Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3137362e302f32312d3332203d3e203531313637.roa
File: 3130302e34322e3137362e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: EMfXxlu7d4B6mCmFKKDBR4toFCI2TrlzkLZ577jwGJI=
Subject key identifier: 13:E3:30:90:78:93:03:18:B5:6E:66:E3:95:20:67:F6:32:A6:75:56
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5F5988C5E99EC1F1E30920F178B79993ED01B045
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3137362e302f32312d3332203d3e203531313637.roa
Signing time: Mon 12 May 2025 10:46:12 +0000
ROA not before: Mon 12 May 2025 10:41:12 +0000
ROA not after: Mon 11 May 2026 10:46:12 +0000
asID: 51167
IP address blocks: 100.42.176.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:59:88:c5:e9:9e:c1:f1:e3:09:20:f1:78:b7:99:93:ed:01:b0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 12 10:41:12 2025 GMT
Not After : May 11 10:46:12 2026 GMT
Subject: CN=13E3309078930318B56E66E3952067F632A67556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3d:77:83:6b:34:45:80:41:75:35:55:d9:55:
39:77:00:10:41:02:8f:9d:85:10:ca:eb:63:cf:72:
5a:d3:0a:96:a7:06:05:1f:21:68:e7:86:a3:23:d6:
f1:98:7f:cf:9f:f0:7a:e4:e2:fe:a1:e1:ab:61:a6:
d6:69:13:e5:28:95:64:af:74:e5:66:49:5b:7e:d2:
de:9c:e9:73:48:e4:18:9d:37:96:25:82:dd:f8:fb:
06:d0:36:8a:13:88:40:4d:73:7f:fd:70:96:18:02:
08:20:b5:43:f5:9a:1b:47:1b:a8:47:de:81:1e:fa:
90:26:26:18:ae:00:2c:28:22:bf:7c:c1:5b:d6:9a:
5b:b8:0f:10:82:13:dc:ee:90:ff:ff:25:ef:70:99:
03:ee:0e:2e:7d:42:fa:13:c4:e5:72:3e:12:93:48:
cc:8c:4a:9f:62:56:29:d5:d8:46:e0:6c:58:e7:17:
97:91:a4:6b:d8:95:f7:5a:a2:62:90:5e:df:08:5b:
d0:1b:0d:90:85:28:43:05:0f:32:52:41:53:58:d8:
97:64:89:cf:87:fc:67:fc:e6:46:de:d5:79:3e:ad:
47:3c:d6:f5:b2:57:d3:52:ba:3c:94:58:80:b5:2e:
7d:85:c7:ef:17:d0:9a:cb:12:57:b9:26:10:80:0e:
fa:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E3:30:90:78:93:03:18:B5:6E:66:E3:95:20:67:F6:32:A6:75:56
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3137362e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
100.42.176.0/21
Signature Algorithm: sha256WithRSAEncryption
c0:1e:7c:0f:da:41:71:ab:81:35:d3:3b:e8:02:0d:81:4d:2b:
bc:48:04:21:b7:f2:ab:c3:72:fe:8d:68:55:95:91:c1:fa:77:
0e:28:b3:3c:3d:1a:25:41:c2:3a:75:c4:d7:aa:72:2b:70:3d:
46:ff:1a:51:c6:12:96:e4:2d:f2:3e:68:eb:cd:db:c8:3d:86:
1f:52:4a:e5:03:84:fd:46:4b:42:1e:da:89:96:b4:e2:65:42:
a2:36:d1:af:92:2a:8a:ff:f5:79:f5:a1:af:23:cc:82:21:08:
1a:6a:d7:ec:b4:58:ae:26:bf:6d:8a:53:5c:0e:96:6f:2e:f7:
f0:92:11:58:4c:fc:13:2a:08:aa:01:94:e2:39:1b:e2:6c:04:
41:c9:1d:b2:c4:3f:09:b3:a1:70:25:9d:eb:f2:fb:e6:4f:2f:
59:75:7e:f1:f8:6d:9a:a0:52:a8:6c:79:40:df:d3:1e:c6:9d:
27:e4:62:a3:ac:76:39:47:c8:87:d3:3a:ba:c6:f6:b6:44:fc:
22:e6:28:28:62:1c:73:19:66:01:e0:50:e2:87:8e:46:48:b5:
67:17:92:a6:67:6c:65:b1:20:92:34:db:15:e4:73:38:05:67:
26:59:ce:4b:49:2a:cf:a2:43:6c:b1:e6:02:49:25:e3:ae:e0:
55:c1:ac:dc
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUX1mIxemewfHjCSDxeLeZk+0BsEUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA1MTIxMDQxMTJaFw0yNjA1MTExMDQ2MTJaMDMxMTAvBgNV
BAMTKDEzRTMzMDkwNzg5MzAzMThCNTZFNjZFMzk1MjA2N0Y2MzJBNjc1NTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkPXeDazRFgEF1NVXZVTl3ABBB
Ao+dhRDK62PPclrTCpanBgUfIWjnhqMj1vGYf8+f8Hrk4v6h4athptZpE+UolWSv
dOVmSVt+0t6c6XNI5BidN5Ylgt34+wbQNooTiEBNc3/9cJYYAgggtUP1mhtHG6hH
3oEe+pAmJhiuACwoIr98wVvWmlu4DxCCE9zukP//Je9wmQPuDi59QvoTxOVyPhKT
SMyMSp9iVinV2EbgbFjnF5eRpGvYlfdaomKQXt8IW9AbDZCFKEMFDzJSQVNY2Jdk
ic+H/Gf85kbe1Xk+rUc81vWyV9NSujyUWIC1Ln2Fx+8X0JrLEle5JhCADvq9AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUE+MwkHiTAxi1bmbjlSBn9jKmdVYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzAyZTM0MzIy
ZTMxMzczNjJlMzAyZjMyMzEyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANkKrAwDQYJKoZIhvcNAQELBQADggEBAMAefA/aQXGrgTXTO+gCDYFNK7xI
BCG38qvDcv6NaFWVkcH6dw4oszw9GiVBwjp1xNeqcitwPUb/GlHGEpbkLfI+aOvN
28g9hh9SSuUDhP1GS0Ie2omWtOJlQqI20a+SKor/9Xn1oa8jzIIhCBpq1+y0WK4m
v22KU1wOlm8u9/CSEVhM/BMqCKoBlOI5G+JsBEHJHbLEPwmzoXAlnevy++ZPL1l1
fvH4bZqgUqhseUDf0x7GnSfkYqOsdjlHyIfTOrrG9rZE/CLmKChiHHMZZgHgUOKH
jkZItWcXkqZnbGWxIJI02xXkczgFZyZZzktJKs+iQ2yx5gJJJeOu4FXBrNw=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:26:12 2025 by rpki-client