Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139382e302f32342d3234203d3e20323635393139.roa
File: 3137382e3133322e3139382e302f32342d3234203d3e20323635393139.roa (raw, json)
Hash identifier: uhM+/0v8HioS/qE+KkDqR673YS11oQr5aznZkyp/yx4=
Subject key identifier: 95:97:0B:3E:FF:A1:FC:66:94:69:BA:B7:D7:11:FD:93:3D:A3:10:B1
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 46CB4C628D3A51690EE329826E8F32CCE8B552DB
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139382e302f32342d3234203d3e20323635393139.roa
Signing time: Tue 28 Jan 2025 19:11:06 +0000
ROA not before: Tue 28 Jan 2025 19:06:06 +0000
ROA not after: Tue 27 Jan 2026 19:11:06 +0000
asID: 265919
IP address blocks: 178.132.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:cb:4c:62:8d:3a:51:69:0e:e3:29:82:6e:8f:32:cc:e8:b5:52:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 28 19:06:06 2025 GMT
Not After : Jan 27 19:11:06 2026 GMT
Subject: CN=95970B3EFFA1FC669469BAB7D711FD933DA310B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:36:8f:97:af:af:e0:e6:2f:70:ac:4b:a5:3c:
f8:14:77:20:de:89:3b:9e:c7:94:36:e3:82:28:1f:
b1:26:09:be:11:f7:e1:77:0d:c0:dd:fd:44:e6:42:
d1:3d:aa:aa:d7:61:14:e5:42:03:c6:30:31:d0:46:
0f:c8:dc:ba:aa:30:6f:f4:5b:e9:1f:0e:20:fe:d7:
4d:72:4e:bc:31:9d:fb:74:e2:3e:88:2a:6b:56:e0:
ef:7c:ab:25:1c:89:77:93:3d:5e:2c:3e:b7:0f:d4:
8d:6a:23:d6:e3:95:02:5d:b0:ed:49:89:0e:b3:67:
f9:e2:da:51:ac:7f:c2:8a:bc:4c:ec:d8:52:f6:de:
12:97:81:4e:c4:12:d9:b7:74:14:48:ad:a2:70:09:
e6:51:d1:1c:54:5a:55:97:67:6e:1c:43:71:e1:f2:
08:1e:1f:f3:46:e8:3c:22:06:26:bf:00:7a:72:d3:
43:d0:ff:74:50:3d:a9:62:03:0b:67:58:9f:90:ea:
7f:8b:32:65:d6:b5:b9:df:a9:3b:7f:36:ef:d3:37:
10:3c:87:ed:db:5c:d4:e5:6c:da:94:da:0f:db:b8:
46:65:2a:67:32:b8:00:68:37:60:e6:14:7a:7e:03:
63:3d:1e:b5:fc:a2:f6:46:1e:b6:63:61:6f:1b:f7:
9c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:97:0B:3E:FF:A1:FC:66:94:69:BA:B7:D7:11:FD:93:3D:A3:10:B1
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139382e302f32342d3234203d3e20323635393139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.198.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:f0:8d:57:71:6b:1e:5f:bd:3d:5b:c5:84:15:65:ca:06:69:
70:33:62:d6:07:3e:a1:22:0f:2b:66:bf:e3:fb:33:10:a7:4f:
11:4d:83:42:fe:da:d6:32:d0:40:2e:eb:1e:d3:10:50:89:e1:
a7:3c:ee:9b:93:5f:e0:88:24:b3:b7:26:b4:91:5f:84:c4:f9:
94:a1:91:c8:65:7b:69:5b:60:74:ff:62:c8:d6:c3:8c:32:6b:
bc:cd:46:e2:b1:88:2c:37:c6:87:28:68:61:fc:94:4a:7d:d9:
25:aa:3f:74:f9:cb:4b:ed:6b:e6:0f:1f:c8:cf:55:48:c9:bf:
4f:05:4b:bd:06:e3:f8:22:7c:b1:3b:e9:2c:7f:85:e3:52:c4:
be:66:dc:05:99:7c:35:f3:03:9e:9a:7c:5a:50:8e:d8:d5:d3:
c0:ec:c5:85:89:25:a8:60:c2:30:80:c4:c1:42:17:98:a5:a2:
80:9c:83:87:f4:06:4b:46:1d:c1:27:8b:b1:73:94:8d:b2:88:
27:8a:c5:b9:56:c8:3c:72:b0:82:4b:39:e3:b2:04:81:e5:b2:
0e:43:a3:96:37:c3:ea:ba:29:97:8b:c2:6d:f3:cd:34:3a:af:
cf:fc:78:a3:84:9b:82:63:87:03:27:a6:e1:dd:cd:e9:3f:12:
e4:50:25:46
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIURstMYo06UWkO4ymCbo8yzOi1UtswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjgxOTA2MDZaFw0yNjAxMjcxOTExMDZaMDMxMTAvBgNV
BAMTKDk1OTcwQjNFRkZBMUZDNjY5NDY5QkFCN0Q3MTFGRDkzM0RBMzEwQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMNo+Xr6/g5i9wrEulPPgUdyDe
iTuex5Q244IoH7EmCb4R9+F3DcDd/UTmQtE9qqrXYRTlQgPGMDHQRg/I3LqqMG/0
W+kfDiD+101yTrwxnft04j6IKmtW4O98qyUciXeTPV4sPrcP1I1qI9bjlQJdsO1J
iQ6zZ/ni2lGsf8KKvEzs2FL23hKXgU7EEtm3dBRIraJwCeZR0RxUWlWXZ24cQ3Hh
8ggeH/NG6DwiBia/AHpy00PQ/3RQPaliAwtnWJ+Q6n+LMmXWtbnfqTt/Nu/TNxA8
h+3bXNTlbNqU2g/buEZlKmcyuABoN2DmFHp+A2M9HrX8ovZGHrZjYW8b95xVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUlZcLPv+h/GaUabq31xH9kz2jELEwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNTM5MzEzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKExjANBgkqhkiG9w0BAQsFAAOCAQEAt/CNV3FrHl+9PVvFhBVlygZpcDNi
1gc+oSIPK2a/4/szEKdPEU2DQv7a1jLQQC7rHtMQUInhpzzum5Nf4Igks7cmtJFf
hMT5lKGRyGV7aVtgdP9iyNbDjDJrvM1G4rGILDfGhyhoYfyUSn3ZJao/dPnLS+1r
5g8fyM9VSMm/TwVLvQbj+CJ8sTvpLH+F41LEvmbcBZl8NfMDnpp8WlCO2NXTwOzF
hYklqGDCMIDEwUIXmKWigJyDh/QGS0YdwSeLsXOUjbKIJ4rFuVbIPHKwgks547IE
geWyDkOjljfD6ropl4vCbfPNNDqvz/x4o4SbgmOHAyem4d3N6T8S5FAlRg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:54:31 2025 by rpki-client