Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135372e302f32342d3234203d3e20323037313337.roa
File: 34352e31302e3135372e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: drfOF9o5rdumqLqohVHnAhWjdOVQAGDBLcAiD/MYY18=
Subject key identifier: E7:EF:E8:7A:7F:AB:82:E2:4D:B0:E6:6C:93:BD:C1:54:E4:04:6F:08
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5320DAF8C3CC841E6481668BD5D14658710494CB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135372e302f32342d3234203d3e20323037313337.roa
Signing time: Wed 02 Jul 2025 11:36:05 +0000
ROA not before: Wed 02 Jul 2025 11:31:05 +0000
ROA not after: Wed 01 Jul 2026 11:36:05 +0000
asID: 207137
IP address blocks: 45.10.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 16:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:20:da:f8:c3:cc:84:1e:64:81:66:8b:d5:d1:46:58:71:04:94:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jul 2 11:31:05 2025 GMT
Not After : Jul 1 11:36:05 2026 GMT
Subject: CN=E7EFE87A7FAB82E24DB0E66C93BDC154E4046F08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ca:e9:02:51:c3:33:e7:31:80:d2:26:57:5a:
b4:3f:f6:e7:14:7f:af:7c:a9:e4:65:7f:9a:b8:4a:
f6:1a:f1:30:39:18:d1:86:8c:50:12:a6:2c:84:3b:
c6:51:85:a4:e4:98:23:c8:e8:62:c1:28:09:ed:5f:
42:cb:90:e0:15:0d:c9:a8:c3:99:0c:e4:f5:a0:da:
01:c4:60:8f:3e:d6:b9:a9:13:66:c7:18:bf:57:33:
f6:62:d6:0b:a1:7a:db:3b:97:81:4a:89:b7:66:56:
1b:d7:f3:53:46:e6:d2:b6:8a:f0:9f:d9:c4:ec:e3:
63:39:89:80:6f:83:52:db:cf:e9:aa:18:b3:26:22:
a8:95:da:d5:6b:5d:e2:de:a9:96:6c:8b:3a:52:e7:
a3:42:e3:1b:1e:02:ba:ef:40:76:49:a0:3e:00:1a:
18:e3:b6:a4:52:02:2b:e0:a4:30:19:5f:c5:9f:91:
3a:28:61:3a:14:06:39:f2:26:cf:eb:d4:09:9e:9b:
05:6c:83:d4:4d:29:de:71:9d:43:a9:48:37:98:de:
8d:6c:b2:15:b7:29:c4:bf:54:4e:0e:8c:fa:7f:c5:
13:05:c7:2f:b8:48:a5:e2:d9:cf:87:9c:96:5d:47:
c6:85:12:44:f2:21:6d:70:cb:6b:33:1f:e5:b6:14:
9a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:EF:E8:7A:7F:AB:82:E2:4D:B0:E6:6C:93:BD:C1:54:E4:04:6F:08
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135372e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.157.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:1a:5c:bc:c9:49:92:51:ed:38:1c:ae:4b:55:ae:d5:52:c7:
c0:b9:5a:b2:d7:95:91:4f:e0:fa:f6:9d:ad:08:93:bc:3b:25:
68:9c:5b:37:52:55:ce:8d:b3:d5:78:f4:12:26:b6:0b:c4:c2:
ca:10:b0:10:4b:bf:59:70:68:f6:aa:e3:e7:79:ce:ec:2e:b2:
c3:d9:75:78:1b:13:38:41:98:32:9b:62:3e:4c:c4:f9:01:e2:
41:1e:e4:f3:d8:5a:fa:94:c7:3b:25:58:12:96:7e:a0:6f:ca:
7e:18:8b:bb:94:7a:bf:d3:84:45:34:65:2c:47:39:18:16:98:
71:c6:46:34:b8:54:a8:28:0c:df:79:81:78:ea:0e:22:f3:a4:
78:ed:0c:b8:53:48:69:83:c4:fa:e4:dc:d9:48:d4:2a:a0:cf:
d0:e8:76:31:af:ed:37:12:21:a9:1f:fb:17:36:0a:19:3e:16:
ae:de:f3:36:ba:39:01:13:e7:b3:8a:dd:c2:eb:e8:2a:b4:32:
17:7e:92:dd:6b:45:99:2d:55:99:d8:ff:b1:8e:05:e5:9b:75:
5e:62:2f:fd:01:08:bb:2a:69:58:8c:d9:93:9c:a9:1a:97:b3:
3d:fe:07:c8:00:a5:47:ac:b2:05:86:3e:bb:7b:55:9b:fb:c3:
a0:af:20:21
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUUyDa+MPMhB5kgWaL1dFGWHEElMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA3MDIxMTMxMDVaFw0yNjA3MDExMTM2MDVaMDMxMTAvBgNV
BAMTKEU3RUZFODdBN0ZBQjgyRTI0REIwRTY2QzkzQkRDMTU0RTQwNDZGMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsyukCUcMz5zGA0iZXWrQ/9ucU
f698qeRlf5q4SvYa8TA5GNGGjFASpiyEO8ZRhaTkmCPI6GLBKAntX0LLkOAVDcmo
w5kM5PWg2gHEYI8+1rmpE2bHGL9XM/Zi1guhets7l4FKibdmVhvX81NG5tK2ivCf
2cTs42M5iYBvg1Lbz+mqGLMmIqiV2tVrXeLeqZZsizpS56NC4xseArrvQHZJoD4A
GhjjtqRSAivgpDAZX8WfkTooYToUBjnyJs/r1AmemwVsg9RNKd5xnUOpSDeY3o1s
shW3KcS/VE4OjPp/xRMFxy+4SKXi2c+HnJZdR8aFEkTyIW1wy2szH+W2FJqTAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU5+/oen+rguJNsOZsk73BVOQEbwgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMwMmUz
MTM1MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtCp0wDQYJKoZIhvcNAQELBQADggEBAJwaXLzJSZJR7TgcrktVrtVSx8C5
WrLXlZFP4Pr2na0Ik7w7JWicWzdSVc6Ns9V49BImtgvEwsoQsBBLv1lwaPaq4+d5
zuwussPZdXgbEzhBmDKbYj5MxPkB4kEe5PPYWvqUxzslWBKWfqBvyn4Yi7uUer/T
hEU0ZSxHORgWmHHGRjS4VKgoDN95gXjqDiLzpHjtDLhTSGmDxPrk3NlI1Cqgz9Do
djGv7TcSIakf+xc2Chk+Fq7e8za6OQET57OK3cLr6Cq0Mhd+kt1rRZktVZnY/7GO
BeWbdV5iL/0BCLsqaViM2ZOcqRqXsz3+B8gApUessgWGPrt7VZv7w6CvICE=
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:04:45 2025 by rpki-client