Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3135332e3137382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: rB+++HoyDaQ6lvvJOiKytFlGNUaG/7vyKCOmSuXzsMQ=
Subject key identifier: F0:53:AD:12:B8:BF:13:FE:F5:74:82:B2:A0:F4:3E:9C:5B:65:31:F5
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1941FD54BCB61C3E484BB9D573AF7F179812D0F5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:44:53 +0000
ROA not before: Mon 27 Jan 2025 09:39:53 +0000
ROA not after: Mon 26 Jan 2026 09:44:53 +0000
asID: 136787
IP address blocks: 185.153.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:41:fd:54:bc:b6:1c:3e:48:4b:b9:d5:73:af:7f:17:98:12:d0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:53 2025 GMT
Not After : Jan 26 09:44:53 2026 GMT
Subject: CN=F053AD12B8BF13FEF57482B2A0F43E9C5B6531F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:2c:56:f9:04:00:b0:86:dc:e0:54:c9:56:f1:
44:7e:19:04:63:3b:a0:1f:e0:10:88:2d:2f:8d:88:
e3:18:d9:c2:ff:6e:8c:4a:46:55:c6:9d:0a:ae:59:
de:aa:44:a4:f1:10:30:44:56:f4:86:75:e6:de:42:
4d:90:78:34:50:26:aa:a3:94:1e:f0:e9:1f:5f:52:
31:0a:82:18:f9:0c:00:9d:e6:00:ca:0d:e7:69:b6:
7f:c6:4f:da:3d:e0:fa:c3:a2:3d:a3:34:24:f2:3c:
a2:b2:d6:27:aa:af:35:f0:b3:c9:6d:8c:8e:ed:d6:
ad:24:88:c3:7a:54:6d:3a:8a:43:cd:27:68:29:22:
47:ef:2f:bf:24:dd:c3:6d:01:50:14:26:9f:b7:fb:
22:4d:2c:90:9b:27:cc:db:fc:5b:17:c2:fd:7d:e4:
35:17:c9:46:a1:ac:d3:cd:75:7d:56:0d:f3:c2:af:
a9:b3:ce:76:87:9e:6e:5c:c5:42:62:b0:57:67:0e:
c6:3a:0a:dd:d8:38:af:ae:01:8a:5f:7e:64:dd:34:
97:9b:0f:8c:5f:ae:ba:08:b5:33:17:28:a7:a9:a2:
6d:fa:cb:86:a7:e4:55:6a:35:6e:33:43:44:69:ae:
ff:56:3b:7c:e6:10:a7:30:13:53:2d:27:35:8c:e8:
09:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:53:AD:12:B8:BF:13:FE:F5:74:82:B2:A0:F4:3E:9C:5B:65:31:F5
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.178.0/24
Signature Algorithm: sha256WithRSAEncryption
52:0d:e1:58:ab:de:b3:a6:cc:2a:6a:9f:da:eb:1f:33:a3:1c:
1a:2e:fe:94:1f:0d:74:2f:3e:d3:30:63:56:99:14:8e:33:32:
26:e1:5c:67:c6:2e:d6:20:16:84:bf:69:57:e5:c9:bf:6a:e6:
9a:0b:05:dc:e2:3c:41:67:a5:6d:bc:c0:48:b1:e9:02:94:2b:
4a:4c:05:df:9c:69:0b:74:7a:6e:c8:3d:25:de:88:fd:83:e6:
79:16:a1:d2:13:a8:e0:c4:1d:2a:56:dd:5b:10:dc:c4:c8:72:
5c:00:e1:da:58:23:eb:d4:34:f4:df:7c:7d:c5:c9:09:6a:70:
84:99:a8:59:03:18:f2:e9:e5:3f:d7:37:8d:ba:1a:21:2c:af:
01:ec:f1:e8:85:e9:76:c1:5b:28:78:c3:4b:f2:60:c4:34:b5:
2c:b3:73:37:a6:5f:74:28:4b:0c:b1:d5:b2:4c:ac:78:b3:f6:
f9:19:fe:32:a6:1e:db:6b:b0:f7:ef:51:27:3b:4b:ec:67:03:
5e:ff:f1:02:20:6c:30:fd:5c:3b:dc:a9:f2:66:84:55:bc:94:
c2:df:35:d6:d1:77:8a:de:cb:c6:b7:4b:f1:a6:f9:c4:8b:49:
cd:c5:e4:ea:7b:97:06:cd:9a:e2:34:29:1c:75:c0:d9:aa:a6:
10:bf:b5:eb
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUGUH9VLy2HD5IS7nVc69/F5gS0PUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTNaFw0yNjAxMjYwOTQ0NTNaMDMxMTAvBgNV
BAMTKEYwNTNBRDEyQjhCRjEzRkVGNTc0ODJCMkEwRjQzRTlDNUI2NTMxRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkLFb5BACwhtzgVMlW8UR+GQRj
O6Af4BCILS+NiOMY2cL/boxKRlXGnQquWd6qRKTxEDBEVvSGdebeQk2QeDRQJqqj
lB7w6R9fUjEKghj5DACd5gDKDedptn/GT9o94PrDoj2jNCTyPKKy1ieqrzXws8lt
jI7t1q0kiMN6VG06ikPNJ2gpIkfvL78k3cNtAVAUJp+3+yJNLJCbJ8zb/FsXwv19
5DUXyUahrNPNdX1WDfPCr6mzznaHnm5cxUJisFdnDsY6Ct3YOK+uAYpffmTdNJeb
D4xfrroItTMXKKepom36y4an5FVqNW4zQ0Rprv9WO3zmEKcwE1MtJzWM6AmFAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU8FOtEri/E/71dIKyoPQ+nFtlMfUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzUz
MzJlMzEzNzM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuZmyMA0GCSqGSIb3DQEBCwUAA4IBAQBSDeFYq96zpswqap/a6x8z
oxwaLv6UHw10Lz7TMGNWmRSOMzIm4Vxnxi7WIBaEv2lX5cm/auaaCwXc4jxBZ6Vt
vMBIsekClCtKTAXfnGkLdHpuyD0l3oj9g+Z5FqHSE6jgxB0qVt1bENzEyHJcAOHa
WCPr1DT033x9xckJanCEmahZAxjy6eU/1zeNuhohLK8B7PHohel2wVsoeMNL8mDE
NLUss3M3pl90KEsMsdWyTKx4s/b5Gf4yph7ba7D371EnO0vsZwNe//ECIGww/Vw7
3KnyZoRVvJTC3zXW0XeK3svGt0vxpvnEi0nNxeTqe5cGzZriNCkcdcDZqqYQv7Xr
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:59:22 2025 by rpki-client