Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3137322e35342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: E5yPLRrxidXmxtw1KDbiHQpAaadUPgAvnhFZ9N3ywcU=
Subject key identifier: 2D:75:4F:D0:44:E3:5F:CD:B4:97:C6:DE:5E:23:AB:FE:9C:99:CA:57
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6396C0A44883B90A5950788D331D03815218C4E5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35342e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:35 +0000
ROA not before: Sat 01 Feb 2025 22:40:35 +0000
ROA not after: Sat 31 Jan 2026 22:45:35 +0000
asID: 136787
IP address blocks: 185.172.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:46:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:96:c0:a4:48:83:b9:0a:59:50:78:8d:33:1d:03:81:52:18:c4:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 1 22:40:35 2025 GMT
Not After : Jan 31 22:45:35 2026 GMT
Subject: CN=2D754FD044E35FCDB497C6DE5E23ABFE9C99CA57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:37:73:ee:13:aa:1f:41:84:3e:7a:00:fa:74:
f3:1c:fa:93:cc:5b:bf:d7:87:dc:e7:4a:de:66:91:
d7:ae:7e:93:37:d9:69:a5:27:5b:ab:fe:4f:cd:b7:
ef:00:81:60:cf:24:ea:27:f1:04:d1:f7:d8:91:19:
d4:62:17:f1:f4:43:18:dd:3f:e5:ab:52:70:ad:23:
00:91:4a:52:84:3c:7f:80:f6:44:10:4d:2a:6d:d3:
9c:69:a6:50:f5:ea:0c:88:81:fa:4e:2c:ab:d5:1e:
f6:36:6c:f1:c2:76:70:26:7f:a2:e8:36:11:6a:57:
c5:cf:be:ab:8c:82:db:16:74:56:f0:74:13:2d:b2:
24:a3:9b:30:e9:d7:93:40:d4:58:0c:ca:56:91:da:
68:2e:b4:09:44:0c:c6:03:c7:2a:cd:d9:db:92:a4:
b2:ff:ce:ac:b2:c5:9f:20:83:31:16:42:4f:c8:ea:
26:e5:0f:84:9e:35:48:9d:1f:59:cf:b8:47:51:69:
f4:62:09:29:33:92:fd:ec:ff:0d:7e:b6:1d:a8:f7:
81:08:eb:fa:88:a7:0a:22:25:9f:52:ce:90:ef:71:
4d:09:33:34:2d:8d:92:db:1b:a8:88:7c:ea:2a:1a:
ef:40:a9:32:5a:e5:8e:15:4b:7f:fd:7a:40:36:7d:
36:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:75:4F:D0:44:E3:5F:CD:B4:97:C6:DE:5E:23:AB:FE:9C:99:CA:57
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.54.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:6b:9a:a4:4e:ad:2d:e7:85:f0:35:77:23:45:51:9d:06:47:
df:92:83:44:04:e6:17:f6:1b:7c:8d:cb:b2:04:7e:1d:08:79:
8d:36:45:60:df:77:3f:c7:ed:4d:dc:68:f8:81:d9:99:de:d0:
f2:14:e8:d4:c5:cf:ca:95:2f:60:a7:1a:38:c3:3f:8f:cd:72:
d3:a4:af:76:f6:c1:63:6a:f1:f4:d2:c9:20:5c:ce:18:62:64:
22:3d:04:4c:52:05:57:a0:5c:b3:47:82:f6:5b:7d:90:76:33:
e2:3c:fe:69:18:19:80:a6:f1:44:18:e3:52:e0:34:ce:61:59:
f6:2b:1b:35:0e:77:11:ab:58:f0:e4:c1:c2:1b:9f:ec:6b:ff:
b5:f1:d4:23:76:54:70:03:29:d9:32:be:2e:72:d8:69:ce:8c:
fc:b4:cb:06:91:c5:5f:28:66:2e:99:b2:94:4f:00:4c:cb:be:
ca:d5:37:35:76:01:11:d6:db:88:f3:69:f1:e8:f1:a0:83:aa:
8d:b9:91:92:2b:6b:e1:9d:7d:db:f9:de:89:c6:4c:ea:83:ed:
95:c0:da:ac:06:06:aa:1b:94:f0:4e:24:d5:b8:ed:a6:54:4b:
d9:fc:4f:c6:14:e5:c5:44:df:f2:aa:d2:26:e0:04:8b:ac:5f:
d9:90:3d:05
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUY5bApEiDuQpZUHiNMx0DgVIYxOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAyMDEyMjQwMzVaFw0yNjAxMzEyMjQ1MzVaMDMxMTAvBgNV
BAMTKDJENzU0RkQwNDRFMzVGQ0RCNDk3QzZERTVFMjNBQkZFOUM5OUNBNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSN3PuE6ofQYQ+egD6dPMc+pPM
W7/Xh9znSt5mkdeufpM32WmlJ1ur/k/Nt+8AgWDPJOon8QTR99iRGdRiF/H0Qxjd
P+WrUnCtIwCRSlKEPH+A9kQQTSpt05xpplD16gyIgfpOLKvVHvY2bPHCdnAmf6Lo
NhFqV8XPvquMgtsWdFbwdBMtsiSjmzDp15NA1FgMylaR2mgutAlEDMYDxyrN2duS
pLL/zqyyxZ8ggzEWQk/I6iblD4SeNUidH1nPuEdRafRiCSkzkv3s/w1+th2o94EI
6/qIpwoiJZ9SzpDvcU0JMzQtjZLbG6iIfOoqGu9AqTJa5Y4VS3/9ekA2fTbnAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQULXVP0ETjX820l8beXiOr/pyZylcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MjJlMzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmsNjANBgkqhkiG9w0BAQsFAAOCAQEATWuapE6tLeeF8DV3I0VRnQZH
35KDRATmF/YbfI3LsgR+HQh5jTZFYN93P8ftTdxo+IHZmd7Q8hTo1MXPypUvYKca
OMM/j81y06SvdvbBY2rx9NLJIFzOGGJkIj0ETFIFV6Bcs0eC9lt9kHYz4jz+aRgZ
gKbxRBjjUuA0zmFZ9isbNQ53EatY8OTBwhuf7Gv/tfHUI3ZUcAMp2TK+LnLYac6M
/LTLBpHFXyhmLpmylE8ATMu+ytU3NXYBEdbbiPNp8ejxoIOqjbmRkitr4Z192/ne
icZM6oPtlcDarAYGqhuU8E4k1bjtplRL2fxPxhTlxUTf8qrSJuAEi6xf2ZA9BQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:52:19 2025 by rpki-client