Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139382e302f32342d3234203d3e203133333335.roa
File: 3137382e3133322e3139382e302f32342d3234203d3e203133333335.roa (raw, json)
Hash identifier: 6TrR9eiRNzBfJRrubefTFudn86wqW7t6u+0cIxHNR5g=
Subject key identifier: 3E:70:CE:4D:4F:1D:B8:3E:AA:6D:E3:8D:23:9A:DD:C0:98:21:EB:EA
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 1D0884BFC3948BDC7FBBA1DC360272DADCFD7295
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139382e302f32342d3234203d3e203133333335.roa
Signing time: Tue 28 Jan 2025 19:11:07 +0000
ROA not before: Tue 28 Jan 2025 19:06:07 +0000
ROA not after: Tue 27 Jan 2026 19:11:07 +0000
asID: 13335
IP address blocks: 178.132.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:08:84:bf:c3:94:8b:dc:7f:bb:a1:dc:36:02:72:da:dc:fd:72:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 28 19:06:07 2025 GMT
Not After : Jan 27 19:11:07 2026 GMT
Subject: CN=3E70CE4D4F1DB83EAA6DE38D239ADDC09821EBEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:33:df:1a:6e:88:68:61:a8:b5:09:da:7a:06:
be:e9:63:02:90:0d:28:ec:c3:8d:58:71:21:9e:e4:
f9:fa:c9:ab:fa:16:6c:59:d5:63:5d:bb:76:74:4c:
22:45:a6:d6:eb:e1:6e:57:f3:4a:98:97:ca:7f:7a:
ba:6f:84:a0:e4:8e:45:88:1d:94:0a:0e:4a:f0:bc:
72:48:27:6c:83:07:21:b6:7a:9a:5a:00:cb:e3:9f:
9f:9e:c7:f7:f4:f6:e7:b9:96:ea:f2:5a:32:1c:4d:
a8:44:2b:7b:f1:42:4f:ba:45:9f:58:71:b1:3c:7d:
a1:f5:76:93:91:f7:5a:71:4a:98:1b:04:df:d9:72:
f2:33:13:e9:6e:f7:08:8d:1c:4a:ea:6c:f0:18:76:
63:37:68:ad:dd:45:7a:df:11:7b:e7:3d:ad:b9:69:
72:03:57:8f:bf:94:b7:75:68:f3:4d:14:7a:54:a8:
93:87:4b:42:ff:81:f1:a2:0a:e4:58:36:1b:a2:6a:
1b:63:dc:69:61:bd:49:93:58:be:69:86:72:73:b6:
9b:48:0e:4f:52:5c:55:57:1a:53:40:7d:9e:3f:e1:
ee:85:e2:a9:20:77:87:71:b2:73:e9:9d:e5:66:bf:
d9:b3:63:f1:0d:5c:72:cf:c2:57:b5:28:a1:f4:f0:
5e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:70:CE:4D:4F:1D:B8:3E:AA:6D:E3:8D:23:9A:DD:C0:98:21:EB:EA
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139382e302f32342d3234203d3e203133333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.198.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:1e:0f:b3:8e:73:9f:74:16:3c:3a:31:c4:5b:82:14:4a:56:
a0:5d:58:dd:83:f9:e5:ca:55:67:64:30:7a:96:f2:df:06:8b:
ee:80:e0:c3:70:22:f8:09:36:da:06:f2:19:de:c2:b5:8e:0f:
eb:05:af:3a:96:cd:be:39:ce:5d:53:34:5b:ba:f7:e5:f6:4d:
83:d4:17:e2:86:6b:7a:f5:4e:ed:c6:97:99:04:91:3c:00:2b:
99:4f:d3:d1:6a:c6:3a:d1:9b:38:d7:f7:73:21:11:38:78:c9:
c1:ce:11:6d:c1:53:72:4e:96:a5:10:ba:24:2b:6f:eb:20:b0:
0e:c7:5a:54:49:81:2d:44:fd:12:a0:7f:a9:b5:e0:9d:b3:b1:
b8:46:c9:76:d6:9c:64:e8:80:5c:0b:67:80:bf:dc:36:19:ac:
61:5e:f4:a9:78:03:7d:77:26:54:c0:44:a0:6d:ba:b0:ee:d2:
bd:cd:9a:c9:cc:8c:5a:57:2e:51:14:e0:0f:cf:db:fc:db:b2:
36:39:94:4a:b3:6d:9e:32:86:db:dc:06:76:3e:33:f4:de:e1:
b7:4f:1f:b5:4e:69:6b:56:a0:bb:51:6b:b2:58:f4:3a:1c:30:
64:11:5b:06:2a:c5:13:aa:ab:1f:90:a7:f2:4b:df:a3:05:6d:
f9:0e:e9:35
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHQiEv8OUi9x/u6HcNgJy2tz9cpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjgxOTA2MDdaFw0yNjAxMjcxOTExMDdaMDMxMTAvBgNV
BAMTKDNFNzBDRTRENEYxREI4M0VBQTZERTM4RDIzOUFEREMwOTgyMUVCRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpM98abohoYai1Cdp6Br7pYwKQ
DSjsw41YcSGe5Pn6yav6FmxZ1WNdu3Z0TCJFptbr4W5X80qYl8p/erpvhKDkjkWI
HZQKDkrwvHJIJ2yDByG2eppaAMvjn5+ex/f09ue5luryWjIcTahEK3vxQk+6RZ9Y
cbE8faH1dpOR91pxSpgbBN/ZcvIzE+lu9wiNHErqbPAYdmM3aK3dRXrfEXvnPa25
aXIDV4+/lLd1aPNNFHpUqJOHS0L/gfGiCuRYNhuiahtj3GlhvUmTWL5phnJztptI
Dk9SXFVXGlNAfZ4/4e6F4qkgd4dxsnPpneVmv9mzY/ENXHLPwle1KKH08F7LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPnDOTU8duD6qbeONI5rdwJgh6+owHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzMzMzMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACyhMYwDQYJKoZIhvcNAQELBQADggEBACoeD7OOc590Fjw6McRbghRKVqBdWN2D
+eXKVWdkMHqW8t8Gi+6A4MNwIvgJNtoG8hnewrWOD+sFrzqWzb45zl1TNFu69+X2
TYPUF+KGa3r1Tu3Gl5kEkTwAK5lP09FqxjrRmzjX93MhETh4ycHOEW3BU3JOlqUQ
uiQrb+sgsA7HWlRJgS1E/RKgf6m14J2zsbhGyXbWnGTogFwLZ4C/3DYZrGFe9Kl4
A313JlTARKBturDu0r3NmsnMjFpXLlEU4A/P2/zbsjY5lEqzbZ4yhtvcBnY+M/Te
4bdPH7VOaWtWoLtRa7JY9DocMGQRWwYqxROqqx+Qp/JL36MFbfkO6TU=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:00:57 2025 by rpki-client