Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34352e302f32342d3234203d3e20323031333431.roa
File: 3138352e3136322e34352e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: goU8rmhtPYOeixCY0BuJY88DfDww3H99rX+xcGQ3lgE=
Subject key identifier: 82:56:CC:F7:C0:D1:BB:C5:DB:16:44:93:66:46:69:D2:21:E2:6E:01
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 070FC55B8F225F895ABF4CC5E01148481553BE98
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34352e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 27 Jan 2025 09:44:55 +0000
ROA not before: Mon 27 Jan 2025 09:39:55 +0000
ROA not after: Mon 26 Jan 2026 09:44:55 +0000
asID: 201341
IP address blocks: 185.162.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:0f:c5:5b:8f:22:5f:89:5a:bf:4c:c5:e0:11:48:48:15:53:be:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:55 2025 GMT
Not After : Jan 26 09:44:55 2026 GMT
Subject: CN=8256CCF7C0D1BBC5DB164493664669D221E26E01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:35:b0:04:5f:c2:ff:b7:25:32:0e:cb:97:3d:
52:26:1b:cf:db:e9:eb:f8:a9:b5:8c:2a:d4:3c:53:
0f:e5:6f:e2:7f:dc:c9:e3:33:3f:83:e6:97:70:32:
11:39:9b:46:97:e1:e1:1f:4d:2e:5a:7b:2e:91:5e:
60:d2:96:e7:bf:94:4d:89:b9:1a:6d:df:de:93:e4:
46:0c:28:0f:c6:62:53:97:92:84:c4:a4:2d:5d:a2:
4a:2e:f4:4a:55:d7:c7:70:6b:ec:61:65:e7:f9:51:
98:bc:5d:f0:e8:19:11:9d:d3:e7:ec:da:1d:2a:86:
b9:ef:57:3d:60:d4:90:af:db:9c:42:c5:e2:e7:9f:
9e:ab:57:6b:60:a0:5b:5f:de:05:ec:67:a2:89:b4:
a2:66:8f:95:33:92:1a:b1:e8:82:ea:68:81:de:67:
e3:e9:eb:cd:56:25:22:37:1f:4b:55:8c:b9:27:65:
94:a3:e9:ba:b3:83:5f:c2:54:a0:56:82:b5:98:b5:
4e:cc:bf:bc:7e:7b:29:40:36:d2:1a:63:30:01:fb:
85:6f:23:43:ec:07:b6:15:4a:fe:ee:34:d3:fb:67:
b8:a5:d9:d7:bb:2f:78:2b:74:68:2b:9d:b7:e2:3f:
a7:4b:d0:ee:99:3c:7f:ec:fc:b5:da:6a:72:e7:ec:
9f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:56:CC:F7:C0:D1:BB:C5:DB:16:44:93:66:46:69:D2:21:E2:6E:01
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34352e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.45.0/24
Signature Algorithm: sha256WithRSAEncryption
e1:ed:b2:fd:a5:6d:1d:d4:89:43:ba:5f:48:cc:2d:8a:ea:8f:
cb:b7:db:24:7b:25:3b:55:68:6a:94:77:14:b0:cb:d1:a0:be:
46:53:4e:d3:0e:87:e3:01:8b:15:d0:cc:e0:33:6a:f8:d4:f2:
ab:b3:4a:8a:a0:25:d3:68:d0:be:8e:c7:f1:d4:5d:bb:24:ca:
72:e4:04:3d:a6:b1:2a:a8:7f:d4:20:64:cf:6f:64:4a:83:ed:
1a:7f:46:4b:4c:9c:1b:3d:65:a8:e2:45:9b:29:b0:e6:ad:a5:
fe:17:fd:8f:da:26:d3:2a:21:49:17:5a:bf:18:c4:31:2f:3d:
24:7d:01:53:c7:54:9b:12:0c:2a:d6:89:68:a6:93:83:f8:31:
6f:61:5d:0f:81:bf:05:81:3c:1a:86:6f:bc:ab:13:e3:d7:1d:
6a:d5:fd:72:40:a4:ce:60:ac:b0:97:c3:8c:75:dd:53:f3:59:
37:22:21:3a:07:0a:2a:53:7c:73:ca:9a:96:6d:fe:1a:bd:85:
be:19:5b:5c:47:3c:a4:ac:c1:1a:e3:44:62:07:a0:07:25:49:
af:33:6b:02:22:1c:90:84:94:04:35:f3:94:d3:43:bd:1a:24:
11:95:4e:c1:18:9e:f7:e3:bf:5a:d0:63:20:70:9b:67:b9:8c:
76:68:3a:1b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUBw/FW48iX4lav0zF4BFISBVTvpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTVaFw0yNjAxMjYwOTQ0NTVaMDMxMTAvBgNV
BAMTKDgyNTZDQ0Y3QzBEMUJCQzVEQjE2NDQ5MzY2NDY2OUQyMjFFMjZFMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1NbAEX8L/tyUyDsuXPVImG8/b
6ev4qbWMKtQ8Uw/lb+J/3MnjMz+D5pdwMhE5m0aX4eEfTS5aey6RXmDSlue/lE2J
uRpt396T5EYMKA/GYlOXkoTEpC1dokou9EpV18dwa+xhZef5UZi8XfDoGRGd0+fs
2h0qhrnvVz1g1JCv25xCxeLnn56rV2tgoFtf3gXsZ6KJtKJmj5Uzkhqx6ILqaIHe
Z+Pp681WJSI3H0tVjLknZZSj6bqzg1/CVKBWgrWYtU7Mv7x+eylANtIaYzAB+4Vv
I0PsB7YVSv7uNNP7Z7il2de7L3grdGgrnbfiP6dL0O6ZPH/s/LXaanLn7J/vAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUglbM98DRu8XbFkSTZkZp0iHibgEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
MjJlMzQzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmiLTANBgkqhkiG9w0BAQsFAAOCAQEA4e2y/aVtHdSJQ7pfSMwtiuqP
y7fbJHslO1VoapR3FLDL0aC+RlNO0w6H4wGLFdDM4DNq+NTyq7NKiqAl02jQvo7H
8dRduyTKcuQEPaaxKqh/1CBkz29kSoPtGn9GS0ycGz1lqOJFmymw5q2l/hf9j9om
0yohSRdavxjEMS89JH0BU8dUmxIMKtaJaKaTg/gxb2FdD4G/BYE8GoZvvKsT49cd
atX9ckCkzmCssJfDjHXdU/NZNyIhOgcKKlN8c8qalm3+Gr2FvhlbXEc8pKzBGuNE
YgegByVJrzNrAiIckISUBDXzlNNDvRokEZVOwRie9+O/WtBjIHCbZ7mMdmg6Gw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:18:59 2025 by rpki-client