Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138342e302f32342d3234203d3e20323132323338.roa
File: 34352e3134302e3138342e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: eHZxLCIn+QumX9JUb8XZ5HEqvSlTwjdgJedADJkDXhM=
Subject key identifier: 71:27:C2:9A:6C:69:A8:16:88:3E:45:47:BD:41:7E:D0:D3:78:93:6D
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1245863957AABCA59D5334BB01D82239F762D774
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138342e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 27 Jun 2025 11:51:03 +0000
ROA not before: Fri 27 Jun 2025 11:46:03 +0000
ROA not after: Fri 26 Jun 2026 11:51:03 +0000
asID: 212238
IP address blocks: 45.140.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:45:86:39:57:aa:bc:a5:9d:53:34:bb:01:d8:22:39:f7:62:d7:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 27 11:46:03 2025 GMT
Not After : Jun 26 11:51:03 2026 GMT
Subject: CN=7127C29A6C69A816883E4547BD417ED0D378936D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:90:09:84:d7:c4:a6:93:ef:55:fd:ac:3f:1e:
f6:fe:fe:5f:a5:3d:c0:c4:6f:8b:7c:7a:9f:6e:91:
d8:38:30:bb:ee:8c:fc:db:ff:03:09:28:6d:92:2b:
e4:56:c6:19:bc:c8:32:0f:e7:c5:7f:6e:e2:35:ae:
1f:da:c9:22:ba:06:32:da:47:ab:87:1a:eb:92:ce:
5e:be:6e:9a:f9:be:7c:12:eb:ea:ae:6b:b4:19:47:
45:ef:12:f1:2f:66:e8:fa:0f:9a:88:cf:c0:e3:c0:
4a:e5:be:e9:6b:a8:a8:5d:06:c3:07:63:87:7d:4f:
9e:1a:f0:5b:4d:3b:29:ec:25:54:9e:10:9b:78:fb:
a8:26:65:48:ca:13:2f:ce:9a:6c:7d:40:97:a5:25:
77:9f:c0:15:f2:da:4f:70:a2:14:e6:35:a6:f7:e7:
f2:ec:34:ea:b6:d5:5f:2a:13:7b:e1:0e:48:40:2e:
9e:86:b7:fe:16:ef:96:04:65:35:44:e8:73:14:51:
39:c2:b6:23:b5:53:35:c7:05:e0:eb:44:ae:89:4e:
de:52:e6:cc:c7:3a:e6:80:ff:91:fd:cb:5f:b5:f6:
85:79:93:fd:1a:ab:f5:6f:eb:a3:21:c1:cf:7d:47:
26:ef:c1:9d:20:3b:0c:f2:1e:2e:76:3f:58:98:a4:
6d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:27:C2:9A:6C:69:A8:16:88:3E:45:47:BD:41:7E:D0:D3:78:93:6D
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138342e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.184.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:81:89:77:23:f4:9c:39:e9:2a:38:70:00:94:69:96:68:e6:
fb:3e:d2:8b:b2:83:f4:a3:ff:8b:43:a1:69:d2:f5:69:94:23:
cc:15:ce:d6:09:5a:e2:2a:58:67:86:77:31:e4:53:b3:1a:1f:
e2:aa:d3:a0:b9:3c:cb:9d:29:40:1f:1b:7b:e1:47:49:2d:65:
a9:27:07:02:b0:50:4a:06:0f:34:62:06:59:9b:cf:07:39:ee:
f3:f8:0f:ae:65:38:ab:ae:5c:e3:53:7f:71:e3:71:bf:15:88:
ad:69:52:1e:6f:c4:57:59:4c:c1:59:a3:3d:b0:0a:ab:58:73:
59:ea:31:f7:48:80:1f:bc:2e:70:85:2c:20:e5:69:e0:8e:65:
e6:58:9e:d1:78:63:e2:c1:c9:59:2a:34:0e:a6:7b:09:3f:5a:
b2:5c:c4:18:e7:0a:f3:5f:3d:34:b0:0b:5d:0c:cc:4b:db:34:
17:ce:a5:65:a1:1e:78:71:0d:bb:74:5d:f5:70:64:b0:df:cf:
fc:de:f8:d2:10:02:cd:0a:43:38:b3:87:c8:0a:19:fd:6f:ce:
0b:dd:c5:b9:4d:2a:a7:e0:85:ec:c6:bb:38:c8:66:90:9d:5f:
e1:99:30:ef:08:14:b9:61:05:11:60:db:8c:9f:5d:cc:53:84:
3e:c0:63:dc
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUEkWGOVeqvKWdUzS7AdgiOfdi13QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MjcxMTQ2MDNaFw0yNjA2MjYxMTUxMDNaMDMxMTAvBgNV
BAMTKDcxMjdDMjlBNkM2OUE4MTY4ODNFNDU0N0JENDE3RUQwRDM3ODkzNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFkAmE18Smk+9V/aw/Hvb+/l+l
PcDEb4t8ep9ukdg4MLvujPzb/wMJKG2SK+RWxhm8yDIP58V/buI1rh/aySK6BjLa
R6uHGuuSzl6+bpr5vnwS6+qua7QZR0XvEvEvZuj6D5qIz8DjwErlvulrqKhdBsMH
Y4d9T54a8FtNOynsJVSeEJt4+6gmZUjKEy/Ommx9QJelJXefwBXy2k9wohTmNab3
5/LsNOq21V8qE3vhDkhALp6Gt/4W75YEZTVE6HMUUTnCtiO1UzXHBeDrRK6JTt5S
5szHOuaA/5H9y1+19oV5k/0aq/Vv66Mhwc99RybvwZ0gOwzyHi52P1iYpG0hAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUcSfCmmxpqBaIPkVHvUF+0NN4k20wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzAy
ZTMxMzgzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2MuDANBgkqhkiG9w0BAQsFAAOCAQEATYGJdyP0nDnpKjhwAJRplmjm
+z7Si7KD9KP/i0OhadL1aZQjzBXO1gla4ipYZ4Z3MeRTsxof4qrToLk8y50pQB8b
e+FHSS1lqScHArBQSgYPNGIGWZvPBznu8/gPrmU4q65c41N/ceNxvxWIrWlSHm/E
V1lMwVmjPbAKq1hzWeox90iAH7wucIUsIOVp4I5l5lie0Xhj4sHJWSo0DqZ7CT9a
slzEGOcK8189NLALXQzMS9s0F86lZaEeeHENu3Rd9XBksN/P/N740hACzQpDOLOH
yAoZ/W/OC93FuU0qp+CF7Ma7OMhmkJ1f4Zkw7wgUuWEFEWDbjJ9dzFOEPsBj3A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:49:45 2025 by rpki-client