Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e322e302f32342d3234203d3e20323136313531.roa
File: 3138352e3136392e322e302f32342d3234203d3e20323136313531.roa (raw, json)
Hash identifier: 1fbWpJhmZZkLvARk706aLXOqCpFKe15yw7jjoCCgDl4=
Subject key identifier: 84:0C:8B:4A:B8:BE:C5:87:9E:C2:DF:40:C6:F0:52:BA:81:FF:F0:AB
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 62E41CDA996AD8C2F938497C2D2C6538388D8886
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e322e302f32342d3234203d3e20323136313531.roa
Signing time: Mon 27 Jan 2025 16:45:31 +0000
ROA not before: Mon 27 Jan 2025 16:40:31 +0000
ROA not after: Mon 26 Jan 2026 16:45:31 +0000
asID: 216151
IP address blocks: 185.169.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:e4:1c:da:99:6a:d8:c2:f9:38:49:7c:2d:2c:65:38:38:8d:88:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 16:40:31 2025 GMT
Not After : Jan 26 16:45:31 2026 GMT
Subject: CN=840C8B4AB8BEC5879EC2DF40C6F052BA81FFF0AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:32:28:fa:e7:1d:15:55:5b:fa:8a:1b:ac:49:
49:f1:ff:e9:f7:40:7b:63:57:c2:1f:80:35:d0:36:
87:54:7a:06:51:96:51:9c:29:d1:97:5c:2b:7f:fc:
9a:f7:e2:d0:c8:c9:63:98:c9:03:3e:68:aa:7f:96:
5b:3e:48:47:bd:03:42:24:48:70:ab:48:b9:6f:2d:
72:91:74:0f:9d:13:83:59:87:5e:a7:9b:d0:b5:9a:
ec:41:c0:28:19:00:2f:51:13:3a:fc:dd:eb:d7:d5:
ef:cf:f0:dd:85:2f:85:36:01:11:2e:7c:12:56:af:
04:3b:f1:5b:1b:8b:13:22:9e:ba:60:a8:5d:9e:89:
7c:df:2f:f1:c6:a6:2f:39:52:f4:41:00:28:96:b6:
b9:dc:89:55:35:39:6e:44:b9:f7:c8:08:98:76:86:
b5:26:65:c8:f1:0e:4c:d5:80:23:84:7e:15:a3:34:
35:b6:43:2a:57:f0:96:d9:61:31:8b:91:70:a8:f6:
98:82:e8:11:e7:99:72:3a:dc:5c:a6:6e:4c:34:da:
13:df:61:f2:e0:f6:70:28:3f:42:e3:03:02:fb:d6:
a7:22:5b:99:d4:e5:8a:be:a8:c9:c3:e1:2e:27:12:
b1:14:53:33:18:fa:e2:d8:5c:c9:1b:51:39:31:5b:
a5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0C:8B:4A:B8:BE:C5:87:9E:C2:DF:40:C6:F0:52:BA:81:FF:F0:AB
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e322e302f32342d3234203d3e20323136313531.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.2.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:89:e1:06:fd:d0:c6:f9:be:1b:6e:81:f0:88:65:7d:b9:00:
c1:4a:ff:f5:7c:40:13:7c:22:aa:ad:e6:fa:71:27:d6:5c:82:
09:e5:0f:a0:73:c6:a2:4d:4f:aa:5f:18:32:fa:f1:c1:d8:ef:
2a:01:f1:2e:4f:59:ed:11:c6:76:a9:36:69:23:9f:94:47:4c:
56:ef:ee:b2:16:e2:22:d9:96:fe:bf:8c:da:d7:bb:7e:9b:86:
d7:73:56:9e:70:7e:5f:ee:f5:05:8b:02:50:e7:85:6b:79:45:
eb:e9:bc:3e:14:36:ef:16:47:54:63:e5:b9:ec:c4:99:88:df:
86:d7:07:b2:7a:6b:d5:65:eb:17:16:44:78:7d:9c:46:ed:65:
ea:94:69:48:23:a4:a0:54:fd:66:a3:c6:8b:e4:3c:6d:cd:8c:
f5:10:1f:7d:73:61:93:78:af:0d:b8:16:29:89:d0:a2:a4:01:
6c:f4:d1:af:1c:cd:c2:35:2d:5f:1c:de:5d:8e:53:f7:aa:89:
48:5c:20:7e:f3:23:5f:68:b1:4c:0e:71:3d:6e:63:2f:87:d8:
46:08:d2:93:49:dd:33:61:82:47:b0:42:3d:af:31:86:c9:e2:
c0:e0:9c:11:21:38:8a:58:b5:38:37:0d:09:33:8f:fa:a6:4e:
cd:0f:c7:a4
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUYuQc2plq2ML5OEl8LSxlODiNiIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcxNjQwMzFaFw0yNjAxMjYxNjQ1MzFaMDMxMTAvBgNV
BAMTKDg0MEM4QjRBQjhCRUM1ODc5RUMyREY0MEM2RjA1MkJBODFGRkYwQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKMij65x0VVVv6ihusSUnx/+n3
QHtjV8IfgDXQNodUegZRllGcKdGXXCt//Jr34tDIyWOYyQM+aKp/lls+SEe9A0Ik
SHCrSLlvLXKRdA+dE4NZh16nm9C1muxBwCgZAC9REzr83evX1e/P8N2FL4U2AREu
fBJWrwQ78VsbixMinrpgqF2eiXzfL/HGpi85UvRBACiWtrnciVU1OW5EuffICJh2
hrUmZcjxDkzVgCOEfhWjNDW2QypX8JbZYTGLkXCo9piC6BHnmXI63Fymbkw02hPf
YfLg9nAoP0LjAwL71qciW5nU5Yq+qMnD4S4nErEUUzMY+uLYXMkbUTkxW6UPAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUhAyLSri+xYeewt9AxvBSuoH/8KswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
OTJlMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzYzMTM1MzEucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAC5qQIwDQYJKoZIhvcNAQELBQADggEBAMGJ4Qb90Mb5vhtugfCIZX25AMFK
//V8QBN8Iqqt5vpxJ9ZcggnlD6BzxqJNT6pfGDL68cHY7yoB8S5PWe0RxnapNmkj
n5RHTFbv7rIW4iLZlv6/jNrXu36bhtdzVp5wfl/u9QWLAlDnhWt5RevpvD4UNu8W
R1Rj5bnsxJmI34bXB7J6a9Vl6xcWRHh9nEbtZeqUaUgjpKBU/WajxovkPG3NjPUQ
H31zYZN4rw24FimJ0KKkAWz00a8czcI1LV8c3l2OU/eqiUhcIH7zI19osUwOcT1u
Yy+H2EYI0pNJ3TNhgkewQj2vMYbJ4sDgnBEhOIpYtTg3DQkzj/qmTs0Px6Q=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:34:14 2025 by rpki-client