Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235302e3231332e302f32342d3234203d3e20313336373837.roa
File: 3138352e3235302e3231332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EZwTBpOzMv/9MMdfNAK9SpZmN0XEuyx2OsRYU6gQ6Ls=
Subject key identifier: 4A:D0:28:ED:4B:73:C1:E7:33:D4:D8:CC:43:63:D6:63:84:D4:8B:DF
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7F0D1C5D16FA5E5CA82F14F0C8BBEC748FC06922
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235302e3231332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:33 +0000
ROA not before: Fri 27 Dec 2024 11:42:33 +0000
ROA not after: Fri 26 Dec 2025 11:47:33 +0000
asID: 136787
IP address blocks: 185.250.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:0d:1c:5d:16:fa:5e:5c:a8:2f:14:f0:c8:bb:ec:74:8f:c0:69:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:33 2024 GMT
Not After : Dec 26 11:47:33 2025 GMT
Subject: CN=4AD028ED4B73C1E733D4D8CC4363D66384D48BDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:59:33:50:45:d5:2e:b7:9d:1b:c9:88:a8:5a:
e2:66:f7:e1:70:e7:63:9a:52:c7:3f:3a:32:de:57:
f4:e7:1f:7c:3f:8c:1f:56:10:f7:de:72:d2:55:c1:
d2:5f:6d:af:cc:14:87:90:c5:df:14:21:0a:1e:6c:
ae:5c:51:58:9b:52:00:db:db:6b:0c:05:df:2d:72:
6e:50:2e:b7:7f:1b:fa:43:dc:ac:98:b0:a4:d4:27:
19:36:9e:c7:44:d1:18:19:1b:2e:c3:d9:4f:0b:03:
16:88:5b:ac:77:8a:9a:51:2c:93:ca:ca:ce:b9:7a:
69:44:e3:7a:ce:b4:17:76:c7:db:7c:50:03:ab:e7:
52:4c:fd:a3:aa:d6:a0:21:a3:be:2f:c4:4b:44:40:
9c:4e:89:3e:74:af:e9:20:4e:a5:d3:ad:1c:60:c0:
8d:f8:0d:65:e3:c5:80:fd:40:b5:b0:05:eb:4e:63:
15:46:16:d9:7c:19:10:99:e6:b3:1d:b2:1c:d6:d7:
3f:d9:cc:a9:68:e7:c2:0a:51:0d:06:08:a0:89:8d:
a7:be:f6:fa:4f:e2:5e:0b:ac:58:97:5d:94:a4:87:
3a:1a:5f:f2:72:92:9a:89:bd:e8:4f:0f:d4:75:60:
0f:5e:6b:b0:f0:32:64:76:9d:49:99:07:a1:69:77:
63:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D0:28:ED:4B:73:C1:E7:33:D4:D8:CC:43:63:D6:63:84:D4:8B:DF
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235302e3231332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.213.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:00:d3:9b:1c:e2:0c:b0:fb:64:81:64:ff:03:ac:61:0a:7b:
21:ef:5e:d9:ed:95:91:da:9a:d2:8d:2e:2f:7e:ac:b1:9d:0e:
18:a1:95:14:c3:b5:77:e6:19:6e:37:2c:ab:82:68:08:ee:a3:
e0:39:0f:fb:69:2a:d1:1f:07:74:a0:04:94:3f:14:b6:91:b7:
c7:92:21:dd:2e:bc:01:7c:26:f9:48:2f:91:87:4e:da:9b:fd:
90:60:74:ff:0f:0e:64:76:a3:32:4b:08:25:fe:9f:e0:f5:57:
ed:a6:cd:79:81:20:a1:19:4b:c1:d8:cf:ff:21:7f:d0:b2:4a:
1a:18:d1:1f:32:dc:29:6b:8a:99:9f:4d:1f:5e:44:19:80:d3:
cb:a5:7a:d4:c4:dc:c0:85:45:cc:e8:07:f0:30:46:af:57:73:
04:f6:cf:e6:48:cb:b1:07:bb:c9:78:98:a1:74:5a:5d:e5:70:
30:51:15:30:8a:bc:72:63:68:b1:a0:0a:e6:ac:e0:7c:c4:36:
75:76:f5:db:42:3f:1a:90:36:88:67:66:c2:8e:a7:ed:5f:54:
ff:9e:ff:4c:34:26:c7:19:3c:73:fe:7b:61:ca:17:58:5a:29:
65:c3:59:4b:9f:6b:f8:c0:c4:aa:2e:e8:f7:b6:ad:09:f7:8a:
50:e7:39:e3
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUfw0cXRb6XlyoLxTwyLvsdI/AaSIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzNaFw0yNTEyMjYxMTQ3MzNaMDMxMTAvBgNV
BAMTKDRBRDAyOEVENEI3M0MxRTczM0Q0RDhDQzQzNjNENjYzODRENDhCREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfWTNQRdUut50byYioWuJm9+Fw
52OaUsc/OjLeV/TnH3w/jB9WEPfectJVwdJfba/MFIeQxd8UIQoebK5cUVibUgDb
22sMBd8tcm5QLrd/G/pD3KyYsKTUJxk2nsdE0RgZGy7D2U8LAxaIW6x3ippRLJPK
ys65emlE43rOtBd2x9t8UAOr51JM/aOq1qAho74vxEtEQJxOiT50r+kgTqXTrRxg
wI34DWXjxYD9QLWwBetOYxVGFtl8GRCZ5rMdshzW1z/ZzKlo58IKUQ0GCKCJjae+
9vpP4l4LrFiXXZSkhzoaX/JykpqJvehPD9R1YA9ea7DwMmR2nUmZB6Fpd2PvAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUStAo7Utzwecz1NjMQ2PWY4TUi98wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzUz
MDJlMzIzMTMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAufrVMA0GCSqGSIb3DQEBCwUAA4IBAQC1ANObHOIMsPtkgWT/A6xh
Cnsh717Z7ZWR2prSjS4vfqyxnQ4YoZUUw7V35hluNyyrgmgI7qPgOQ/7aSrRHwd0
oASUPxS2kbfHkiHdLrwBfCb5SC+Rh07am/2QYHT/Dw5kdqMySwgl/p/g9Vftps15
gSChGUvB2M//IX/QskoaGNEfMtwpa4qZn00fXkQZgNPLpXrUxNzAhUXM6AfwMEav
V3ME9s/mSMuxB7vJeJihdFpd5XAwURUwirxyY2ixoArmrOB8xDZ1dvXbQj8akDaI
Z2bCjqftX1T/nv9MNCbHGTxz/nthyhdYWillw1lLn2v4wMSqLuj3tq0J94pQ5znj
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:46:24 2025 by rpki-client