Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132392e302f32342d3234203d3e20313336373837.roa
File: 3138352e3235352e3132392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 4BwS8iAKAfRM1lFyvaelsVpsCMgth0iW/4F1oh+bk4A=
Subject key identifier: C0:20:3A:5E:05:E4:F6:24:9A:2E:10:0B:5A:E1:C8:52:9D:A9:A2:7B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3D2F8E3CDDC2C617068AC139DC4C577BEE01C755
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132392e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:17 +0000
ROA not before: Fri 27 Dec 2024 11:42:17 +0000
ROA not after: Fri 26 Dec 2025 11:47:17 +0000
asID: 136787
IP address blocks: 185.255.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 13:34:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:2f:8e:3c:dd:c2:c6:17:06:8a:c1:39:dc:4c:57:7b:ee:01:c7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:17 2024 GMT
Not After : Dec 26 11:47:17 2025 GMT
Subject: CN=C0203A5E05E4F6249A2E100B5AE1C8529DA9A27B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e7:e4:41:ba:0c:d0:74:db:85:4b:57:76:e7:
8e:65:8b:26:5a:9b:1e:07:7d:04:10:53:bd:cf:94:
1c:a4:4b:60:7d:b5:eb:af:a4:da:a4:a7:ee:07:49:
4a:af:f2:14:1f:a5:32:3c:01:9d:9d:9c:82:27:cc:
e5:55:0e:f8:fe:6c:04:34:72:04:14:e7:98:c8:5f:
40:71:a0:14:99:5b:49:a6:73:5d:bc:12:68:6c:9b:
0b:c1:24:9f:ca:2b:32:98:23:00:39:f3:38:8e:7a:
9c:17:66:c6:3a:d0:cd:09:c8:ee:b7:fe:c4:47:b3:
d8:26:d2:87:27:54:34:71:fe:26:ae:97:d8:c9:89:
94:2a:47:b9:36:8d:ab:66:ed:07:17:85:e8:69:4a:
e4:0e:e5:cc:4d:f6:f4:cb:52:b1:3e:93:41:89:91:
de:90:2a:35:dd:0f:0c:78:d9:56:48:50:f1:69:59:
e5:bf:d5:bb:6d:7b:3a:3b:a6:80:84:b4:a8:cc:fd:
eb:5e:7e:fa:4c:e5:ec:1c:a0:f5:98:1d:cd:e0:de:
9a:6d:c3:35:f7:03:48:5e:5f:5c:6a:aa:24:ee:f3:
3e:4b:55:18:57:8b:04:de:df:e4:cb:c5:d0:af:f6:
ab:70:6d:5b:54:d8:33:90:e3:e7:9d:f2:e9:ba:4d:
9b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:20:3A:5E:05:E4:F6:24:9A:2E:10:0B:5A:E1:C8:52:9D:A9:A2:7B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.129.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:4b:5c:2a:ff:cc:ed:f2:49:2c:ae:d3:68:52:7f:62:ff:2b:
7f:6c:f8:f1:60:84:83:da:4a:71:23:fe:d2:e2:6d:5f:51:a9:
17:bb:7f:6e:8b:c5:e6:a2:10:21:41:04:83:33:b1:06:8f:88:
04:2f:7e:65:f1:ac:94:58:ab:47:bd:33:8d:28:b0:b7:8e:8d:
23:bc:8b:27:42:be:0e:63:39:37:4d:08:e3:bb:aa:e6:c3:75:
f7:6b:ff:b9:94:87:5c:a1:7c:45:cf:d7:6b:d0:a8:f9:b3:e1:
69:31:74:aa:51:db:17:db:aa:96:71:37:a3:39:88:4d:9a:d6:
93:24:17:95:3d:88:17:12:45:2c:28:a7:c4:cb:14:18:6a:88:
0e:d5:f1:2f:26:f2:89:a1:d5:4a:fc:e0:15:3a:b7:30:1c:ca:
ce:d9:da:9e:c3:e0:b6:68:a2:9d:54:80:4e:0b:8c:e0:9d:93:
30:2c:df:65:fd:56:c1:7c:bf:5e:a3:13:7e:ef:77:19:ce:2a:
8e:a7:c5:5f:4c:48:5f:bd:9b:0f:ba:d1:a1:25:15:42:82:c2:
97:d2:62:4a:dc:9d:e2:6f:72:b2:b1:0b:85:31:fe:58:81:a7:
c5:be:d7:94:6f:7b:34:b8:94:e1:79:b4:92:c8:87:ee:dd:fd:
65:45:17:16
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUPS+OPN3CxhcGisE53ExXe+4Bx1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTdaFw0yNTEyMjYxMTQ3MTdaMDMxMTAvBgNV
BAMTKEMwMjAzQTVFMDVFNEY2MjQ5QTJFMTAwQjVBRTFDODUyOURBOUEyN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh5+RBugzQdNuFS1d2545liyZa
mx4HfQQQU73PlBykS2B9teuvpNqkp+4HSUqv8hQfpTI8AZ2dnIInzOVVDvj+bAQ0
cgQU55jIX0BxoBSZW0mmc128EmhsmwvBJJ/KKzKYIwA58ziOepwXZsY60M0JyO63
/sRHs9gm0ocnVDRx/iaul9jJiZQqR7k2jatm7QcXhehpSuQO5cxN9vTLUrE+k0GJ
kd6QKjXdDwx42VZIUPFpWeW/1bttezo7poCEtKjM/etefvpM5ewcoPWYHc3g3ppt
wzX3A0heX1xqqiTu8z5LVRhXiwTe3+TLxdCv9qtwbVtU2DOQ4+ed8um6TZsNAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUwCA6XgXk9iSaLhALWuHIUp2ponswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzUz
NTJlMzEzMjM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuf+BMA0GCSqGSIb3DQEBCwUAA4IBAQCOS1wq/8zt8kksrtNoUn9i
/yt/bPjxYISD2kpxI/7S4m1fUakXu39ui8XmohAhQQSDM7EGj4gEL35l8ayUWKtH
vTONKLC3jo0jvIsnQr4OYzk3TQjju6rmw3X3a/+5lIdcoXxFz9dr0Kj5s+FpMXSq
UdsX26qWcTejOYhNmtaTJBeVPYgXEkUsKKfEyxQYaogO1fEvJvKJodVK/OAVOrcw
HMrO2dqew+C2aKKdVIBOC4zgnZMwLN9l/VbBfL9eoxN+73cZziqOp8VfTEhfvZsP
utGhJRVCgsKX0mJK3J3ib3KysQuFMf5YgafFvteUb3s0uJThebSSyIfu3f1lRRcW
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:14:04 2025 by rpki-client