Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139392e302f32342d3234203d3e20323135323837.roa
File: 3137382e3133322e3139392e302f32342d3234203d3e20323135323837.roa (raw, json)
Hash identifier: Nn4hlenMCeN8J+tRLEn3aIgafIwnXZia7FBwDbkQIW0=
Subject key identifier: 4B:30:FA:1F:CA:BE:12:B9:E7:7F:C5:E8:37:EF:28:09:A2:06:EE:0F
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 2278A798192BD266DAFF6BC86A6AA086654DE14C
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139392e302f32342d3234203d3e20323135323837.roa
Signing time: Sat 25 Jan 2025 21:56:50 +0000
ROA not before: Sat 25 Jan 2025 21:51:50 +0000
ROA not after: Sat 24 Jan 2026 21:56:50 +0000
asID: 215287
IP address blocks: 178.132.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:78:a7:98:19:2b:d2:66:da:ff:6b:c8:6a:6a:a0:86:65:4d:e1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 25 21:51:50 2025 GMT
Not After : Jan 24 21:56:50 2026 GMT
Subject: CN=4B30FA1FCABE12B9E77FC5E837EF2809A206EE0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e1:61:42:60:6e:af:6d:45:92:3e:35:53:e9:
af:07:cc:69:48:0f:29:e8:47:8c:73:42:1d:a2:e7:
8e:30:28:c8:c3:db:69:ea:73:a3:0f:b2:2d:92:6e:
b8:6f:00:af:04:33:f5:cf:67:25:b8:76:c5:8a:d6:
f3:24:48:59:23:f5:7c:05:7e:a8:4a:7e:3b:9e:25:
9b:06:ad:5a:eb:c5:00:33:dc:67:fa:53:6f:21:fb:
db:07:1b:23:77:32:a3:3d:de:02:d4:82:54:0b:bb:
2b:70:b9:78:d1:0c:91:be:60:ea:04:85:24:84:c7:
ee:70:d3:33:5d:2f:d4:61:fc:a1:98:32:10:d9:a9:
be:b8:7d:cc:f8:53:b1:5a:84:25:81:00:01:2c:c6:
d7:ca:07:13:a8:26:36:ed:35:14:45:7f:ec:41:33:
0f:ab:12:b4:e4:18:e9:ac:75:23:40:ed:d4:f4:c4:
0a:7b:12:1c:c6:aa:d4:c6:5c:5e:15:57:f9:71:47:
8f:af:70:a3:27:cc:f8:42:6e:c4:43:37:bc:32:c9:
72:08:cc:af:cf:0e:12:ec:9c:79:31:88:11:ed:73:
fd:dd:58:4e:e3:65:b1:09:1f:c0:cf:d1:bc:6d:bf:
40:40:b6:98:0f:f4:66:1b:fe:b7:95:7e:65:a7:b3:
89:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:30:FA:1F:CA:BE:12:B9:E7:7F:C5:E8:37:EF:28:09:A2:06:EE:0F
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139392e302f32342d3234203d3e20323135323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.199.0/24
Signature Algorithm: sha256WithRSAEncryption
48:1c:6a:02:d6:88:0e:28:83:09:c4:de:6b:04:f1:a4:26:91:
c1:de:50:a4:41:27:0c:f9:4c:22:1f:0b:3d:15:bb:12:7a:32:
f0:e4:b1:e3:71:0a:6b:62:c0:40:84:d8:5e:f6:97:84:bc:18:
04:60:06:bf:36:0f:46:58:98:e5:75:fe:31:8d:d5:26:76:07:
d9:50:45:57:f3:17:d0:bc:c6:c4:3d:3e:3b:ad:e4:96:1b:fa:
01:39:fd:56:a3:3a:18:75:bc:50:dd:12:eb:38:ed:5b:e6:09:
12:aa:d2:44:b7:6b:b0:d2:bd:df:ae:9c:86:55:25:10:4d:e4:
dd:9b:c9:7d:45:0c:75:4c:6e:76:a3:aa:28:1a:3a:92:ac:ea:
12:4e:e9:36:0b:b7:2e:0b:6c:49:17:86:f9:25:52:e1:84:a4:
07:72:8c:c0:67:46:96:89:e9:e8:e5:e4:bf:b7:8e:be:9b:fa:
d0:6c:a9:ae:86:85:1b:8e:cd:e8:65:13:60:4e:fc:58:b9:aa:
dd:be:f7:a8:28:25:dd:0a:a6:0b:e7:59:ae:fc:12:27:34:ea:
31:f2:28:80:e9:e0:0a:6b:a1:de:c7:af:22:fe:ba:af:25:ac:
ce:17:6e:bc:77:d4:0a:6b:6d:dd:6c:ad:44:29:af:04:ff:6d:
58:2a:50:ed
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUIninmBkr0mba/2vIamqghmVN4UwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjUyMTUxNTBaFw0yNjAxMjQyMTU2NTBaMDMxMTAvBgNV
BAMTKDRCMzBGQTFGQ0FCRTEyQjlFNzdGQzVFODM3RUYyODA5QTIwNkVFMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA4WFCYG6vbUWSPjVT6a8HzGlI
DynoR4xzQh2i544wKMjD22nqc6MPsi2SbrhvAK8EM/XPZyW4dsWK1vMkSFkj9XwF
fqhKfjueJZsGrVrrxQAz3Gf6U28h+9sHGyN3MqM93gLUglQLuytwuXjRDJG+YOoE
hSSEx+5w0zNdL9Rh/KGYMhDZqb64fcz4U7FahCWBAAEsxtfKBxOoJjbtNRRFf+xB
Mw+rErTkGOmsdSNA7dT0xAp7EhzGqtTGXF4VV/lxR4+vcKMnzPhCbsRDN7wyyXII
zK/PDhLsnHkxiBHtc/3dWE7jZbEJH8DP0bxtv0BAtpgP9GYb/reVfmWns4lhAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUSzD6H8q+Ernnf8XoN+8oCaIG7g8wHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMyMzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKExzANBgkqhkiG9w0BAQsFAAOCAQEASBxqAtaIDiiDCcTeawTxpCaRwd5Q
pEEnDPlMIh8LPRW7Enoy8OSx43EKa2LAQITYXvaXhLwYBGAGvzYPRliY5XX+MY3V
JnYH2VBFV/MX0LzGxD0+O63klhv6ATn9VqM6GHW8UN0S6zjtW+YJEqrSRLdrsNK9
366chlUlEE3k3ZvJfUUMdUxudqOqKBo6kqzqEk7pNgu3LgtsSReG+SVS4YSkB3KM
wGdGlonp6OXkv7eOvpv60GyproaFG47N6GUTYE78WLmq3b73qCgl3QqmC+dZrvwS
JzTqMfIogOngCmuh3sevIv66ryWszhduvHfUCmtt3WytRCmvBP9tWCpQ7Q==
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:26 2025 by rpki-client