Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e3235342e302f32342d3332203d3e20313336373837.roa
File: 3138352e3136392e3235342e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: zHuO9vrfRsH7WzdF9ctAe7Q+ZxZgDlOkJgUwK3M7bhQ=
Subject key identifier: BD:47:A0:C1:48:20:66:F2:6E:18:1E:4F:E4:2D:D6:FD:58:9D:45:E2
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5CF075584C958220053EBDAFFC4C48DBB520BC2E
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e3235342e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:44:53 +0000
ROA not before: Mon 27 Jan 2025 09:39:53 +0000
ROA not after: Mon 26 Jan 2026 09:44:53 +0000
asID: 136787
IP address blocks: 185.169.254.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:f0:75:58:4c:95:82:20:05:3e:bd:af:fc:4c:48:db:b5:20:bc:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:53 2025 GMT
Not After : Jan 26 09:44:53 2026 GMT
Subject: CN=BD47A0C1482066F26E181E4FE42DD6FD589D45E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:06:62:5c:d8:98:9d:79:fd:56:5e:a0:ee:09:
91:0a:da:c7:cc:4c:34:54:45:cb:e7:8f:ce:66:db:
22:0e:32:83:47:76:5c:a1:16:71:e8:77:48:23:c9:
3f:05:dc:34:4b:4c:7f:3f:ea:33:2c:49:88:ab:c8:
da:d5:70:e2:54:fe:bf:89:db:c4:9b:7c:08:52:70:
c4:a5:80:3f:d0:43:d0:8f:6e:f1:4b:95:c5:5d:83:
98:be:9a:81:95:f0:b1:87:60:b0:62:e3:c5:c9:2d:
3e:7f:14:22:31:ef:31:58:54:92:be:33:c3:f7:4a:
59:47:70:a8:3f:47:81:df:74:66:22:f2:d2:b5:fe:
3a:28:11:d8:cc:32:ba:f4:fc:2d:f1:7b:f7:67:37:
9d:d2:5f:cd:81:f8:68:76:88:4c:85:e0:30:ec:2a:
45:bf:90:2b:75:86:1c:62:a9:2d:ee:b0:06:3c:15:
f3:37:cc:23:ba:04:6e:dc:df:06:25:6e:05:3a:72:
22:ee:a0:53:31:ed:bb:5c:8f:73:c9:e5:85:c4:b2:
a6:92:db:24:c8:5b:bf:9f:5c:0e:15:df:c8:0f:52:
0e:6c:3d:6f:bc:ad:b1:79:94:0c:23:7d:6f:36:9c:
dd:1d:40:4d:00:e7:46:6d:d3:df:5d:96:ee:de:e2:
14:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:47:A0:C1:48:20:66:F2:6E:18:1E:4F:E4:2D:D6:FD:58:9D:45:E2
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e3235342e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.254.0/24
Signature Algorithm: sha256WithRSAEncryption
db:8e:73:cf:bd:b4:92:93:a6:bf:eb:22:c9:b5:e7:70:15:28:
94:b4:09:ef:67:79:e7:d5:85:88:eb:26:dc:e2:71:14:e7:90:
b2:11:ff:1d:84:c6:47:63:d6:fd:a0:2e:ae:6c:dd:47:32:2a:
c9:9d:53:6d:f2:db:6e:19:51:73:68:43:c4:25:62:34:a7:cd:
2b:3e:c3:da:85:4a:60:ca:46:67:08:07:ca:21:fa:87:61:b2:
00:96:94:e6:d4:77:58:77:1c:ad:fc:dc:39:92:04:d4:ad:ea:
e1:18:85:fb:8b:4e:5a:87:61:a3:c5:c5:57:ac:dc:0d:59:62:
5a:53:7e:b2:e3:05:9f:d1:4c:9a:24:18:b2:0c:2f:4b:55:8d:
2a:42:cf:45:50:0d:b5:49:c0:7e:3f:90:5d:33:35:bd:27:22:
3b:78:44:12:be:0e:ac:ec:3e:80:f2:ad:9f:88:72:c6:7a:04:
85:9a:e3:bf:49:5f:14:77:30:cf:ef:d9:72:de:3f:be:6b:1e:
d6:87:3c:21:62:08:47:1a:0b:2c:d2:f0:38:c6:3a:04:07:ba:
6c:00:d8:bd:4c:0d:b9:95:51:83:e5:1f:f2:1d:78:4f:f7:30:
80:c4:29:b9:b9:1f:84:70:af:81:32:2a:76:4e:fc:9f:b7:a5:
14:2b:3d:65
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUXPB1WEyVgiAFPr2v/ExI27UgvC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTNaFw0yNjAxMjYwOTQ0NTNaMDMxMTAvBgNV
BAMTKEJENDdBMEMxNDgyMDY2RjI2RTE4MUU0RkU0MkRENkZENTg5RDQ1RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDBmJc2Jidef1WXqDuCZEK2sfM
TDRURcvnj85m2yIOMoNHdlyhFnHod0gjyT8F3DRLTH8/6jMsSYiryNrVcOJU/r+J
28SbfAhScMSlgD/QQ9CPbvFLlcVdg5i+moGV8LGHYLBi48XJLT5/FCIx7zFYVJK+
M8P3SllHcKg/R4HfdGYi8tK1/jooEdjMMrr0/C3xe/dnN53SX82B+Gh2iEyF4DDs
KkW/kCt1hhxiqS3usAY8FfM3zCO6BG7c3wYlbgU6ciLuoFMx7btcj3PJ5YXEsqaS
2yTIW7+fXA4V38gPUg5sPW+8rbF5lAwjfW82nN0dQE0A50Zt099dlu7e4hSrAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUvUegwUggZvJuGB5P5C3W/VidReIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
OTJlMzIzNTM0MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzEzMzM2MzczODM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuan+MA0GCSqGSIb3DQEBCwUAA4IBAQDbjnPPvbSSk6a/6yLJtedw
FSiUtAnvZ3nn1YWI6ybc4nEU55CyEf8dhMZHY9b9oC6ubN1HMirJnVNt8ttuGVFz
aEPEJWI0p80rPsPahUpgykZnCAfKIfqHYbIAlpTm1HdYdxyt/Nw5kgTUrerhGIX7
i05ah2GjxcVXrNwNWWJaU36y4wWf0UyaJBiyDC9LVY0qQs9FUA21ScB+P5BdMzW9
JyI7eEQSvg6s7D6A8q2fiHLGegSFmuO/SV8UdzDP79ly3j++ax7WhzwhYghHGgss
0vA4xjoEB7psANi9TA25lVGD5R/yHXhP9zCAxCm5uR+EcK+BMip2Tvyft6UUKz1l
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:27:17 2025 by rpki-client