Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137372e302f32342d3332203d3e20313336373837.roa
File: 3138352e3135332e3137372e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: 2pkvLcLZPvC6R5BMsnS0ATC+rGqDW9TSyp+ZekKu3Fk=
Subject key identifier: EC:1D:5D:A1:8A:35:6C:63:77:C3:59:4D:BA:CC:77:53:CF:BF:06:7C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3DAE77742EF9DD211A7C51629EFAC86C7CEEDB62
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137372e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:44:54 +0000
ROA not before: Mon 27 Jan 2025 09:39:54 +0000
ROA not after: Mon 26 Jan 2026 09:44:54 +0000
asID: 136787
IP address blocks: 185.153.177.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:ae:77:74:2e:f9:dd:21:1a:7c:51:62:9e:fa:c8:6c:7c:ee:db:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:54 2025 GMT
Not After : Jan 26 09:44:54 2026 GMT
Subject: CN=EC1D5DA18A356C6377C3594DBACC7753CFBF067C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4b:26:1d:11:4a:2f:4e:4c:f4:5b:3b:80:48:
6d:9c:f7:4e:9e:f6:49:cd:84:c0:ab:f3:0d:7f:8f:
40:0e:90:c1:5a:b1:9c:68:77:98:54:7c:02:db:e0:
c5:d0:95:df:56:c8:99:5f:6c:5a:7a:f9:49:02:31:
66:3b:c5:68:f5:77:b9:68:8d:db:c1:5a:34:f2:19:
45:8f:93:69:59:d2:18:e5:0e:ee:f9:64:fc:a7:82:
c5:86:97:ad:e6:6b:b2:86:a4:27:28:b9:a0:cb:1a:
dd:14:8d:25:ca:0c:9c:ed:59:31:a9:3e:b5:f4:2c:
58:6b:a0:8d:85:ef:89:5d:65:58:cf:75:71:07:76:
a0:d3:40:41:29:ca:bd:da:ca:d7:ec:67:5c:2b:72:
2f:fa:7b:29:0f:c8:08:b4:56:9c:24:2e:98:95:9d:
f0:b2:62:71:b9:d6:d6:8b:64:c9:c8:e2:fe:64:6e:
b9:e9:02:f8:35:60:f7:fb:c0:07:71:70:08:bb:76:
31:7d:28:88:b8:6f:3f:90:33:55:f4:85:83:dc:1e:
bc:96:2c:78:63:54:41:7e:e4:1e:5b:a6:4e:4c:3f:
da:6a:d3:2e:77:3f:be:64:d7:84:3e:73:c7:d7:21:
f5:04:b2:01:6f:25:94:0a:c2:8e:ff:ed:3f:a4:8c:
76:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:1D:5D:A1:8A:35:6C:63:77:C3:59:4D:BA:CC:77:53:CF:BF:06:7C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137372e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.177.0/24
Signature Algorithm: sha256WithRSAEncryption
84:4d:39:6d:bb:07:96:35:8c:35:89:e1:df:e2:af:62:17:c5:
39:30:e8:9f:9d:42:ea:1f:11:d1:b2:b7:3b:4a:ad:cb:96:2b:
a3:5b:bd:26:c6:3b:60:0c:fb:58:63:13:f5:c4:e6:e4:f0:cc:
33:fc:1b:dd:c5:9c:4a:31:38:0c:18:08:db:f9:fd:f8:9e:62:
b4:4b:4d:c8:f9:bc:d8:7f:0b:95:59:5e:3f:e2:73:1e:5d:65:
76:bb:a8:a9:08:1b:c9:6c:de:ee:a9:1a:44:9d:ca:22:34:28:
ce:4d:03:90:41:b0:01:6e:28:1d:38:1f:b0:74:25:f7:5b:59:
b3:e3:87:48:d8:cd:10:0d:54:01:e7:34:c7:ab:de:ec:85:12:
d3:92:41:be:ac:55:1b:95:19:4c:27:dc:97:44:38:3d:1d:3e:
28:40:91:e1:3f:ea:f5:a4:b2:c6:80:9a:0a:45:ed:1d:7f:41:
29:36:91:53:96:47:13:9f:a8:e6:7d:22:a7:9c:d6:31:20:30:
fd:27:01:6a:10:5e:86:15:80:c7:55:23:e7:13:11:a9:49:ed:
cd:1c:b2:18:ee:6b:08:c2:c3:ce:e5:6c:92:3f:c5:6d:8c:76:
db:6a:d5:d2:b4:5d:75:35:f5:de:c8:a9:0f:6d:78:44:1f:c1:
76:7f:0d:3b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUPa53dC753SEafFFinvrIbHzu22IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTRaFw0yNjAxMjYwOTQ0NTRaMDMxMTAvBgNV
BAMTKEVDMUQ1REExOEEzNTZDNjM3N0MzNTk0REJBQ0M3NzUzQ0ZCRjA2N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrSyYdEUovTkz0WzuASG2c906e
9knNhMCr8w1/j0AOkMFasZxod5hUfALb4MXQld9WyJlfbFp6+UkCMWY7xWj1d7lo
jdvBWjTyGUWPk2lZ0hjlDu75ZPyngsWGl63ma7KGpCcouaDLGt0UjSXKDJztWTGp
PrX0LFhroI2F74ldZVjPdXEHdqDTQEEpyr3aytfsZ1wrci/6eykPyAi0VpwkLpiV
nfCyYnG51taLZMnI4v5kbrnpAvg1YPf7wAdxcAi7djF9KIi4bz+QM1X0hYPcHryW
LHhjVEF+5B5bpk5MP9pq0y53P75k14Q+c8fXIfUEsgFvJZQKwo7/7T+kjHZXAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU7B1doYo1bGN3w1lNusx3U8+/BnwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzUz
MzJlMzEzNzM3MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzEzMzM2MzczODM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuZmxMA0GCSqGSIb3DQEBCwUAA4IBAQCETTltuweWNYw1ieHf4q9i
F8U5MOifnULqHxHRsrc7Sq3LliujW70mxjtgDPtYYxP1xObk8Mwz/BvdxZxKMTgM
GAjb+f34nmK0S03I+bzYfwuVWV4/4nMeXWV2u6ipCBvJbN7uqRpEncoiNCjOTQOQ
QbABbigdOB+wdCX3W1mz44dI2M0QDVQB5zTHq97shRLTkkG+rFUblRlMJ9yXRDg9
HT4oQJHhP+r1pLLGgJoKRe0df0EpNpFTlkcTn6jmfSKnnNYxIDD9JwFqEF6GFYDH
VSPnExGpSe3NHLIY7msIwsPO5WySP8VtjHbbatXStF11NfXeyKkPbXhEH8F2fw07
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:10 2025 by rpki-client