Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3235352e3132382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ZkDe83tms06V29JwSmRTJeCRWFdxMSRdX6R+rLBigyc=
Subject key identifier: CC:0F:99:8F:8A:9C:DD:90:A4:7A:56:D2:E4:39:DC:5C:8B:BE:8E:27
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 01BC3E5680967ABC3B803AE2656FB4F8795C22FC
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:18 +0000
ROA not before: Fri 27 Dec 2024 11:42:18 +0000
ROA not after: Fri 26 Dec 2025 11:47:18 +0000
asID: 136787
IP address blocks: 185.255.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:bc:3e:56:80:96:7a:bc:3b:80:3a:e2:65:6f:b4:f8:79:5c:22:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:18 2024 GMT
Not After : Dec 26 11:47:18 2025 GMT
Subject: CN=CC0F998F8A9CDD90A47A56D2E439DC5C8BBE8E27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a3:00:13:d0:8b:71:2d:6f:00:21:83:0e:1f:
b8:49:c9:49:8f:e0:fe:00:0f:63:f2:c6:8f:50:c5:
a4:b1:2e:a9:8b:5d:9d:bf:dc:af:5f:59:13:b2:6a:
78:19:eb:cb:d8:37:11:6c:75:7c:ac:79:bb:c8:66:
d0:62:5d:bd:15:d6:f0:26:a1:20:90:a4:89:01:88:
42:1d:89:ef:21:bc:0e:2e:62:d1:8b:3d:50:f1:1d:
b2:42:35:92:e6:ce:e1:0e:1c:55:49:a1:3c:d2:09:
f7:47:21:b0:b7:f2:84:0b:0e:08:f5:6e:61:ab:95:
27:43:f0:1d:e5:4c:64:0a:e0:8a:39:69:e5:50:38:
91:f3:3b:84:71:51:ab:fa:86:a6:b8:e9:4b:e7:d6:
f7:44:69:25:ae:77:32:fe:ae:1c:f2:ad:e5:8c:69:
ba:bf:fd:0c:96:da:07:7e:1c:05:22:6d:55:aa:39:
84:53:40:ba:ea:8d:c8:99:a6:7e:32:b9:0b:be:59:
b9:6d:f0:96:f8:c1:37:ea:7c:82:ec:70:f9:a7:09:
96:22:f5:03:99:ea:38:b2:40:3f:be:83:6f:1b:fd:
fd:1f:2f:0c:58:67:ce:ae:61:74:02:1c:5d:3a:28:
47:09:94:c2:27:b5:08:7f:ba:72:d9:92:8a:8e:6e:
91:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:0F:99:8F:8A:9C:DD:90:A4:7A:56:D2:E4:39:DC:5C:8B:BE:8E:27
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.128.0/24
Signature Algorithm: sha256WithRSAEncryption
28:20:59:75:e7:30:15:5a:b0:51:67:44:9b:6a:ef:d8:87:f0:
d2:3f:19:88:79:60:37:02:b8:06:18:43:5e:b3:92:46:8c:d2:
84:4e:9b:ee:66:0a:32:cf:ff:84:46:eb:eb:8f:30:a3:bb:94:
d7:95:78:d1:11:c5:3e:fd:18:c5:10:b7:16:2b:ca:47:42:2a:
1b:33:5a:60:9d:5b:a1:b8:34:87:d3:13:8a:c3:cf:0d:ea:cf:
64:44:4f:71:61:33:b8:30:1e:a8:3d:55:1a:12:45:49:05:37:
cc:57:cc:04:aa:44:25:b9:ee:83:c4:4a:11:a9:df:34:9b:97:
de:57:fb:1d:95:c5:1b:97:f7:68:93:1a:12:96:e0:63:53:a1:
33:aa:08:0c:f7:c3:59:42:e3:47:a2:ff:2e:cd:3c:70:b1:ed:
c6:ca:dc:c5:76:23:b1:a1:af:30:51:14:67:b6:95:51:65:7d:
1c:48:b0:10:ac:bb:bc:75:08:d7:a7:7f:07:69:df:b2:f7:5c:
6a:36:19:08:7e:ee:90:67:6c:b2:b3:a2:88:fa:e7:83:6a:a2:
38:20:3a:81:cd:d2:1b:35:c3:1a:a4:54:74:00:6a:6a:e8:f4:
de:01:41:46:5e:24:b2:07:a9:47:1a:6b:99:d1:f6:3f:35:60:
a2:4f:6a:2f
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUAbw+VoCWerw7gDriZW+0+HlcIvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMThaFw0yNTEyMjYxMTQ3MThaMDMxMTAvBgNV
BAMTKENDMEY5OThGOEE5Q0REOTBBNDdBNTZEMkU0MzlEQzVDOEJCRThFMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNowAT0ItxLW8AIYMOH7hJyUmP
4P4AD2Pyxo9QxaSxLqmLXZ2/3K9fWROyangZ68vYNxFsdXysebvIZtBiXb0V1vAm
oSCQpIkBiEIdie8hvA4uYtGLPVDxHbJCNZLmzuEOHFVJoTzSCfdHIbC38oQLDgj1
bmGrlSdD8B3lTGQK4Io5aeVQOJHzO4RxUav6hqa46Uvn1vdEaSWudzL+rhzyreWM
abq//QyW2gd+HAUibVWqOYRTQLrqjciZpn4yuQu+Wblt8Jb4wTfqfILscPmnCZYi
9QOZ6jiyQD++g28b/f0fLwxYZ86uYXQCHF06KEcJlMIntQh/unLZkoqObpGzAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUzA+Zj4qc3ZCkelbS5DncXIu+jicwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzUz
NTJlMzEzMjM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuf+AMA0GCSqGSIb3DQEBCwUAA4IBAQAoIFl15zAVWrBRZ0Sbau/Y
h/DSPxmIeWA3ArgGGENes5JGjNKETpvuZgoyz/+ERuvrjzCju5TXlXjREcU+/RjF
ELcWK8pHQiobM1pgnVuhuDSH0xOKw88N6s9kRE9xYTO4MB6oPVUaEkVJBTfMV8wE
qkQlue6DxEoRqd80m5feV/sdlcUbl/dokxoSluBjU6EzqggM98NZQuNHov8uzTxw
se3GytzFdiOxoa8wURRntpVRZX0cSLAQrLu8dQjXp38Had+y91xqNhkIfu6QZ2yy
s6KI+ueDaqI4IDqBzdIbNcMapFR0AGpq6PTeAUFGXiSyB6lHGmuZ0fY/NWCiT2ov
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:51:10 2025 by rpki-client