Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138322e31392e302f32342d3234203d3e203334393237.roa
File: 352e3138322e31392e302f32342d3234203d3e203334393237.roa (raw, json)
Hash identifier: q2k8MVBCjR3NBRzbsUFa82M4Z2QeMAkBrQbRx28KanQ=
Subject key identifier: 0C:9A:B2:A2:26:00:D2:FD:FD:B4:EE:07:E0:65:09:9C:4C:DA:EF:71
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 08E942313643EB0058A8B6DDC03615E03894D244
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138322e31392e302f32342d3234203d3e203334393237.roa
Signing time: Thu 26 Jun 2025 07:11:21 +0000
ROA not before: Thu 26 Jun 2025 07:06:21 +0000
ROA not after: Thu 25 Jun 2026 07:11:21 +0000
asID: 34927
IP address blocks: 5.182.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 22:11:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:e9:42:31:36:43:eb:00:58:a8:b6:dd:c0:36:15:e0:38:94:d2:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 26 07:06:21 2025 GMT
Not After : Jun 25 07:11:21 2026 GMT
Subject: CN=0C9AB2A22600D2FDFDB4EE07E065099C4CDAEF71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ca:f2:93:a5:b7:d8:c0:64:75:51:46:7f:33:
d0:d9:34:7d:a5:67:2b:ff:c7:7c:b6:6c:a3:fa:73:
86:e4:09:a1:e3:19:91:4a:c5:d2:87:15:4d:13:f3:
0c:56:21:4b:25:da:86:0f:4f:97:78:21:b7:49:d2:
2b:9a:a6:0f:51:a2:3e:89:5a:40:c4:6c:a3:24:27:
78:af:ef:11:64:54:78:04:97:d7:a9:6e:ae:22:23:
1c:f8:58:3d:c8:9c:48:f4:71:4d:2c:50:fb:c4:1f:
33:8d:4e:e9:a3:d7:12:dd:59:77:7e:cf:9d:48:a1:
4a:19:4d:67:fe:0c:ff:38:a9:03:bb:2d:25:cc:28:
f0:b0:cf:8d:e5:35:a2:e2:a2:ba:17:bd:1e:82:4f:
59:5c:5b:95:2c:e0:b8:8d:7f:2a:a3:33:e1:ee:6b:
94:e5:4d:84:c8:ac:39:27:43:bb:ad:8c:b6:c9:ec:
2c:da:01:77:61:ed:e8:07:d1:3a:01:4c:57:20:c8:
4e:e2:35:e5:ee:29:00:21:38:ed:b4:48:42:6d:1f:
f1:7a:4f:6f:6e:fd:c7:d3:3c:17:1d:bf:e9:76:23:
0c:a3:dc:8d:f7:fc:22:8f:2a:ce:37:b1:70:b0:0c:
42:2c:65:e5:be:58:1d:d5:27:26:76:26:ab:0a:03:
ce:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:9A:B2:A2:26:00:D2:FD:FD:B4:EE:07:E0:65:09:9C:4C:DA:EF:71
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138322e31392e302f32342d3234203d3e203334393237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.19.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:04:c8:57:78:19:48:37:44:8b:8a:aa:52:dd:b7:20:33:3e:
c8:16:cc:9c:96:7a:da:da:9d:6e:b7:9d:4c:82:7b:56:4e:2f:
cf:cd:fb:36:04:a3:fb:1c:fe:f6:57:3a:31:de:84:e2:f7:d9:
6a:90:57:f7:6a:2a:df:51:1a:ae:fb:8a:d4:fa:a9:d8:c0:9b:
9d:29:57:69:f9:60:00:e8:df:a1:4c:76:30:15:d6:7a:bd:ce:
ba:a4:09:fb:83:7c:a8:7b:c9:ad:ea:07:a7:6f:d8:d9:df:2d:
dd:a4:32:06:4e:a8:32:57:38:08:f2:5e:64:fe:37:05:ce:03:
f4:73:20:fb:3e:15:21:d8:0c:e4:f5:03:0d:d3:f2:79:3e:f4:
52:fa:f9:c1:98:52:f7:e2:ec:a5:f5:01:8d:a1:d4:90:4c:ff:
59:48:af:96:14:72:17:11:1f:07:38:1e:8b:67:c0:ff:1c:17:
47:78:fb:42:e4:eb:a9:e1:93:53:95:20:18:05:0e:3f:e8:70:
34:9e:24:3d:05:84:77:f1:54:3e:44:7e:2b:1a:6d:ca:be:09:
e0:47:1e:f1:84:7f:85:9b:f2:55:9d:d8:ff:15:36:26:50:1a:
de:96:dc:0e:d2:10:79:2d:67:98:f4:9e:e5:3c:a2:90:7b:ed:
63:7f:06:c2
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUCOlCMTZD6wBYqLbdwDYV4DiU0kQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MjYwNzA2MjFaFw0yNjA2MjUwNzExMjFaMDMxMTAvBgNV
BAMTKDBDOUFCMkEyMjYwMEQyRkRGREI0RUUwN0UwNjUwOTlDNENEQUVGNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8yvKTpbfYwGR1UUZ/M9DZNH2l
Zyv/x3y2bKP6c4bkCaHjGZFKxdKHFU0T8wxWIUsl2oYPT5d4IbdJ0iuapg9Roj6J
WkDEbKMkJ3iv7xFkVHgEl9epbq4iIxz4WD3InEj0cU0sUPvEHzONTumj1xLdWXd+
z51IoUoZTWf+DP84qQO7LSXMKPCwz43lNaLioroXvR6CT1lcW5Us4LiNfyqjM+Hu
a5TlTYTIrDknQ7utjLbJ7CzaAXdh7egH0ToBTFcgyE7iNeXuKQAhOO20SEJtH/F6
T29u/cfTPBcdv+l2Iwyj3I33/CKPKs43sXCwDEIsZeW+WB3VJyZ2JqsKA86BAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUDJqyoiYA0v39tO4H4GUJnEza73EwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNTJlMzEzODMyMmUz
MTM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzNDM5MzIzNy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AAW2EzANBgkqhkiG9w0BAQsFAAOCAQEAuwTIV3gZSDdEi4qqUt23IDM+yBbMnJZ6
2tqdbredTIJ7Vk4vz837NgSj+xz+9lc6Md6E4vfZapBX92oq31EarvuK1Pqp2MCb
nSlXaflgAOjfoUx2MBXWer3OuqQJ+4N8qHvJreoHp2/Y2d8t3aQyBk6oMlc4CPJe
ZP43Bc4D9HMg+z4VIdgM5PUDDdPyeT70Uvr5wZhS9+LspfUBjaHUkEz/WUivlhRy
FxEfBzgei2fA/xwXR3j7QuTrqeGTU5UgGAUOP+hwNJ4kPQWEd/FUPkR+Kxptyr4J
4Ece8YR/hZvyVZ3Y/xU2JlAa3pbcDtIQeS1nmPSe5TyikHvtY38Gwg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:05:38 2025 by rpki-client