Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e3232322e3233312e302f32342d3234203d3e20313336373837.roa
File: 33312e3232322e3233312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: UC6tcX7eeQounCuXlaggUFHMh7b989Iv7zDJICH3odU=
Subject key identifier: 5B:E3:43:8F:CD:2F:0A:1F:E0:6E:9A:F7:8F:60:5F:E5:F9:4A:95:2C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 70EFB5D56FD8CDC31378DD03B8362EAD2D834992
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e3232322e3233312e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 20 Feb 2025 09:45:46 +0000
ROA not before: Thu 20 Feb 2025 09:40:46 +0000
ROA not after: Thu 19 Feb 2026 09:45:46 +0000
asID: 136787
IP address blocks: 31.222.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:ef:b5:d5:6f:d8:cd:c3:13:78:dd:03:b8:36:2e:ad:2d:83:49:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 20 09:40:46 2025 GMT
Not After : Feb 19 09:45:46 2026 GMT
Subject: CN=5BE3438FCD2F0A1FE06E9AF78F605FE5F94A952C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:21:24:11:cf:ee:30:63:b0:f1:80:d3:f1:f5:
a6:b0:78:32:6b:c1:6f:bf:7d:f5:61:2e:07:47:c6:
f6:c3:91:92:d0:61:75:10:23:b0:18:e3:e3:71:dd:
55:23:45:87:87:02:8c:79:c2:4a:17:24:8b:19:2d:
45:71:41:55:71:4c:c3:11:5e:81:99:bf:fd:be:b9:
7d:b2:31:1a:45:cf:37:fd:26:d8:03:7e:05:d3:7e:
ff:59:77:1e:19:a0:57:15:f4:f4:e8:40:70:20:fe:
45:44:d3:9d:e1:38:00:a7:10:01:b8:c3:cd:a3:96:
f2:32:12:81:d7:a5:66:aa:ec:d4:88:6f:af:2d:b8:
02:19:54:3f:a6:e4:12:ab:b6:9d:f5:2a:91:12:59:
96:0c:31:2d:cd:eb:b3:c5:04:79:35:df:6d:9d:ce:
de:ff:57:d3:e3:1d:7c:c3:b0:03:d3:ec:d1:85:43:
73:68:53:6c:cb:12:25:03:6f:91:63:17:ef:dc:92:
62:d6:6c:d8:be:19:de:76:07:68:e3:dd:3c:dc:e2:
c8:d0:d1:94:45:d5:b3:13:60:5a:dc:fc:9d:84:c3:
74:99:71:5d:f9:73:8d:74:9a:d1:97:a8:70:29:d2:
c4:99:05:96:ec:5d:00:30:b8:35:88:7d:47:13:9b:
97:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E3:43:8F:CD:2F:0A:1F:E0:6E:9A:F7:8F:60:5F:E5:F9:4A:95:2C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e3232322e3233312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.231.0/24
Signature Algorithm: sha256WithRSAEncryption
32:79:ef:20:ac:0c:fa:f3:30:fc:94:27:bc:0a:9c:98:a7:ce:
36:c5:b5:79:65:d8:32:b3:7e:8f:eb:94:c7:6c:8a:43:6c:42:
1a:96:ed:e6:8a:c3:77:dd:11:12:29:23:75:72:26:1d:60:3c:
ac:7d:a1:66:f9:14:ca:bf:85:24:bf:69:33:14:59:99:29:6c:
f6:16:51:40:d9:ce:01:90:27:94:00:d7:b4:04:0d:f9:13:27:
13:2b:b7:7c:c2:00:6f:0a:36:72:a8:a4:0f:3f:cd:b2:87:7d:
50:42:4c:59:0c:9d:f2:fb:6b:fa:5c:79:a7:05:6d:e0:b7:ec:
b1:35:95:f2:4a:95:c6:05:1e:93:d8:d0:51:3f:bd:c8:aa:f3:
17:7a:65:2e:0f:cc:dd:f3:a6:0a:59:15:f2:02:c1:74:17:7e:
41:f6:b6:ba:a7:1e:6f:77:ff:c3:4d:68:5a:0a:ff:69:88:7c:
c7:9a:43:9b:f5:2b:0a:51:85:26:9e:f7:5c:a4:1c:8d:43:ad:
0e:e8:5f:aa:bf:36:f0:14:b4:6f:1e:d4:50:61:d6:fe:b1:fd:
eb:63:dc:36:ff:44:61:a6:9d:eb:ad:19:5e:23:1b:f4:03:c3:
4f:59:14:9c:dc:11:cf:85:7c:10:af:7b:13:56:10:eb:cd:0f:
60:67:fa:74
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUcO+11W/YzcMTeN0DuDYurS2DSZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAyMjAwOTQwNDZaFw0yNjAyMTkwOTQ1NDZaMDMxMTAvBgNV
BAMTKDVCRTM0MzhGQ0QyRjBBMUZFMDZFOUFGNzhGNjA1RkU1Rjk0QTk1MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeISQRz+4wY7DxgNPx9aaweDJr
wW+/ffVhLgdHxvbDkZLQYXUQI7AY4+Nx3VUjRYeHAox5wkoXJIsZLUVxQVVxTMMR
XoGZv/2+uX2yMRpFzzf9JtgDfgXTfv9Zdx4ZoFcV9PToQHAg/kVE053hOACnEAG4
w82jlvIyEoHXpWaq7NSIb68tuAIZVD+m5BKrtp31KpESWZYMMS3N67PFBHk1322d
zt7/V9PjHXzDsAPT7NGFQ3NoU2zLEiUDb5FjF+/ckmLWbNi+Gd52B2jj3Tzc4sjQ
0ZRF1bMTYFrc/J2Ew3SZcV35c410mtGXqHAp0sSZBZbsXQAwuDWIfUcTm5c5AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUW+NDj80vCh/gbpr3j2Bf5flKlSwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzMxMmUzMjMyMzIy
ZTMyMzMzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAB/e5zANBgkqhkiG9w0BAQsFAAOCAQEAMnnvIKwM+vMw/JQnvAqcmKfO
NsW1eWXYMrN+j+uUx2yKQ2xCGpbt5orDd90REikjdXImHWA8rH2hZvkUyr+FJL9p
MxRZmSls9hZRQNnOAZAnlADXtAQN+RMnEyu3fMIAbwo2cqikDz/Nsod9UEJMWQyd
8vtr+lx5pwVt4LfssTWV8kqVxgUek9jQUT+9yKrzF3plLg/M3fOmClkV8gLBdBd+
Qfa2uqceb3f/w01oWgr/aYh8x5pDm/UrClGFJp73XKQcjUOtDuhfqr828BS0bx7U
UGHW/rH962PcNv9EYaad660ZXiMb9APDT1kUnNwRz4V8EK97E1YQ680PYGf6dA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:44:38 2025 by rpki-client