Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34392e302f32342d3234203d3e20313336373837.roa
File: 3139342e3234322e34392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: qeseGmyWapLBqBRtnKT6fw9jwPhYS27YOJxtLiutSxc=
Subject key identifier: 73:86:37:A0:67:3A:BE:63:E0:D5:AD:29:C2:83:EE:06:44:9B:EF:E5
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3BDD8A60C3E44FC49C65E093106C33E6E78AEC1B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34392e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 25 Apr 2025 17:35:00 +0000
ROA not before: Fri 25 Apr 2025 17:30:00 +0000
ROA not after: Fri 24 Apr 2026 17:35:00 +0000
asID: 136787
IP address blocks: 194.242.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 08:53:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:dd:8a:60:c3:e4:4f:c4:9c:65:e0:93:10:6c:33:e6:e7:8a:ec:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 25 17:30:00 2025 GMT
Not After : Apr 24 17:35:00 2026 GMT
Subject: CN=738637A0673ABE63E0D5AD29C283EE06449BEFE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:34:b8:f9:32:86:b0:56:ea:a5:84:64:78:47:
2a:af:e7:b8:fa:08:d6:b1:3b:db:c7:b4:c3:39:74:
9d:39:c5:bd:9e:f4:61:2b:e8:31:2b:16:8f:d2:1e:
f8:dc:8f:2e:2d:33:99:86:f2:d7:cc:dc:b0:35:ee:
d6:90:6e:90:e0:41:92:e4:63:55:db:16:ab:6c:e7:
1d:56:9b:7b:ad:fd:9c:1d:dc:cc:70:1b:f7:a4:b6:
93:24:79:90:c8:3d:eb:e4:86:62:58:9e:60:2f:f9:
b9:94:1c:4e:95:61:20:a9:1c:25:65:16:2e:8e:f6:
20:18:ca:36:37:ca:a4:b2:8b:a1:ad:9e:13:f2:3e:
66:76:cb:8e:cd:c4:b5:1a:da:a1:f2:9e:a5:11:bc:
b9:4d:75:1d:36:d3:d2:18:f2:e6:65:b7:7a:4e:4d:
2b:60:ff:6f:42:a1:13:33:fa:95:0e:bf:f1:2b:4a:
77:7a:4b:d0:cf:01:75:c0:10:01:7b:1d:64:19:06:
d6:fd:4d:6f:ba:77:fd:a4:79:23:4b:e7:65:a7:81:
41:bf:29:84:4d:30:2e:73:8b:07:e6:e5:ea:74:88:
25:74:26:78:f7:78:42:f5:a3:05:a8:43:05:b0:fa:
7f:91:b0:07:52:45:82:2c:46:e2:1c:13:0c:ce:a5:
31:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:86:37:A0:67:3A:BE:63:E0:D5:AD:29:C2:83:EE:06:44:9B:EF:E5
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.49.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:80:2f:b0:e1:85:6a:e8:03:0d:21:2d:c5:ce:d4:d9:20:39:
f0:65:f8:29:e9:a6:74:75:e8:ce:09:21:e5:11:75:7d:26:c0:
0a:0b:43:aa:d8:b5:b9:d7:fc:9b:e4:62:5d:e7:16:51:fd:b4:
4b:8a:31:c9:12:60:0c:e4:b2:22:b6:71:b6:b8:53:51:d7:57:
90:46:8b:a4:0c:43:d0:19:39:62:08:e5:c6:2d:5b:d6:81:06:
c7:86:a9:3d:e7:9d:af:1a:4f:c5:7c:bc:c1:42:e0:0d:9f:3f:
00:9e:e5:46:2d:2f:99:59:85:df:c2:5f:30:b3:90:7e:90:c3:
15:6b:83:04:40:07:e8:b3:a9:1a:aa:25:87:6c:eb:9e:25:33:
b2:b0:ed:71:26:9b:b3:eb:0f:bc:6f:2c:3d:c1:69:63:d2:b5:
ca:87:f1:8c:a9:ad:6d:41:eb:38:92:0e:17:3e:4b:a7:f9:b4:
e9:92:6c:2c:5b:c8:d4:86:d8:c0:a5:0a:79:d5:c1:04:df:99:
11:66:05:ae:e5:df:4d:97:83:2c:af:61:fa:70:e3:48:50:a7:
4f:7e:23:16:81:48:c7:2e:fd:40:fa:7b:ba:77:40:ed:e6:f7:
15:86:e9:50:65:9f:fc:be:b8:99:23:57:82:ad:bb:a1:86:26:
c6:de:91:c9
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUO92KYMPkT8ScZeCTEGwz5ueK7BswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA0MjUxNzMwMDBaFw0yNjA0MjQxNzM1MDBaMDMxMTAvBgNV
BAMTKDczODYzN0EwNjczQUJFNjNFMEQ1QUQyOUMyODNFRTA2NDQ5QkVGRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD8NLj5MoawVuqlhGR4Ryqv57j6
CNaxO9vHtMM5dJ05xb2e9GEr6DErFo/SHvjcjy4tM5mG8tfM3LA17taQbpDgQZLk
Y1XbFqts5x1Wm3ut/Zwd3MxwG/ektpMkeZDIPevkhmJYnmAv+bmUHE6VYSCpHCVl
Fi6O9iAYyjY3yqSyi6GtnhPyPmZ2y47NxLUa2qHynqURvLlNdR0209IY8uZlt3pO
TStg/29CoRMz+pUOv/ErSnd6S9DPAXXAEAF7HWQZBtb9TW+6d/2keSNL52WngUG/
KYRNMC5ziwfm5ep0iCV0Jnj3eEL1owWoQwWw+n+RsAdSRYIsRuIcEwzOpTH3AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUc4Y3oGc6vmPg1a0pwoPuBkSb7+UwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMyMzQz
MjJlMzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMLyMTANBgkqhkiG9w0BAQsFAAOCAQEAv4AvsOGFaugDDSEtxc7U2SA5
8GX4KemmdHXozgkh5RF1fSbACgtDqti1udf8m+RiXecWUf20S4oxyRJgDOSyIrZx
trhTUddXkEaLpAxD0Bk5Ygjlxi1b1oEGx4apPeedrxpPxXy8wULgDZ8/AJ7lRi0v
mVmF38JfMLOQfpDDFWuDBEAH6LOpGqolh2zrniUzsrDtcSabs+sPvG8sPcFpY9K1
yofxjKmtbUHrOJIOFz5Lp/m06ZJsLFvI1IbYwKUKedXBBN+ZEWYFruXfTZeDLK9h
+nDjSFCnT34jFoFIxy79QPp7undA7eb3FYbpUGWf/L64mSNXgq27oYYmxt6RyQ==
-----END CERTIFICATE-----
Generated at Thu May 8 19:50:57 2025 by rpki-client