Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139372e302f32342d3234203d3e2033333230.roa
File: 3137382e3133322e3139372e302f32342d3234203d3e2033333230.roa (raw, json)
Hash identifier: MuzLKtyseOT68ju0FOjjeN3pxilqG43fi3IvFyF1hyA=
Subject key identifier: 82:74:FB:D4:0E:24:CE:76:81:81:B9:06:05:E3:53:68:AE:98:0F:21
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 5F2DE75150CD4D302CEB87D3032743DCF9799F28
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139372e302f32342d3234203d3e2033333230.roa
Signing time: Mon 03 Feb 2025 22:02:52 +0000
ROA not before: Mon 03 Feb 2025 21:57:52 +0000
ROA not after: Mon 02 Feb 2026 22:02:52 +0000
asID: 3320
IP address blocks: 178.132.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 12:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:2d:e7:51:50:cd:4d:30:2c:eb:87:d3:03:27:43:dc:f9:79:9f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Feb 3 21:57:52 2025 GMT
Not After : Feb 2 22:02:52 2026 GMT
Subject: CN=8274FBD40E24CE768181B90605E35368AE980F21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9a:67:06:ed:51:ab:fd:50:63:5c:51:82:87:
0e:40:61:be:b8:43:53:13:df:db:85:40:86:d3:19:
56:0a:27:ed:a5:1c:32:6d:89:0d:b7:9a:51:f3:f1:
96:63:71:f4:38:63:dd:01:d2:46:42:3e:e1:8f:eb:
d2:45:e1:f6:fc:30:69:aa:72:23:be:92:21:7c:66:
c2:19:c5:5d:97:a2:9b:f8:c8:d3:80:6f:6a:58:4c:
25:a5:2a:90:fa:95:d2:7b:46:9c:38:64:1d:70:de:
24:9e:14:9a:8a:59:72:01:d3:f1:9a:92:61:ea:9b:
cb:3c:2c:11:48:09:87:19:71:53:16:51:c5:b5:d5:
c0:df:7f:d6:c1:60:3d:a9:f6:28:35:95:9d:91:39:
ce:3e:3e:a5:57:52:dd:22:36:88:3e:93:4f:be:76:
3c:1a:80:f6:ac:3b:a7:8a:bf:83:bc:37:d0:46:19:
69:b6:9a:4c:57:83:90:25:75:ef:35:eb:0d:6e:6d:
cd:f7:4c:62:9f:90:ea:a3:84:f9:bc:84:14:21:51:
39:a3:a6:40:af:54:8b:b0:b2:6e:45:58:59:b8:d4:
e6:d3:c5:7a:93:86:ab:03:59:b6:3c:4d:1e:75:14:
2c:7d:f3:5d:df:31:b9:a5:50:43:c1:71:ac:e5:b3:
ca:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:74:FB:D4:0E:24:CE:76:81:81:B9:06:05:E3:53:68:AE:98:0F:21
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139372e302f32342d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.197.0/24
Signature Algorithm: sha256WithRSAEncryption
97:9e:86:30:4b:25:34:66:9e:87:d4:c5:1a:8b:f6:52:bf:7a:
0a:d6:33:5f:0f:4b:02:62:45:f8:03:ea:a5:3b:ab:d9:d5:84:
b6:41:0e:64:9c:9e:1e:f0:1a:1e:ce:68:a8:0c:0d:5d:cc:de:
5b:e2:b7:93:62:b8:15:55:b3:b7:ab:28:05:29:f4:90:24:27:
1b:be:0d:ea:12:a4:ec:75:d3:60:97:59:86:f7:7f:4b:1e:1d:
84:f4:4e:ef:bd:fa:ab:3b:ed:fd:78:ac:a5:a6:01:c0:fe:48:
1f:9e:ef:dc:55:01:c6:c7:a3:05:70:09:56:f0:32:b5:7a:d8:
1b:1f:53:3e:d4:43:e0:f5:6c:1b:32:e2:4c:83:35:f9:51:23:
1c:e7:96:d3:58:9c:92:25:88:5c:5b:5e:11:b2:9d:f7:e7:a1:
c3:78:c0:51:43:8c:8b:c6:a2:1f:f6:53:11:c8:dd:47:83:f5:
fd:1c:7e:a1:bf:5b:92:7d:84:6c:1c:ea:5d:63:88:45:f0:98:
24:ee:ea:5f:d9:3b:88:fb:af:e3:dd:e1:38:c6:89:43:fa:1f:
2e:ba:8c:69:2c:aa:6f:c9:87:17:df:43:d4:12:2d:06:d7:a7:
30:c7:37:93:ea:75:d0:67:aa:30:3e:96:73:28:00:41:13:f0:
0a:a3:09:74
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXy3nUVDNTTAs64fTAydD3Pl5nygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAyMDMyMTU3NTJaFw0yNjAyMDIyMjAyNTJaMDMxMTAvBgNV
BAMTKDgyNzRGQkQ0MEUyNENFNzY4MTgxQjkwNjA1RTM1MzY4QUU5ODBGMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnmmcG7VGr/VBjXFGChw5AYb64
Q1MT39uFQIbTGVYKJ+2lHDJtiQ23mlHz8ZZjcfQ4Y90B0kZCPuGP69JF4fb8MGmq
ciO+kiF8ZsIZxV2Xopv4yNOAb2pYTCWlKpD6ldJ7Rpw4ZB1w3iSeFJqKWXIB0/Ga
kmHqm8s8LBFICYcZcVMWUcW11cDff9bBYD2p9ig1lZ2ROc4+PqVXUt0iNog+k0++
djwagPasO6eKv4O8N9BGGWm2mkxXg5Alde816w1ubc33TGKfkOqjhPm8hBQhUTmj
pkCvVIuwsm5FWFm41ObTxXqThqsDWbY8TR51FCx9813fMbmlUEPBcazls8rhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgnT71A4kznaBgbkGBeNTaK6YDyEwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
soTFMA0GCSqGSIb3DQEBCwUAA4IBAQCXnoYwSyU0Zp6H1MUai/ZSv3oK1jNfD0sC
YkX4A+qlO6vZ1YS2QQ5knJ4e8BoezmioDA1dzN5b4reTYrgVVbO3qygFKfSQJCcb
vg3qEqTsddNgl1mG939LHh2E9E7vvfqrO+39eKylpgHA/kgfnu/cVQHGx6MFcAlW
8DK1etgbH1M+1EPg9WwbMuJMgzX5USMc55bTWJySJYhcW14Rsp3356HDeMBRQ4yL
xqIf9lMRyN1Hg/X9HH6hv1uSfYRsHOpdY4hF8Jgk7upf2TuI+6/j3eE4xolD+h8u
uoxpLKpvyYcX30PUEi0G16cwxzeT6nXQZ6owPpZzKABBE/AKowl0
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:38:26 2025 by rpki-client