Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3137362e3130312e3137322e302f32322d3234203d3e20333936333139.roa
File: 3137362e3130312e3137322e302f32322d3234203d3e20333936333139.roa (raw, json)
Hash identifier: jNl/rcJVyXhLA+iFTJGJKjGCElccqwC+0a6PsVdg5lM=
Subject key identifier: 85:3F:53:79:FC:14:E3:E6:FC:35:53:1E:3D:24:27:42:EE:9A:82:97
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 358387116266CE6D41BF9628BC40024A4271F618
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3137362e3130312e3137322e302f32322d3234203d3e20333936333139.roa
Signing time: Mon 27 Jan 2025 09:44:52 +0000
ROA not before: Mon 27 Jan 2025 09:39:52 +0000
ROA not after: Mon 26 Jan 2026 09:44:52 +0000
asID: 396319
IP address blocks: 176.101.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:83:87:11:62:66:ce:6d:41:bf:96:28:bc:40:02:4a:42:71:f6:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:52 2025 GMT
Not After : Jan 26 09:44:52 2026 GMT
Subject: CN=853F5379FC14E3E6FC35531E3D242742EE9A8297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:43:fc:5c:cb:fd:76:92:e6:a6:b1:1d:54:
5d:d7:22:5e:9d:4e:da:22:1e:fa:f3:64:0d:42:a4:
c2:f3:1f:b6:60:bc:3d:6c:64:68:e1:90:d4:cf:ac:
b8:88:b7:15:ba:bd:ba:dc:c3:de:0a:17:c5:6e:05:
8c:13:02:db:1e:be:15:7c:74:1b:b0:a3:58:8c:37:
01:94:d3:84:45:7d:28:77:51:35:1b:40:ec:a1:a7:
a6:1c:ea:4d:13:2b:12:3e:2c:bb:bd:7b:d8:21:15:
ac:9e:32:dc:89:92:99:67:02:ac:15:57:a6:ec:d7:
1d:63:98:0e:bb:77:60:9b:83:71:8c:b9:67:84:35:
7c:77:8c:75:b4:60:35:1d:a9:1d:11:61:47:f3:15:
fc:ff:36:83:ed:86:72:d3:4e:29:0c:dc:2c:1e:d0:
5c:16:66:a4:d0:60:4b:6b:fa:da:56:9d:74:3a:16:
12:bc:f4:75:b9:91:07:00:ca:4f:98:d6:36:92:9d:
be:fe:3f:75:4a:9a:d4:45:ac:0d:b4:81:d6:4a:14:
6a:33:c6:44:da:d1:f4:0e:f6:ac:73:89:1e:48:4c:
84:be:76:30:fe:e8:c4:d5:08:f1:2a:49:98:59:f5:
f0:1f:6c:09:bc:4c:4f:01:32:63:f8:37:14:cc:b6:
71:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3F:53:79:FC:14:E3:E6:FC:35:53:1E:3D:24:27:42:EE:9A:82:97
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3137362e3130312e3137322e302f32322d3234203d3e20333936333139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.172.0/22
Signature Algorithm: sha256WithRSAEncryption
11:e0:2f:d2:e5:10:3f:d3:d2:e3:50:39:e9:3e:7d:5e:10:47:
d8:66:a0:95:e1:a6:20:c0:81:13:8c:60:96:be:f8:4e:ac:50:
71:cd:56:08:12:31:95:b6:84:13:8d:67:51:60:60:4f:79:da:
7e:98:ae:60:59:88:6f:5c:f5:4f:b3:ab:28:aa:2a:b3:ca:f4:
33:f0:c4:68:70:9f:73:57:a1:91:7c:63:97:a6:c1:85:2e:da:
3c:ff:49:e0:d0:f9:e8:7e:3b:66:5a:69:75:fc:7e:f7:02:88:
7f:24:6c:15:2f:21:e2:a6:64:13:13:d3:ac:7a:17:d8:86:59:
88:02:22:92:b8:10:75:83:a6:8b:70:ff:9c:8f:51:12:75:a4:
86:ee:50:e1:0f:41:64:d2:08:a4:3b:b3:0c:64:01:2c:6c:95:
86:0a:0b:60:c9:d9:50:35:31:2e:25:96:e7:2d:a3:03:e1:9e:
66:d8:b5:ce:fd:16:02:94:e0:4a:40:50:3c:84:06:66:48:0d:
ff:77:27:72:c9:5a:af:6f:45:d1:a0:9f:8e:a6:da:24:7a:05:
dd:ee:c7:24:bc:72:ab:92:59:a6:80:88:b0:46:f7:6e:ff:90:
9a:35:11:a5:70:f2:dc:65:d9:f8:df:10:29:f5:8b:1e:a7:68:
f0:32:5b:c0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNYOHEWJmzm1Bv5YovEACSkJx9hgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTJaFw0yNjAxMjYwOTQ0NTJaMDMxMTAvBgNV
BAMTKDg1M0Y1Mzc5RkMxNEUzRTZGQzM1NTMxRTNEMjQyNzQyRUU5QTgyOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0LkP8XMv9dpLmprEdVF3XIl6d
TtoiHvrzZA1CpMLzH7ZgvD1sZGjhkNTPrLiItxW6vbrcw94KF8VuBYwTAtsevhV8
dBuwo1iMNwGU04RFfSh3UTUbQOyhp6Yc6k0TKxI+LLu9e9ghFayeMtyJkplnAqwV
V6bs1x1jmA67d2Cbg3GMuWeENXx3jHW0YDUdqR0RYUfzFfz/NoPthnLTTikM3Cwe
0FwWZqTQYEtr+tpWnXQ6FhK89HW5kQcAyk+Y1jaSnb7+P3VKmtRFrA20gdZKFGoz
xkTa0fQO9qxziR5ITIS+djD+6MTVCPEqSZhZ9fAfbAm8TE8BMmP4NxTMtnGtAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhT9TefwU4+b8NVMePSQnQu6agpcwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzNzM2MmUzMTMwMzEyZTMx
MzczMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMzMzkzNjMzMzEzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEArBlrDANBgkqhkiG9w0BAQsFAAOCAQEAEeAv0uUQP9PS41A56T59XhBH2Gag
leGmIMCBE4xglr74TqxQcc1WCBIxlbaEE41nUWBgT3nafpiuYFmIb1z1T7OrKKoq
s8r0M/DEaHCfc1ehkXxjl6bBhS7aPP9J4ND56H47Zlppdfx+9wKIfyRsFS8h4qZk
ExPTrHoX2IZZiAIikrgQdYOmi3D/nI9REnWkhu5Q4Q9BZNIIpDuzDGQBLGyVhgoL
YMnZUDUxLiWW5y2jA+GeZti1zv0WApTgSkBQPIQGZkgN/3cncslar29F0aCfjqba
JHoF3e7HJLxyq5JZpoCIsEb3bv+QmjURpXDy3GXZ+N8QKfWLHqdo8DJbwA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:23 2025 by rpki-client