Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36302e38362e302f32342d3234203d3e20313336373837.roa
File: 3139342e36302e38362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: xFuaeBki4VarMNiSJHM5GWhKvRw5QsEJN26nzfZm3Oc=
Subject key identifier: C9:89:B9:43:9B:FC:0E:86:97:BF:14:39:49:73:9D:DB:2F:4E:3A:AA
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7C4F82AB0D050C54116C76D335378B5B59798094
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36302e38362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 02 Jun 2025 19:04:51 +0000
ROA not before: Mon 02 Jun 2025 18:59:51 +0000
ROA not after: Mon 01 Jun 2026 19:04:51 +0000
asID: 136787
IP address blocks: 194.60.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:4f:82:ab:0d:05:0c:54:11:6c:76:d3:35:37:8b:5b:59:79:80:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 2 18:59:51 2025 GMT
Not After : Jun 1 19:04:51 2026 GMT
Subject: CN=C989B9439BFC0E8697BF143949739DDB2F4E3AAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:09:8f:71:cb:71:90:05:be:79:57:d2:a5:21:
ed:f3:50:92:a1:70:7b:a0:79:92:ec:28:76:16:52:
16:43:ff:02:93:76:dd:00:6e:7c:09:b5:35:31:3d:
4d:0b:9d:bb:47:e8:ef:12:58:57:16:2e:3e:9b:af:
ca:a5:e5:bc:e2:1d:a3:83:cd:bd:22:1f:d1:0a:f3:
00:41:c9:f3:cd:db:55:6e:74:80:23:4b:fa:ba:6d:
92:ce:ba:d2:13:fe:bd:da:00:04:54:2a:e5:ab:80:
cd:23:e2:e4:43:69:72:51:21:2c:6f:a0:81:02:b9:
f7:40:44:29:fb:9e:94:9d:61:65:2b:68:d4:16:71:
f6:30:83:45:fe:96:1c:6f:e5:2f:ab:30:50:99:6c:
9f:fd:31:a7:0a:4e:e1:ae:89:fc:04:02:8d:16:6e:
23:9a:a4:76:6b:f6:39:b8:e5:39:05:7f:fd:2f:98:
b7:34:0e:07:a3:7f:d8:e3:b5:d7:21:7b:28:71:5e:
86:13:8d:4e:cd:fc:5d:61:87:13:4c:de:36:8b:2e:
b4:b1:14:33:18:5c:d2:bf:a9:b2:78:37:78:36:3b:
da:0e:4b:7f:65:7b:cc:bb:c3:4d:5b:c8:67:75:19:
5b:3a:2c:ff:37:34:97:de:7f:a2:a3:ab:9c:00:3e:
fa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:89:B9:43:9B:FC:0E:86:97:BF:14:39:49:73:9D:DB:2F:4E:3A:AA
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36302e38362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.86.0/24
Signature Algorithm: sha256WithRSAEncryption
17:fb:0e:de:09:a7:39:56:30:52:16:04:6a:8d:50:42:cc:ce:
ae:23:e3:0b:a1:87:e0:8e:af:19:b6:e0:8b:da:41:57:7d:9a:
b6:eb:c1:94:51:c9:9e:00:8c:6a:73:ed:d2:77:ba:88:a1:31:
b1:81:d2:ec:be:36:b4:52:27:8d:5d:3b:29:fb:20:c9:c5:93:
b5:bd:4d:2b:bd:27:90:22:8b:66:86:b4:29:d2:ae:4c:cd:4c:
2c:3f:68:41:4a:e6:26:c9:49:65:87:5e:10:e8:f4:0a:a5:1c:
bf:b1:11:37:72:8d:3c:4a:d1:46:14:4e:f4:7b:49:bf:ba:08:
45:00:36:1b:02:5a:32:03:ec:43:43:3e:75:fd:5e:13:4c:bf:
2c:83:cb:59:84:ff:4e:f4:a4:44:e0:8a:dd:0c:ca:13:2b:d5:
07:ea:86:36:86:33:3a:dd:c8:66:6b:c4:85:a3:16:50:1a:45:
76:bd:19:67:9a:72:f7:be:67:2e:37:92:ec:83:2c:e2:45:ba:
bf:0e:25:59:42:d5:96:07:04:b4:dd:43:57:34:e0:d8:7e:db:
e2:1a:34:c7:fc:40:e6:75:51:b8:c0:a2:aa:fc:44:77:3b:85:
2d:f2:1f:04:bb:68:1b:d1:09:a8:c3:c1:4b:6b:5e:ae:08:52:
92:5e:6f:a8
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUfE+Cqw0FDFQRbHbTNTeLW1l5gJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MDIxODU5NTFaFw0yNjA2MDExOTA0NTFaMDMxMTAvBgNV
BAMTKEM5ODlCOTQzOUJGQzBFODY5N0JGMTQzOTQ5NzM5RERCMkY0RTNBQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDqCY9xy3GQBb55V9KlIe3zUJKh
cHugeZLsKHYWUhZD/wKTdt0AbnwJtTUxPU0LnbtH6O8SWFcWLj6br8ql5bziHaOD
zb0iH9EK8wBByfPN21VudIAjS/q6bZLOutIT/r3aAARUKuWrgM0j4uRDaXJRISxv
oIECufdARCn7npSdYWUraNQWcfYwg0X+lhxv5S+rMFCZbJ/9MacKTuGuifwEAo0W
biOapHZr9jm45TkFf/0vmLc0Dgejf9jjtdcheyhxXoYTjU7N/F1hhxNM3jaLLrSx
FDMYXNK/qbJ4N3g2O9oOS39le8y7w01byGd1GVs6LP83NJfef6Kjq5wAPvrNAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUyYm5Q5v8DoaXvxQ5SXOd2y9OOqowHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTM2MzAy
ZTM4MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADCPFYwDQYJKoZIhvcNAQELBQADggEBABf7Dt4JpzlWMFIWBGqNUELMzq4j
4wuhh+COrxm24IvaQVd9mrbrwZRRyZ4AjGpz7dJ3uoihMbGB0uy+NrRSJ41dOyn7
IMnFk7W9TSu9J5Aii2aGtCnSrkzNTCw/aEFK5ibJSWWHXhDo9AqlHL+xETdyjTxK
0UYUTvR7Sb+6CEUANhsCWjID7ENDPnX9XhNMvyyDy1mE/070pETgit0MyhMr1Qfq
hjaGMzrdyGZrxIWjFlAaRXa9GWeacve+Zy43kuyDLOJFur8OJVlC1ZYHBLTdQ1c0
4Nh+2+IaNMf8QOZ1UbjAoqr8RHc7hS3yHwS7aBvRCajDwUtrXq4IUpJeb6g=
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:37:17 2025 by rpki-client