Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133342e302f32342d3234203d3e20313437303439.roa
File: 3135372e39372e3133342e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: qAeGx5PrWuSfAHQQofE2Suu4oMoTOVnNv3fgwJXgOyU=
Subject key identifier: 64:42:D3:7C:DB:3B:D6:7F:F2:5D:72:29:63:25:F0:BB:83:A6:26:12
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6EABA2CE204010A275C83A5ECAA62498A5B50DD7
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133342e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 27 Jan 2025 09:44:55 +0000
ROA not before: Mon 27 Jan 2025 09:39:55 +0000
ROA not after: Mon 26 Jan 2026 09:44:55 +0000
asID: 147049
IP address blocks: 157.97.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:ab:a2:ce:20:40:10:a2:75:c8:3a:5e:ca:a6:24:98:a5:b5:0d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:55 2025 GMT
Not After : Jan 26 09:44:55 2026 GMT
Subject: CN=6442D37CDB3BD67FF25D72296325F0BB83A62612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:26:1e:3c:39:21:8b:41:7f:09:33:4d:77:dc:
5e:56:67:7d:33:66:ae:54:b1:30:af:bb:f1:c9:4b:
b6:e4:9e:0d:91:e1:e3:74:d5:ab:49:2f:b4:2a:41:
4f:94:26:14:54:6a:15:24:ff:67:a1:72:1f:75:8a:
64:d5:92:ff:a2:3a:8c:b4:80:c3:fc:bd:bb:62:f4:
3a:bd:fc:a0:db:23:0a:ab:e9:f9:76:76:92:49:27:
07:71:cc:55:7c:fb:c3:2b:21:d1:16:e0:5f:32:65:
fb:5a:37:61:15:3b:c8:cf:e5:2b:f5:fc:13:91:ba:
7b:e0:e2:c6:30:be:71:b0:c9:57:d5:f8:20:73:f4:
62:af:e6:62:6d:19:5d:ec:2d:91:98:ef:a9:20:9b:
50:d6:22:c3:af:c1:a2:d2:d1:51:b5:9c:97:5d:52:
db:2c:56:88:f0:d7:05:fd:8a:e3:58:6c:9e:6b:90:
df:e6:fd:5f:02:22:b9:6a:bc:a5:d1:6f:75:4f:cd:
73:22:84:f8:5a:81:dd:51:a7:10:fe:a4:6c:b6:75:
4e:a7:a9:fa:a9:8a:98:db:5a:88:6b:14:84:0d:bb:
3f:e4:a8:22:74:ae:d6:88:67:02:46:52:5f:21:ec:
ad:96:65:41:77:b8:79:04:21:75:dd:3c:e0:73:28:
b2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:42:D3:7C:DB:3B:D6:7F:F2:5D:72:29:63:25:F0:BB:83:A6:26:12
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133342e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.134.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:e4:88:94:6f:f4:21:24:b7:82:39:21:c6:9b:8d:60:ba:cc:
2d:d7:2d:47:4b:ab:18:d8:4c:0a:50:a6:9c:fb:96:d2:3f:24:
65:a7:c6:b6:68:99:ba:cd:e1:dd:bc:c7:71:3d:a8:48:33:03:
06:70:3e:d7:40:13:b2:4e:00:c2:fd:9f:ac:d0:b0:b7:03:b1:
b1:76:34:63:fb:4d:72:ce:a9:53:da:b5:eb:b1:74:06:2e:c2:
e5:42:3b:6d:cd:03:95:2f:72:5f:4b:bd:8c:00:07:38:ce:ca:
ff:7b:be:d9:08:9c:ac:4f:e4:66:61:6e:58:d7:37:d1:15:bc:
4d:2b:e2:e0:4f:8e:a9:e0:06:08:d0:8b:19:a5:f8:74:41:e2:
8c:15:a7:02:c6:6f:5e:28:b1:7d:22:8a:19:89:f8:77:5b:87:
87:a9:37:7f:e7:43:a4:52:b8:13:99:f4:74:ca:17:08:92:a0:
9c:4c:5e:65:9f:3b:18:bb:47:db:49:94:f8:cf:4d:c8:8a:6b:
a5:b3:98:42:ea:c4:43:28:c1:d2:bd:db:7d:ae:5f:fe:07:15:
01:54:41:b1:43:b8:56:47:2f:12:21:e9:88:72:47:cd:dd:53:
0d:72:27:8a:46:a1:26:02:14:d0:7e:00:a1:e2:03:36:a4:f7:
c1:a3:c7:67
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUbquiziBAEKJ1yDpeyqYkmKW1DdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTVaFw0yNjAxMjYwOTQ0NTVaMDMxMTAvBgNV
BAMTKDY0NDJEMzdDREIzQkQ2N0ZGMjVENzIyOTYzMjVGMEJCODNBNjI2MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKJh48OSGLQX8JM0133F5WZ30z
Zq5UsTCvu/HJS7bkng2R4eN01atJL7QqQU+UJhRUahUk/2ehch91imTVkv+iOoy0
gMP8vbti9Dq9/KDbIwqr6fl2dpJJJwdxzFV8+8MrIdEW4F8yZftaN2EVO8jP5Sv1
/BORunvg4sYwvnGwyVfV+CBz9GKv5mJtGV3sLZGY76kgm1DWIsOvwaLS0VG1nJdd
UtssVojw1wX9iuNYbJ5rkN/m/V8CIrlqvKXRb3VPzXMihPhagd1RpxD+pGy2dU6n
qfqpipjbWohrFIQNuz/kqCJ0rtaIZwJGUl8h7K2WZUF3uHkEIXXdPOBzKLJNAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUZELTfNs71n/yXXIpYyXwu4OmJhIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM1MzcyZTM5Mzcy
ZTMxMzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAJ1hhjANBgkqhkiG9w0BAQsFAAOCAQEAe+SIlG/0ISS3gjkhxpuNYLrM
LdctR0urGNhMClCmnPuW0j8kZafGtmiZus3h3bzHcT2oSDMDBnA+10ATsk4Awv2f
rNCwtwOxsXY0Y/tNcs6pU9q167F0Bi7C5UI7bc0DlS9yX0u9jAAHOM7K/3u+2Qic
rE/kZmFuWNc30RW8TSvi4E+OqeAGCNCLGaX4dEHijBWnAsZvXiixfSKKGYn4d1uH
h6k3f+dDpFK4E5n0dMoXCJKgnExeZZ87GLtH20mU+M9NyIprpbOYQurEQyjB0r3b
fa5f/gcVAVRBsUO4VkcvEiHpiHJHzd1TDXInikahJgIU0H4AoeIDNqT3waPHZw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:26 2025 by rpki-client