Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139362e302f32342d3234203d3e203231383539.roa
File: 3137382e3133322e3139362e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: mzYOGJFx/HwXGzi85q70fd/Ou2esGS2p/oJho4gkUdA=
Subject key identifier: 6C:7F:9C:37:76:A4:B8:75:9C:A6:2F:81:D7:39:C5:9E:8E:0A:BE:85
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 1858B1AF537A90F15651B70758D9930028E68C97
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139362e302f32342d3234203d3e203231383539.roa
Signing time: Mon 15 Sep 2025 06:08:01 +0000
ROA not before: Mon 15 Sep 2025 06:03:01 +0000
ROA not after: Mon 14 Sep 2026 06:08:01 +0000
asID: 21859
IP address blocks: 178.132.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 00:22:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:58:b1:af:53:7a:90:f1:56:51:b7:07:58:d9:93:00:28:e6:8c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Sep 15 06:03:01 2025 GMT
Not After : Sep 14 06:08:01 2026 GMT
Subject: CN=6C7F9C3776A4B8759CA62F81D739C59E8E0ABE85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ee:93:68:1b:00:15:f1:af:5a:7e:ca:c4:a0:
03:fc:b2:c2:38:f4:4c:5a:d4:c2:68:a8:4e:79:1b:
99:91:19:cc:40:19:77:e7:c7:b5:3f:42:d1:f0:bc:
a5:35:cc:ed:de:c8:e9:1c:bc:b6:e9:ff:74:f3:fc:
2b:99:01:f7:4c:87:bf:56:73:5d:73:d9:ee:b8:e3:
fd:ae:4c:55:95:84:1f:c3:7b:80:68:48:a8:10:f2:
c9:28:8e:77:03:67:8b:54:b3:30:7f:06:62:a2:2f:
c6:ea:a3:76:b5:01:96:71:d1:44:99:76:72:9d:6c:
04:83:a3:9a:94:ff:8c:b8:5d:83:75:ee:19:01:e4:
71:55:97:45:91:79:0d:84:28:0b:15:7e:e2:3d:3d:
22:a2:04:32:86:4b:01:9b:bd:e6:68:4c:31:34:5a:
51:4b:bb:45:b6:58:eb:eb:f7:9c:b7:2c:b4:4a:7a:
63:44:97:11:65:32:4c:73:a4:85:6c:2a:14:9c:48:
f3:1b:f2:4f:64:49:c6:de:f2:9b:5d:e7:19:dd:13:
34:4d:ef:30:25:32:87:97:6e:7d:1c:54:98:ba:39:
f9:8e:0d:53:02:48:c8:68:cd:72:98:d0:70:34:f8:
26:bc:fa:6e:9b:12:73:57:c7:09:7e:d3:aa:e7:48:
50:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7F:9C:37:76:A4:B8:75:9C:A6:2F:81:D7:39:C5:9E:8E:0A:BE:85
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139362e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.196.0/24
Signature Algorithm: sha256WithRSAEncryption
97:2e:45:8b:3e:d7:c3:32:3b:72:aa:f8:25:19:23:3a:38:79:
28:87:7b:cd:bf:8d:e7:68:d6:86:e9:88:95:52:d7:73:8d:97:
2b:d6:23:5a:09:e2:0e:7b:4d:cd:41:c3:6d:c2:c0:1f:b9:c9:
d7:ca:08:32:39:13:a8:f4:31:41:3f:ca:93:d4:2e:dc:e2:1c:
42:bf:12:75:c4:3e:35:77:d6:14:61:25:0d:be:e7:91:d3:0c:
78:58:a4:68:61:aa:04:fd:a3:69:8b:88:ff:4b:a4:1c:b1:c7:
e4:79:10:ec:c7:58:9f:59:9e:86:db:57:a5:55:05:e7:c6:c4:
df:c7:87:c7:2e:6e:bf:75:0a:dd:cf:44:7e:62:40:d4:dc:42:
ea:7e:cb:eb:0c:7e:e8:d0:2d:1b:cc:a0:d1:04:3f:60:6b:b8:
ce:50:95:2e:e7:ac:80:4e:29:51:f7:fa:da:6e:a5:86:31:e6:
f6:25:90:49:51:e0:ca:f2:81:53:95:3e:2f:a5:eb:d7:1b:47:
10:cd:a6:f7:2c:66:35:c5:02:be:2e:e6:77:ac:14:7c:67:af:
a7:ab:6a:7a:41:12:09:fc:7b:4c:9d:68:29:12:86:79:90:3e:
d7:8c:01:02:e1:a8:2d:5a:d8:1f:71:2e:3b:74:9d:ae:ff:48:
a9:36:1d:40
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGFixr1N6kPFWUbcHWNmTACjmjJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTA5MTUwNjAzMDFaFw0yNjA5MTQwNjA4MDFaMDMxMTAvBgNV
BAMTKDZDN0Y5QzM3NzZBNEI4NzU5Q0E2MkY4MUQ3MzlDNTlFOEUwQUJFODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO7pNoGwAV8a9afsrEoAP8ssI4
9Exa1MJoqE55G5mRGcxAGXfnx7U/QtHwvKU1zO3eyOkcvLbp/3Tz/CuZAfdMh79W
c11z2e644/2uTFWVhB/De4BoSKgQ8skojncDZ4tUszB/BmKiL8bqo3a1AZZx0USZ
dnKdbASDo5qU/4y4XYN17hkB5HFVl0WReQ2EKAsVfuI9PSKiBDKGSwGbveZoTDE0
WlFLu0W2WOvr95y3LLRKemNElxFlMkxzpIVsKhScSPMb8k9kScbe8ptd5xndEzRN
7zAlMoeXbn0cVJi6OfmODVMCSMhozXKY0HA0+Ca8+m6bEnNXxwl+06rnSFBHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUbH+cN3akuHWcpi+B1znFno4KvoUwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzODM1Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACyhMQwDQYJKoZIhvcNAQELBQADggEBAJcuRYs+18MyO3Kq+CUZIzo4eSiHe82/
jedo1obpiJVS13ONlyvWI1oJ4g57Tc1Bw23CwB+5ydfKCDI5E6j0MUE/ypPULtzi
HEK/EnXEPjV31hRhJQ2+55HTDHhYpGhhqgT9o2mLiP9LpByxx+R5EOzHWJ9Znobb
V6VVBefGxN/Hh8cubr91Ct3PRH5iQNTcQup+y+sMfujQLRvMoNEEP2BruM5QlS7n
rIBOKVH3+tpupYYx5vYlkElR4MrygVOVPi+l69cbRxDNpvcsZjXFAr4u5nesFHxn
r6eranpBEgn8e0ydaCkShnmQPteMAQLhqC1a2B9xLjt0na7/SKk2HUA=
-----END CERTIFICATE-----
Generated at Fri Sep 19 09:24:48 2025 by rpki-client