Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35352e302f32342d3234203d3e20313336373837.roa
File: 3138352e3137322e35352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: HIA61UFtcoRj0ud0OiHvRTPt1KM8N9Ew+nBUCCHCyEM=
Subject key identifier: 7D:70:A0:60:C3:63:F1:5C:57:93:AB:57:EF:3A:2B:3B:D3:EC:59:94
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2C8955B86E5B8E6B8355ACA1F5185FF295629DD5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35352e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:35 +0000
ROA not before: Sat 01 Feb 2025 22:40:35 +0000
ROA not after: Sat 31 Jan 2026 22:45:35 +0000
asID: 136787
IP address blocks: 185.172.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:89:55:b8:6e:5b:8e:6b:83:55:ac:a1:f5:18:5f:f2:95:62:9d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 1 22:40:35 2025 GMT
Not After : Jan 31 22:45:35 2026 GMT
Subject: CN=7D70A060C363F15C5793AB57EF3A2B3BD3EC5994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:01:02:74:08:6c:47:45:db:0e:2d:a8:b4:e9:
fb:23:8c:f6:75:0b:96:05:bb:53:e4:ca:50:d3:62:
c0:89:ff:8d:18:77:e3:f2:8f:41:b7:54:f8:45:31:
93:a2:04:db:a2:87:a3:2f:5d:61:69:d0:76:13:c5:
00:dd:45:48:43:ab:41:10:84:c3:e2:d4:e7:bc:dc:
29:46:b0:28:ea:7a:ba:e8:c7:9d:4d:fb:de:fd:d7:
b4:33:0c:05:f3:68:eb:6f:1f:a3:76:81:ad:3f:72:
d8:28:72:04:ff:c9:15:3f:f0:cb:8b:8a:96:88:e5:
a4:c0:83:11:ad:60:d2:be:66:ce:3f:db:ec:23:ec:
1d:67:6c:b8:ce:13:0a:2e:79:75:2d:ce:26:f2:03:
74:29:6a:b6:d4:7e:d5:d9:06:d0:31:f2:89:bb:aa:
71:fe:e2:f9:a8:50:b0:35:4b:bb:82:11:62:4a:41:
4b:57:66:06:34:d9:51:7c:54:1e:93:db:51:a3:41:
0c:aa:b4:12:bb:a8:c6:a1:07:04:47:03:27:81:17:
06:3b:bd:b6:94:fb:6e:bc:47:cb:68:59:ff:84:5f:
b3:cf:95:1c:57:5a:b5:1b:87:58:2a:97:eb:65:db:
95:12:a7:07:a4:79:8a:d5:59:2b:8f:a2:29:a6:9c:
55:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:70:A0:60:C3:63:F1:5C:57:93:AB:57:EF:3A:2B:3B:D3:EC:59:94
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.55.0/24
Signature Algorithm: sha256WithRSAEncryption
af:63:f0:2d:3c:e8:d1:5e:94:b5:ff:6a:5c:a7:b8:15:f9:a9:
d0:98:67:c0:43:2d:a8:d1:9b:14:a5:24:6d:a7:3d:b3:0d:c5:
c0:d7:c6:02:18:16:26:a7:aa:78:36:ae:fc:81:1a:4c:31:69:
d8:53:f6:c8:b9:d5:78:5b:34:53:2b:d6:57:82:fc:dd:76:00:
35:35:ad:4a:29:1f:d4:e5:24:a2:75:58:6d:d3:9e:9d:dd:e9:
ee:de:7b:5a:43:35:b6:3b:be:d9:62:11:a0:2f:c4:65:25:d0:
c6:71:2f:c7:44:82:ee:4a:b8:81:f3:c3:c5:ee:03:68:21:67:
8b:f5:ec:bf:6a:0d:3b:a5:7a:90:6e:cd:dc:10:68:8e:cc:5e:
f8:ed:98:09:be:54:94:e6:4b:66:c6:5b:ad:60:53:f5:7b:ef:
00:f8:03:b1:66:e9:ce:ad:65:24:9d:65:85:30:e3:ab:0a:08:
a8:db:b4:f8:27:f2:ec:9f:c6:95:e7:29:00:09:9e:f0:a5:62:
1d:66:88:9f:e7:6b:ac:8e:13:6d:5a:57:70:9b:08:1e:92:8c:
9f:fc:f5:ed:7f:05:4f:1b:e0:11:05:a3:bd:ce:05:d8:31:b1:
e3:10:de:f2:53:f3:f5:a2:5e:2b:b0:0b:d1:bb:1b:09:a6:9b:
a5:f3:ea:95
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIULIlVuG5bjmuDVayh9Rhf8pVindUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAyMDEyMjQwMzVaFw0yNjAxMzEyMjQ1MzVaMDMxMTAvBgNV
BAMTKDdENzBBMDYwQzM2M0YxNUM1NzkzQUI1N0VGM0EyQjNCRDNFQzU5OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYAQJ0CGxHRdsOLai06fsjjPZ1
C5YFu1PkylDTYsCJ/40Yd+Pyj0G3VPhFMZOiBNuih6MvXWFp0HYTxQDdRUhDq0EQ
hMPi1Oe83ClGsCjqerrox51N+97917QzDAXzaOtvH6N2ga0/ctgocgT/yRU/8MuL
ipaI5aTAgxGtYNK+Zs4/2+wj7B1nbLjOEwoueXUtzibyA3QparbUftXZBtAx8om7
qnH+4vmoULA1S7uCEWJKQUtXZgY02VF8VB6T21GjQQyqtBK7qMahBwRHAyeBFwY7
vbaU+268R8toWf+EX7PPlRxXWrUbh1gql+tl25USpwekeYrVWSuPoimmnFUNAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUfXCgYMNj8VxXk6tX7zorO9PsWZQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MjJlMzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmsNzANBgkqhkiG9w0BAQsFAAOCAQEAr2PwLTzo0V6Utf9qXKe4Ffmp
0JhnwEMtqNGbFKUkbac9sw3FwNfGAhgWJqeqeDau/IEaTDFp2FP2yLnVeFs0UyvW
V4L83XYANTWtSikf1OUkonVYbdOend3p7t57WkM1tju+2WIRoC/EZSXQxnEvx0SC
7kq4gfPDxe4DaCFni/Xsv2oNO6V6kG7N3BBojsxe+O2YCb5UlOZLZsZbrWBT9Xvv
APgDsWbpzq1lJJ1lhTDjqwoIqNu0+Cfy7J/GlecpAAme8KViHWaIn+drrI4TbVpX
cJsIHpKMn/z17X8FTxvgEQWjvc4F2DGx4xDe8lPz9aJeK7AL0bsbCaabpfPqlQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:39:17 2025 by rpki-client