Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136332e35352e302f32342d3234203d3e20323031333431.roa
File: 3138352e3136332e35352e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: HSug7sL3FXMJt/o1bRJzGDY8PyotDS19/cmgtSFImm8=
Subject key identifier: 94:89:A1:07:8D:1C:14:6B:B7:E2:98:AD:E9:C6:A8:59:90:5F:FE:71
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4962F2D74788DF4C9FE25D349DC446117C3CA2A3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136332e35352e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 27 Jan 2025 09:44:53 +0000
ROA not before: Mon 27 Jan 2025 09:39:53 +0000
ROA not after: Mon 26 Jan 2026 09:44:53 +0000
asID: 201341
IP address blocks: 185.163.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:62:f2:d7:47:88:df:4c:9f:e2:5d:34:9d:c4:46:11:7c:3c:a2:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:53 2025 GMT
Not After : Jan 26 09:44:53 2026 GMT
Subject: CN=9489A1078D1C146BB7E298ADE9C6A859905FFE71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:90:6e:25:b0:e7:ad:55:93:33:0d:f7:93:a4:
e2:e6:92:bd:09:6a:9c:63:15:77:a2:88:1f:a1:7b:
78:83:aa:31:39:59:b6:31:58:fd:02:9e:86:04:09:
37:96:ec:be:96:8a:c1:96:7e:e5:2a:bb:72:3f:65:
a6:c3:92:0b:3b:34:13:e8:a5:74:03:5d:09:6d:1e:
72:41:7b:30:0b:5b:74:70:51:3b:e6:67:85:c5:04:
2e:44:b8:8a:cb:33:d0:26:ac:ea:a6:d5:0a:5b:34:
d1:71:27:9c:87:ff:44:c3:66:a3:06:cd:a6:8e:7a:
57:79:27:77:0e:40:d0:48:c0:10:66:7d:27:81:d9:
ec:67:31:c5:1e:bc:27:64:ac:c8:24:ee:72:b0:80:
97:0b:05:41:c8:ed:97:c4:60:c9:d4:10:52:2a:d2:
32:74:c1:6b:73:4e:d6:5e:3b:7f:22:ec:23:b8:19:
2f:53:be:8c:c3:43:39:ea:7a:cf:2c:30:ee:18:02:
8a:d2:36:e6:54:da:52:7f:7f:ef:3a:c1:fb:d6:bd:
98:32:2d:af:b8:f7:7f:0b:55:d0:1f:5f:33:d2:4f:
5e:b9:c8:02:ab:4d:6a:6e:a2:e8:aa:03:cd:68:11:
5c:3d:2a:16:2b:e5:5d:99:fd:01:e4:b3:17:12:0a:
e1:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:89:A1:07:8D:1C:14:6B:B7:E2:98:AD:E9:C6:A8:59:90:5F:FE:71
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136332e35352e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.55.0/24
Signature Algorithm: sha256WithRSAEncryption
80:f0:e5:36:93:41:71:92:1d:b7:75:8b:e6:81:93:0f:80:cf:
38:58:17:d3:b3:fe:43:2b:95:cd:a8:6f:09:30:38:7c:54:fe:
7f:7a:ad:59:41:d5:9c:7d:88:d4:ce:ae:80:50:b7:2b:c0:f9:
1f:45:6d:44:70:c6:9b:f8:cf:6f:39:44:a1:5c:4c:bb:39:c1:
3c:33:c3:b8:74:46:64:46:8d:19:99:c7:ff:d5:0e:45:6f:79:
b7:33:e5:50:83:56:13:50:dc:7d:97:94:c5:d9:21:ec:8e:93:
6d:c7:c1:f8:9a:32:cd:13:cd:f6:fd:fa:c8:eb:87:f1:22:70:
8a:fc:fc:2b:c8:1e:09:74:c5:5c:89:47:ce:5f:95:7c:d6:9a:
fb:55:c0:5a:9b:a9:2a:02:83:c4:d4:eb:af:55:55:fc:d9:cd:
a9:6d:f0:58:15:82:3a:a1:6d:3d:6e:e6:8e:a9:84:b3:64:c7:
c1:14:46:68:64:0d:ea:23:cf:64:73:21:8f:18:d8:7c:64:2d:
d2:81:a5:ca:27:46:ce:0a:13:34:9b:c4:4a:2d:36:02:14:2c:
f7:82:38:e8:b3:1c:e2:cb:f2:e6:c3:f1:99:49:79:26:a1:26:
ff:c7:33:fb:af:b0:7b:f4:fa:e9:36:4d:33:d7:91:9a:78:9a:
48:ef:c7:fc
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUSWLy10eI30yf4l00ncRGEXw8oqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTNaFw0yNjAxMjYwOTQ0NTNaMDMxMTAvBgNV
BAMTKDk0ODlBMTA3OEQxQzE0NkJCN0UyOThBREU5QzZBODU5OTA1RkZFNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCckG4lsOetVZMzDfeTpOLmkr0J
apxjFXeiiB+he3iDqjE5WbYxWP0CnoYECTeW7L6WisGWfuUqu3I/ZabDkgs7NBPo
pXQDXQltHnJBezALW3RwUTvmZ4XFBC5EuIrLM9AmrOqm1QpbNNFxJ5yH/0TDZqMG
zaaOeld5J3cOQNBIwBBmfSeB2exnMcUevCdkrMgk7nKwgJcLBUHI7ZfEYMnUEFIq
0jJ0wWtzTtZeO38i7CO4GS9TvozDQznqes8sMO4YAorSNuZU2lJ/f+86wfvWvZgy
La+4938LVdAfXzPST165yAKrTWpuouiqA81oEVw9KhYr5V2Z/QHksxcSCuE1AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUlImhB40cFGu34pit6caoWZBf/nEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
MzJlMzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmjNzANBgkqhkiG9w0BAQsFAAOCAQEAgPDlNpNBcZIdt3WL5oGTD4DP
OFgX07P+QyuVzahvCTA4fFT+f3qtWUHVnH2I1M6ugFC3K8D5H0VtRHDGm/jPbzlE
oVxMuznBPDPDuHRGZEaNGZnH/9UORW95tzPlUINWE1DcfZeUxdkh7I6TbcfB+Joy
zRPN9v36yOuH8SJwivz8K8geCXTFXIlHzl+VfNaa+1XAWpupKgKDxNTrr1VV/NnN
qW3wWBWCOqFtPW7mjqmEs2THwRRGaGQN6iPPZHMhjxjYfGQt0oGlyidGzgoTNJvE
Si02AhQs94I46LMc4svy5sPxmUl5JqEm/8cz+6+we/T66TZNM9eRmniaSO/H/A==
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:46:33 2025 by rpki-client