Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3138342e302f32312d3332203d3e203531313637.roa
File: 3130302e34322e3138342e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: EQyks4PjSZduvHVbpGIP9yz2PgJsUpDeqbPhh1XP7Fo=
Subject key identifier: E3:26:5F:B8:33:F8:51:ED:C9:46:8D:F1:83:1D:E4:5A:23:46:BB:3B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4A9AA947FB0D91070D1835AB8501432EE32CE0E6
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3138342e302f32312d3332203d3e203531313637.roa
Signing time: Mon 12 May 2025 10:46:12 +0000
ROA not before: Mon 12 May 2025 10:41:12 +0000
ROA not after: Mon 11 May 2026 10:46:12 +0000
asID: 51167
IP address blocks: 100.42.184.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:9a:a9:47:fb:0d:91:07:0d:18:35:ab:85:01:43:2e:e3:2c:e0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 12 10:41:12 2025 GMT
Not After : May 11 10:46:12 2026 GMT
Subject: CN=E3265FB833F851EDC9468DF1831DE45A2346BB3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:68:68:1f:b9:72:3c:47:fe:59:9c:de:5e:b6:
f9:08:b3:ac:7f:36:ba:24:e0:63:98:ed:71:e5:43:
dc:1e:58:7f:29:56:e2:59:54:71:3a:6a:63:84:5d:
bf:a5:b4:f7:b3:f3:19:46:42:84:0a:e7:e1:7f:d6:
c9:25:2e:36:db:24:5d:05:38:f7:dd:0d:9d:1e:b2:
69:fc:9e:f9:25:7b:ba:47:1d:5b:f3:8d:aa:ae:9c:
0e:63:07:6b:d6:56:4d:8d:86:60:20:ac:7d:99:e3:
51:46:ee:0e:c7:51:13:33:5d:4a:6f:62:ea:c9:02:
a1:72:82:d4:72:27:16:d2:02:8f:24:d8:4d:42:8f:
85:29:9b:fb:4f:9e:ed:e6:a5:69:d4:bc:d4:da:e9:
28:7f:95:f3:1f:b6:08:6d:01:c9:a0:d3:96:3e:d0:
34:ac:70:46:90:ee:73:b4:f2:4a:14:45:d4:fb:f5:
ed:51:b1:a2:7d:d3:04:f3:91:9e:e5:7b:fd:bc:8c:
2e:73:e4:9a:06:96:db:64:f2:a4:92:05:67:24:56:
93:14:2a:a5:de:83:1e:0a:64:c5:cc:a4:10:df:97:
b8:c3:94:d6:af:0b:79:ed:60:d7:c2:db:05:d9:e8:
8a:27:23:72:41:a0:df:ee:92:ee:4e:c3:47:9b:8a:
3c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:26:5F:B8:33:F8:51:ED:C9:46:8D:F1:83:1D:E4:5A:23:46:BB:3B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3138342e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
100.42.184.0/21
Signature Algorithm: sha256WithRSAEncryption
a0:14:2f:96:06:ac:42:da:ae:8e:e2:70:3f:9f:f3:52:5d:09:
6f:2e:47:bb:ad:47:bc:0e:fa:fd:a8:c2:4f:1c:e2:80:c5:07:
bd:e0:89:30:b2:fe:03:9c:9c:54:ee:04:74:8a:f1:53:bd:a6:
4f:f2:ee:e6:f0:25:ce:ae:c0:fa:1f:8d:5a:2a:67:93:b5:fb:
8e:5b:ad:76:57:1c:75:ce:09:c3:0a:af:c3:4e:21:48:79:b5:
a8:aa:ae:15:cd:d8:1c:3f:57:49:5f:c2:7f:69:4f:3b:da:48:
a5:7f:52:fd:ac:b5:e4:63:60:16:3f:2a:e5:9e:4d:95:a5:c6:
8b:0b:a6:55:7e:4b:6b:9f:84:f9:a4:a8:7a:4e:69:e5:cb:d7:
b7:7a:0f:18:5e:10:4b:21:c4:da:3b:1f:55:9c:3d:bb:1d:a0:
2d:d5:0e:81:df:52:3b:f3:ce:ad:d3:eb:5a:7f:5f:a2:08:f6:
e8:b4:78:b8:3e:cf:86:5b:11:31:bc:cc:e8:b6:57:ca:9f:86:
7b:fc:3c:92:c6:a2:16:ad:d3:77:04:a9:2b:67:00:54:6a:b3:
6d:ee:c7:14:d6:6a:ec:22:94:e5:ab:38:79:33:57:b3:b1:9a:
61:1d:2f:95:91:d7:d0:0c:de:9a:d2:e8:18:47:cf:5b:d3:28:
1f:89:b8:9e
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUSpqpR/sNkQcNGDWrhQFDLuMs4OYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA1MTIxMDQxMTJaFw0yNjA1MTExMDQ2MTJaMDMxMTAvBgNV
BAMTKEUzMjY1RkI4MzNGODUxRURDOTQ2OERGMTgzMURFNDVBMjM0NkJCM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRaGgfuXI8R/5ZnN5etvkIs6x/
Nrok4GOY7XHlQ9weWH8pVuJZVHE6amOEXb+ltPez8xlGQoQK5+F/1sklLjbbJF0F
OPfdDZ0esmn8nvkle7pHHVvzjaqunA5jB2vWVk2NhmAgrH2Z41FG7g7HURMzXUpv
YurJAqFygtRyJxbSAo8k2E1Cj4Upm/tPnu3mpWnUvNTa6Sh/lfMftghtAcmg05Y+
0DSscEaQ7nO08koURdT79e1RsaJ90wTzkZ7le/28jC5z5JoGlttk8qSSBWckVpMU
KqXegx4KZMXMpBDfl7jDlNavC3ntYNfC2wXZ6IonI3JBoN/uku5Ow0ebijydAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU4yZfuDP4Ue3JRo3xgx3kWiNGuzswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzAyZTM0MzIy
ZTMxMzgzNDJlMzAyZjMyMzEyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANkKrgwDQYJKoZIhvcNAQELBQADggEBAKAUL5YGrELaro7icD+f81JdCW8u
R7utR7wO+v2owk8c4oDFB73giTCy/gOcnFTuBHSK8VO9pk/y7ubwJc6uwPofjVoq
Z5O1+45brXZXHHXOCcMKr8NOIUh5taiqrhXN2Bw/V0lfwn9pTzvaSKV/Uv2steRj
YBY/KuWeTZWlxosLplV+S2ufhPmkqHpOaeXL17d6DxheEEshxNo7H1WcPbsdoC3V
DoHfUjvzzq3T61p/X6II9ui0eLg+z4ZbETG8zOi2V8qfhnv8PJLGohat03cEqStn
AFRqs23uxxTWauwilOWrOHkzV7OxmmEdL5WR19AM3prS6BhHz1vTKB+JuJ4=
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:21:24 2025 by rpki-client