0KLK
htP2vuhjJDg8FMHjS9e3Qhc2KZOORhtVVKy7jjB6DfB8xSl7nbfmpydtQ2QTIzsF
kl+t0EPDwrS00gECpLnu1v3dVSb8zOL+1PgLCsUh+rBO0K7TsOeybuAX+RcDRSNA
cCTfOvI3n4jf+L1dDcUSPr8PHYrm5IRS/WjBtOApqS91NFQaGri8hi07SlBg+yyD
q4rEFvg9R5822DwgJVjxNRGKoE0idK554EaZ2LyyYEzgig8OwkHPUYWQkQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:49:21 2025 by rpki-client