Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3136352e38342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: NWcKegAHELezDyud569eCXPUrfuh00eqb0NF+UChc58=
Subject key identifier: 56:7D:DA:A2:56:8D:D6:AC:11:1E:D4:98:ED:9A:2B:A2:4A:C4:43:01
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 397268CB0060CD9C0775D14A11CD15BD2CD47B22
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38342e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 13 Apr 2025 11:46:03 +0000
ROA not before: Sun 13 Apr 2025 11:41:03 +0000
ROA not after: Sun 12 Apr 2026 11:46:03 +0000
asID: 136787
IP address blocks: 185.165.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:72:68:cb:00:60:cd:9c:07:75:d1:4a:11:cd:15:bd:2c:d4:7b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 13 11:41:03 2025 GMT
Not After : Apr 12 11:46:03 2026 GMT
Subject: CN=567DDAA2568DD6AC111ED498ED9A2BA24AC44301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:12:01:33:0e:aa:3f:bd:9d:9e:59:42:34:07:
05:a5:8b:f1:75:b1:c0:0c:0d:e7:fe:dd:d2:de:80:
95:35:02:c4:2a:3d:28:21:64:11:f8:f5:11:de:96:
27:41:a9:2f:d7:91:9d:ee:bf:97:86:df:39:3f:12:
18:cd:f5:29:f9:f0:1b:18:af:25:39:9b:3a:37:7d:
6a:6a:c3:2d:be:ee:03:2f:c8:33:1e:fc:30:75:e0:
43:08:ac:ba:d4:f2:fc:48:eb:c0:52:55:e9:ea:c2:
12:3a:30:35:1c:ce:ee:4c:b9:73:d2:0c:cf:d0:ba:
f1:d5:b3:26:48:9e:36:de:90:de:ed:e9:31:57:b5:
00:12:1c:0b:aa:01:ed:95:89:6d:89:83:bb:11:35:
e7:89:71:51:14:a3:4f:68:d0:a3:3a:21:24:e2:33:
c8:74:0a:f6:c6:7a:cf:32:a8:3e:dd:6a:32:db:63:
e3:08:3e:84:63:18:3c:cb:36:b0:62:a7:07:4c:5a:
f1:df:6e:4d:76:2b:9f:f4:37:e7:a1:69:9d:9a:7d:
ca:eb:05:2a:5c:4e:f8:b6:5d:3f:2b:a3:86:80:ca:
70:75:fa:81:c9:d5:ab:38:d0:c8:0d:67:35:e0:d6:
92:e8:f9:b3:b7:c3:3f:42:89:f9:cc:8d:5e:f1:e9:
ed:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7D:DA:A2:56:8D:D6:AC:11:1E:D4:98:ED:9A:2B:A2:4A:C4:43:01
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.84.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:4f:27:1e:9d:5e:5f:83:ec:40:d0:5b:fb:b4:fe:89:d0:f2:
f5:36:67:e7:65:89:ee:ee:67:f3:a2:cd:6b:48:81:4e:a2:27:
6e:a4:54:6c:61:f4:d7:d4:8e:f5:c2:f4:4a:d0:79:d9:a8:52:
7d:5d:dc:19:68:ee:42:13:de:62:b6:ee:b0:2d:4d:0e:0f:56:
ee:f2:ed:94:e9:97:51:a8:f0:39:4a:24:5f:5e:b8:0b:cf:01:
b3:09:8d:72:e6:0d:45:96:c2:ef:8b:81:51:ed:ff:e6:4a:24:
f2:9d:07:2c:1d:0e:54:a4:e4:ab:3e:d2:2a:cb:86:c6:a1:18:
c9:33:f1:91:20:44:1e:6a:fa:20:e6:ad:8b:98:4b:68:5e:ac:
1c:ef:40:bc:28:71:f9:9e:0c:06:ae:68:58:2f:b1:21:35:31:
f8:0b:6a:71:49:f5:00:6e:b8:93:0e:13:d7:3f:3f:a8:91:ec:
db:fd:bf:d4:ef:60:57:d5:61:27:c3:72:9d:37:98:ef:d6:8c:
19:01:e0:a1:55:24:75:ba:01:92:95:56:51:12:1b:75:c0:25:
18:1f:69:57:ec:38:17:d1:61:b2:3e:4d:b6:7c:54:24:5d:ff:
cd:59:2c:23:69:71:4d:2e:45:0e:b6:a2:89:5c:11:e6:0c:94:
17:a5:61:1b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUOXJoywBgzZwHddFKEc0VvSzUeyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA0MTMxMTQxMDNaFw0yNjA0MTIxMTQ2MDNaMDMxMTAvBgNV
BAMTKDU2N0REQUEyNTY4REQ2QUMxMTFFRDQ5OEVEOUEyQkEyNEFDNDQzMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUEgEzDqo/vZ2eWUI0BwWli/F1
scAMDef+3dLegJU1AsQqPSghZBH49RHelidBqS/XkZ3uv5eG3zk/EhjN9Sn58BsY
ryU5mzo3fWpqwy2+7gMvyDMe/DB14EMIrLrU8vxI68BSVenqwhI6MDUczu5MuXPS
DM/QuvHVsyZInjbekN7t6TFXtQASHAuqAe2ViW2Jg7sRNeeJcVEUo09o0KM6ISTi
M8h0CvbGes8yqD7dajLbY+MIPoRjGDzLNrBipwdMWvHfbk12K5/0N+ehaZ2afcrr
BSpcTvi2XT8ro4aAynB1+oHJ1as40MgNZzXg1pLo+bO3wz9CifnMjV7x6e33AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUVn3aolaN1qwRHtSY7ZorokrEQwEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NTJlMzgzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmlVDANBgkqhkiG9w0BAQsFAAOCAQEADU8nHp1eX4PsQNBb+7T+idDy
9TZn52WJ7u5n86LNa0iBTqInbqRUbGH019SO9cL0StB52ahSfV3cGWjuQhPeYrbu
sC1NDg9W7vLtlOmXUajwOUokX164C88BswmNcuYNRZbC74uBUe3/5kok8p0HLB0O
VKTkqz7SKsuGxqEYyTPxkSBEHmr6IOati5hLaF6sHO9AvChx+Z4MBq5oWC+xITUx
+AtqcUn1AG64kw4T1z8/qJHs2/2/1O9gV9VhJ8NynTeY79aMGQHgoVUkdboBkpVW
URIbdcAlGB9pV+w4F9Fhsj5NtnxUJF3/zVksI2lxTS5FDraiiVwR5gyUF6VhGw==
-----END CERTIFICATE-----
Generated at Tue May 6 03:24:36 2025 by rpki-client