Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132382e302f32342d3234203d3e20323132323338.roa
File: 3138352e3235352e3132382e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: nLTEuT4ohQmjRmFGEUmAIZRvwLBoqreyObO3elsWD6E=
Subject key identifier: C8:D7:8B:84:FB:F0:3A:4F:20:C2:9B:7B:77:6A:F0:FA:90:CE:E2:AE
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3DF954726515AAAEAF1810658D746C0567BC9B8B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132382e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 27 Jun 2025 11:51:25 +0000
ROA not before: Fri 27 Jun 2025 11:46:25 +0000
ROA not after: Fri 26 Jun 2026 11:51:25 +0000
asID: 212238
IP address blocks: 185.255.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 22:11:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:f9:54:72:65:15:aa:ae:af:18:10:65:8d:74:6c:05:67:bc:9b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 27 11:46:25 2025 GMT
Not After : Jun 26 11:51:25 2026 GMT
Subject: CN=C8D78B84FBF03A4F20C29B7B776AF0FA90CEE2AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e9:0e:3a:d7:c9:72:b7:55:6f:ae:1a:35:25:
03:97:4f:e7:d3:47:d8:6c:62:73:dd:21:8f:88:4d:
d8:9b:15:fc:e5:b4:be:71:f5:f3:1e:2d:32:ea:ec:
74:84:bb:c7:1c:52:06:9c:38:1b:17:e1:30:b3:37:
39:03:d6:f5:2e:64:22:89:74:eb:07:90:c3:fa:32:
bf:b9:de:f8:11:2c:aa:1c:fa:fa:04:72:b7:51:b7:
74:48:d6:bc:75:27:c5:51:2b:e8:22:28:88:54:1d:
b3:ba:5c:10:90:ed:c6:d2:4a:22:f9:38:4d:a5:74:
dc:d9:56:55:37:c3:a3:3d:e3:60:dc:5e:6f:8e:bc:
28:0b:6d:ca:d1:0c:19:72:5e:e5:69:68:e7:b4:d3:
71:29:25:e7:27:ae:db:fb:b8:30:33:7e:ba:84:6c:
02:7d:94:7f:1e:e3:e5:9e:29:19:b4:c4:63:e7:56:
b6:b3:6d:96:c3:f8:85:60:b3:dc:f6:6f:41:9a:28:
71:4c:63:56:f0:d5:de:7d:f9:0c:b2:86:45:fc:a6:
0c:e1:0c:3f:dc:ad:36:a2:4f:ee:ba:13:dd:da:8b:
f1:99:e9:f3:85:76:cb:f2:34:b1:d1:eb:76:83:4b:
a5:b3:c3:1f:57:74:00:c5:99:45:d8:bb:b1:de:7d:
11:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D7:8B:84:FB:F0:3A:4F:20:C2:9B:7B:77:6A:F0:FA:90:CE:E2:AE
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3235352e3132382e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.128.0/24
Signature Algorithm: sha256WithRSAEncryption
67:99:a7:08:1f:ad:94:69:10:02:5c:f8:ef:b4:ab:cb:3b:57:
5b:1d:68:54:14:e2:ea:4d:c8:a7:c4:2a:3a:c6:9e:a1:75:84:
ef:1f:2d:a2:fc:d3:a0:ed:dc:54:8d:27:b5:c7:59:aa:53:e1:
ea:d9:e3:04:5c:d3:59:a9:fc:5e:b1:d6:0a:84:18:24:3d:3b:
1c:5c:dd:9a:b2:e2:d6:6b:f1:0e:d1:a1:b6:e8:77:90:57:2a:
af:2b:ff:a4:d8:d0:7b:47:d0:50:bf:59:54:38:d0:af:c3:24:
83:fc:14:0d:86:c6:19:26:c1:e3:73:fa:7c:c7:13:5a:31:26:
bf:20:49:44:fb:02:84:57:07:ca:42:29:92:51:3c:ee:c3:81:
89:be:09:07:d2:d1:92:95:74:39:bc:be:4f:2d:a9:1c:17:b0:
bc:3f:dc:b3:d6:d6:81:8a:a0:a4:29:83:fd:1e:9b:ef:e8:f3:
5f:52:98:72:c1:b3:a0:05:38:4a:a8:f5:1b:e3:01:4e:26:bf:
59:9b:d4:3b:6c:0b:d5:88:f6:a5:af:53:e6:9e:72:58:00:36:
e0:67:c6:6b:3d:20:ba:95:6e:75:5e:be:58:30:79:e9:e8:05:
df:cb:e2:24:73:65:13:79:78:ea:91:20:d4:6c:bf:26:06:03:
c9:18:cd:4d
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUPflUcmUVqq6vGBBljXRsBWe8m4swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MjcxMTQ2MjVaFw0yNjA2MjYxMTUxMjVaMDMxMTAvBgNV
BAMTKEM4RDc4Qjg0RkJGMDNBNEYyMEMyOUI3Qjc3NkFGMEZBOTBDRUUyQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt6Q4618lyt1Vvrho1JQOXT+fT
R9hsYnPdIY+ITdibFfzltL5x9fMeLTLq7HSEu8ccUgacOBsX4TCzNzkD1vUuZCKJ
dOsHkMP6Mr+53vgRLKoc+voEcrdRt3RI1rx1J8VRK+giKIhUHbO6XBCQ7cbSSiL5
OE2ldNzZVlU3w6M942DcXm+OvCgLbcrRDBlyXuVpaOe003EpJecnrtv7uDAzfrqE
bAJ9lH8e4+WeKRm0xGPnVrazbZbD+IVgs9z2b0GaKHFMY1bw1d59+QyyhkX8pgzh
DD/crTaiT+66E93ai/GZ6fOFdsvyNLHR63aDS6Wzwx9XdADFmUXYu7HefRF5AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUyNeLhPvwOk8gwpt7d2rw+pDO4q4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzUz
NTJlMzEzMjM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuf+AMA0GCSqGSIb3DQEBCwUAA4IBAQBnmacIH62UaRACXPjvtKvL
O1dbHWhUFOLqTcinxCo6xp6hdYTvHy2i/NOg7dxUjSe1x1mqU+Hq2eMEXNNZqfxe
sdYKhBgkPTscXN2asuLWa/EO0aG26HeQVyqvK/+k2NB7R9BQv1lUONCvwySD/BQN
hsYZJsHjc/p8xxNaMSa/IElE+wKEVwfKQimSUTzuw4GJvgkH0tGSlXQ5vL5PLakc
F7C8P9yz1taBiqCkKYP9Hpvv6PNfUphywbOgBThKqPUb4wFOJr9Zm9Q7bAvViPal
r1PmnnJYADbgZ8ZrPSC6lW51Xr5YMHnp6AXfy+Ikc2UTeXjqkSDUbL8mBgPJGM1N
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:27:14 2025 by rpki-client