Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3139362e36392e302f32342d3234203d3e20323132323338.roa
File: 39312e3139362e36392e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 6wWmuYG2U8UcaUPBLZelpi1SKwxnumo4Lr8Cng6yYGE=
Subject key identifier: 3B:C3:96:1B:C0:59:71:AD:A1:7A:06:B9:CD:0F:85:D3:AB:62:96:21
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 547D2EC9688966507F35044BBF934A85FEF26047
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3139362e36392e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 27 Jun 2025 11:55:08 +0000
ROA not before: Fri 27 Jun 2025 11:50:08 +0000
ROA not after: Fri 26 Jun 2026 11:55:08 +0000
asID: 212238
IP address blocks: 91.196.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 22:11:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:7d:2e:c9:68:89:66:50:7f:35:04:4b:bf:93:4a:85:fe:f2:60:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 27 11:50:08 2025 GMT
Not After : Jun 26 11:55:08 2026 GMT
Subject: CN=3BC3961BC05971ADA17A06B9CD0F85D3AB629621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5f:fe:8b:1c:df:1c:20:5b:3f:b4:bc:7a:7c:
fd:48:b1:91:3a:c6:3f:fd:cf:d0:ac:17:1a:5c:2f:
20:25:e6:8e:a7:d4:9e:91:03:66:63:be:82:89:3f:
b6:c7:2a:98:10:20:62:5e:62:82:36:66:a9:22:58:
02:0e:3f:cd:c8:23:d6:5a:6b:fe:0b:39:ba:7d:ef:
2f:f7:00:ec:1b:c6:4f:e6:d1:8c:72:41:ce:bf:fe:
30:3c:86:78:0d:31:23:94:52:9c:0d:44:26:17:b8:
4a:2f:d1:eb:f6:47:f1:b2:c2:4c:3d:58:a2:4f:83:
c0:1b:fc:3b:64:02:c8:15:ff:3c:f9:d3:99:dd:82:
93:98:4c:22:27:e6:79:47:09:c6:c8:cb:90:d7:55:
c4:54:9a:91:20:d0:44:0b:8e:00:7b:dc:42:64:8d:
c4:d6:42:5b:7f:53:6e:da:c7:8d:70:62:aa:fd:f5:
7e:20:0d:4c:d7:0c:7a:19:57:4c:05:b0:f8:06:d6:
78:ec:1a:ef:02:23:10:ef:9b:24:27:05:60:63:cc:
a8:a5:c6:f1:4e:d3:50:5a:7e:cf:62:af:4f:08:8a:
7d:b2:f2:a2:85:4c:01:75:de:6e:cf:89:5a:3a:58:
e3:0d:9a:84:5d:09:b3:d8:86:b6:a1:dd:5b:96:69:
12:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C3:96:1B:C0:59:71:AD:A1:7A:06:B9:CD:0F:85:D3:AB:62:96:21
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3139362e36392e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.69.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:9f:61:96:22:f0:28:d6:01:b1:04:04:f4:fd:29:03:d2:ff:
9e:99:08:fd:66:34:05:58:be:a5:6a:40:81:18:b3:60:45:b4:
a7:59:c8:9f:a7:f1:58:3d:01:e8:12:28:92:a2:d3:75:17:80:
76:de:99:13:bd:bb:64:30:0b:72:2f:f9:66:69:a6:7b:12:06:
3f:48:8b:7c:d1:78:d3:b0:15:ba:7a:3e:60:2c:f3:b9:23:0c:
95:85:a4:05:65:3e:d4:0a:ed:21:0d:2d:0d:d6:5e:8b:1a:25:
d6:ea:4b:59:1c:9f:56:54:b0:dc:bd:46:78:2b:b3:95:d4:04:
db:eb:7b:62:ab:08:4e:04:cb:7b:d9:a8:c5:30:a1:e0:db:2b:
de:dc:df:2b:ce:42:d0:09:55:5c:6b:b8:12:96:55:97:00:a4:
3e:3b:70:6e:65:a1:31:68:3d:3f:39:93:36:5f:5a:86:54:b4:
19:e0:35:29:2f:58:81:85:c4:64:59:f2:b2:67:7a:10:c6:90:
95:51:51:ff:8a:f8:fe:8b:9d:e3:ba:71:7c:21:e5:94:bc:c0:
11:60:63:ee:5a:77:7c:c1:6a:13:bb:d9:3e:0e:64:41:82:26:
37:4e:bc:32:d6:cf:a1:bc:68:8a:ee:6b:48:79:ad:d6:fd:11:
3f:0f:da:39
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUVH0uyWiJZlB/NQRLv5NKhf7yYEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MjcxMTUwMDhaFw0yNjA2MjYxMTU1MDhaMDMxMTAvBgNV
BAMTKDNCQzM5NjFCQzA1OTcxQURBMTdBMDZCOUNEMEY4NUQzQUI2Mjk2MjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQX/6LHN8cIFs/tLx6fP1IsZE6
xj/9z9CsFxpcLyAl5o6n1J6RA2ZjvoKJP7bHKpgQIGJeYoI2ZqkiWAIOP83II9Za
a/4LObp97y/3AOwbxk/m0YxyQc6//jA8hngNMSOUUpwNRCYXuEov0ev2R/Gywkw9
WKJPg8Ab/DtkAsgV/zz505ndgpOYTCIn5nlHCcbIy5DXVcRUmpEg0EQLjgB73EJk
jcTWQlt/U27ax41wYqr99X4gDUzXDHoZV0wFsPgG1njsGu8CIxDvmyQnBWBjzKil
xvFO01Bafs9ir08Iin2y8qKFTAF13m7PiVo6WOMNmoRdCbPYhrah3VuWaRKJAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUO8OWG8BZca2hega5zQ+F06tiliEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTMxMmUzMTM5MzYy
ZTM2MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABbxEUwDQYJKoZIhvcNAQELBQADggEBAKqfYZYi8CjWAbEEBPT9KQPS/56Z
CP1mNAVYvqVqQIEYs2BFtKdZyJ+n8Vg9AegSKJKi03UXgHbemRO9u2QwC3Iv+WZp
pnsSBj9Ii3zReNOwFbp6PmAs87kjDJWFpAVlPtQK7SENLQ3WXosaJdbqS1kcn1ZU
sNy9Rngrs5XUBNvre2KrCE4Ey3vZqMUwoeDbK97c3yvOQtAJVVxruBKWVZcApD47
cG5loTFoPT85kzZfWoZUtBngNSkvWIGFxGRZ8rJnehDGkJVRUf+K+P6LneO6cXwh
5ZS8wBFgY+5ad3zBahO72T4OZEGCJjdOvDLWz6G8aIrua0h5rdb9ET8P2jk=
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:36:14 2025 by rpki-client