Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e39372e3230392e302f32342d3234203d3e20313336373837.roa
File: 3137362e39372e3230392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ikCLLQsi3nx20+vDRSOwlU0CbxS9UUSKHIfPxcZOKpc=
Subject key identifier: BD:B9:2A:36:52:50:93:EC:66:7E:C3:10:28:FF:CA:D3:36:3E:49:07
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 739FABDB6E44C8AF7AF33537B49A536DB044D416
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e39372e3230392e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 20 Feb 2025 09:45:46 +0000
ROA not before: Thu 20 Feb 2025 09:40:46 +0000
ROA not after: Thu 19 Feb 2026 09:45:46 +0000
asID: 136787
IP address blocks: 176.97.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:9f:ab:db:6e:44:c8:af:7a:f3:35:37:b4:9a:53:6d:b0:44:d4:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 20 09:40:46 2025 GMT
Not After : Feb 19 09:45:46 2026 GMT
Subject: CN=BDB92A36525093EC667EC31028FFCAD3363E4907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d5:99:d8:96:8d:e5:41:64:fa:f5:07:e2:14:
3e:a7:7f:2b:02:9b:6a:58:4c:44:86:9e:bc:d4:0d:
f8:4e:a0:ef:b7:9d:0b:46:2d:9d:57:a7:93:9c:fc:
86:b5:c4:d2:31:5a:ab:89:27:4d:ac:66:e6:c8:8a:
12:de:b5:83:a4:3c:45:2d:68:11:54:7f:d3:b4:5b:
c1:e1:fa:d2:9b:27:90:7f:b7:be:ca:77:4c:d7:02:
4e:76:7c:47:24:72:74:ca:1c:77:ce:18:cf:f8:68:
8d:b2:f7:70:b1:ea:e5:f7:e1:21:51:77:b3:f7:ac:
51:11:38:18:65:87:70:e6:f0:e1:cf:ce:32:07:f5:
a2:93:be:fa:88:43:8d:14:11:eb:41:01:4c:a2:a8:
28:bf:de:66:6a:f3:b2:38:f5:1f:91:74:53:19:d2:
90:8d:cd:4a:ce:ae:c2:1c:24:d1:07:28:02:bd:5b:
69:3e:5d:42:25:11:73:2a:27:9f:21:f6:03:69:a6:
af:18:b5:3f:5b:94:07:90:01:fe:ab:66:89:7f:38:
1c:24:1c:c7:c2:c9:ed:88:8f:d4:d6:b0:09:44:50:
12:54:fc:f9:fe:ee:13:14:e0:2a:44:84:96:51:36:
ef:53:b3:a6:df:4c:be:0d:7d:65:76:f2:d3:ed:36:
d7:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:B9:2A:36:52:50:93:EC:66:7E:C3:10:28:FF:CA:D3:36:3E:49:07
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e39372e3230392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.209.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:1f:d5:b8:6d:e9:6e:b5:11:98:5d:d8:2b:40:99:a6:8b:1c:
90:0e:f4:f8:17:33:be:05:8e:26:7e:86:06:78:9d:9a:55:27:
37:38:02:27:86:a2:60:33:88:a7:0e:1d:71:6b:6e:11:58:cf:
7f:72:a3:5b:2c:f5:31:49:1e:ed:34:25:5a:4a:67:06:16:7a:
9c:26:67:9e:e2:6a:df:c6:6e:4d:52:fa:19:e7:b5:cf:a2:16:
61:4b:e2:cb:f2:08:6f:41:0f:f8:56:c7:25:de:6c:c5:b2:0d:
c8:73:5a:f1:d6:11:c3:94:fc:ea:a4:14:ab:aa:e8:e7:36:e2:
57:aa:d5:11:3e:a8:a7:19:74:d9:f7:02:24:8c:4b:1f:4c:aa:
a7:c3:75:58:f3:ef:76:9a:88:33:c7:f9:fa:71:12:e8:a3:82:
06:0b:09:19:c2:a1:3f:29:a3:8e:21:f3:74:dc:5a:b0:52:88:
83:26:4d:7e:5f:c5:8e:2e:82:0d:9f:56:b2:23:15:38:81:fa:
a7:df:96:b8:47:c1:f8:c3:e6:8d:6c:62:49:52:5b:11:af:04:
b3:dd:67:f5:27:bd:bc:ff:b1:38:93:2d:95:f0:d0:69:6d:2b:
a8:7f:2c:24:32:c0:7b:ad:bc:52:c7:d5:27:e1:35:0f:fb:41:
87:70:4d:63
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUc5+r225EyK968zU3tJpTbbBE1BYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAyMjAwOTQwNDZaFw0yNjAyMTkwOTQ1NDZaMDMxMTAvBgNV
BAMTKEJEQjkyQTM2NTI1MDkzRUM2NjdFQzMxMDI4RkZDQUQzMzYzRTQ5MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK1ZnYlo3lQWT69QfiFD6nfysC
m2pYTESGnrzUDfhOoO+3nQtGLZ1Xp5Oc/Ia1xNIxWquJJ02sZubIihLetYOkPEUt
aBFUf9O0W8Hh+tKbJ5B/t77Kd0zXAk52fEckcnTKHHfOGM/4aI2y93Cx6uX34SFR
d7P3rFEROBhlh3Dm8OHPzjIH9aKTvvqIQ40UEetBAUyiqCi/3mZq87I49R+RdFMZ
0pCNzUrOrsIcJNEHKAK9W2k+XUIlEXMqJ58h9gNppq8YtT9blAeQAf6rZol/OBwk
HMfCye2Ij9TWsAlEUBJU/Pn+7hMU4CpEhJZRNu9Ts6bfTL4NfWV28tPtNtcjAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUvbkqNlJQk+xmfsMQKP/K0zY+SQcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzYyZTM5Mzcy
ZTMyMzAzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALBh0TANBgkqhkiG9w0BAQsFAAOCAQEADx/VuG3pbrURmF3YK0CZposc
kA70+BczvgWOJn6GBnidmlUnNzgCJ4aiYDOIpw4dcWtuEVjPf3KjWyz1MUke7TQl
WkpnBhZ6nCZnnuJq38ZuTVL6Gee1z6IWYUviy/IIb0EP+FbHJd5sxbINyHNa8dYR
w5T86qQUq6ro5zbiV6rVET6opxl02fcCJIxLH0yqp8N1WPPvdpqIM8f5+nES6KOC
BgsJGcKhPymjjiHzdNxasFKIgyZNfl/Fji6CDZ9WsiMVOIH6p9+WuEfB+MPmjWxi
SVJbEa8Es91n9Se9vP+xOJMtlfDQaW0rqH8sJDLAe628UsfVJ+E1D/tBh3BNYw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:01:49 2025 by rpki-client