Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa
File: 3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: nfY41LRdmziPWANRFw9hqwqahMLuA/N/WN7Azb3GDkk=
Subject key identifier: 57:72:52:BA:C3:12:5E:66:C4:14:CC:3D:0F:01:F1:41:C7:3E:C4:F5
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1FE9F1BA15EFC907385BBCE956B28A1C9C87FCBD
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 27 May 2025 22:46:29 +0000
ROA not before: Tue 27 May 2025 22:41:29 +0000
ROA not after: Tue 26 May 2026 22:46:29 +0000
asID: 204170
IP address blocks: 157.97.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:e9:f1:ba:15:ef:c9:07:38:5b:bc:e9:56:b2:8a:1c:9c:87:fc:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 27 22:41:29 2025 GMT
Not After : May 26 22:46:29 2026 GMT
Subject: CN=577252BAC3125E66C414CC3D0F01F141C73EC4F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1e:c9:be:b5:b8:41:fc:8e:b8:47:f9:7a:42:
c0:61:24:74:7d:d4:d3:3a:d5:b7:a7:eb:61:a7:bc:
01:eb:31:c2:65:82:9a:95:4b:b1:d5:61:46:fe:f5:
bd:3b:b0:0a:de:56:bc:28:b9:34:12:dc:66:3e:b3:
3c:fe:02:6d:68:f3:ec:ea:9e:e4:80:dd:a7:ea:b7:
88:78:7a:b3:a0:16:69:14:95:78:2b:f1:35:61:53:
cf:0a:8e:b1:57:51:7f:89:0a:bd:40:11:11:58:e8:
16:e6:58:21:4b:be:1d:27:7d:73:50:00:dc:eb:62:
8f:07:ea:15:1c:b2:a2:96:a8:0d:83:bf:23:fb:34:
2a:cb:ec:40:82:f1:e2:4f:dc:a7:cb:6a:df:73:ce:
f8:67:18:fc:57:8f:e1:c7:ae:cd:82:67:7d:1c:fe:
1e:4a:74:01:97:ec:e4:9e:2e:63:59:27:d5:17:d4:
b2:ac:d6:a8:a9:80:d7:4a:85:28:3f:7a:c7:d7:9f:
ff:2f:7d:20:ca:31:64:53:c5:af:a7:2f:aa:47:0e:
d1:47:c0:10:c2:78:02:6f:82:80:c4:07:a7:aa:ce:
f9:5a:1f:a9:30:6f:72:47:4f:98:94:70:3e:9f:89:
32:b0:08:e9:56:44:56:f0:de:cc:3e:ec:ad:61:1b:
8c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:72:52:BA:C3:12:5E:66:C4:14:CC:3D:0F:01:F1:41:C7:3E:C4:F5
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.133.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:bb:7d:35:b9:18:d1:67:b5:70:a4:a5:18:0f:f9:25:32:21:
e5:88:b7:a7:f5:12:72:64:3e:93:f2:3c:19:6d:90:d0:19:e6:
6d:79:dd:b6:f2:d9:95:6b:37:52:62:4a:50:32:ca:5b:60:5e:
80:ab:7b:2e:2e:c1:ec:21:03:a3:6e:e1:ca:d9:e6:6a:f7:47:
aa:31:6a:a8:e4:9d:62:f0:5e:7e:03:7c:bd:f2:4f:28:17:b7:
ed:f9:92:f3:d8:b4:13:62:b6:6d:16:83:76:c0:7f:0f:7a:bc:
ae:ee:ce:d4:80:06:29:e8:a1:d9:8b:22:45:68:49:a6:49:f0:
64:be:da:2b:51:7e:95:14:a4:f9:5d:14:36:48:43:8b:96:9a:
f8:3c:b0:d4:c3:61:7f:10:84:f2:f7:5e:34:45:ba:b8:a9:84:
50:e5:4f:48:10:86:2a:32:fc:cf:26:3a:ca:1c:dd:29:3e:6c:
5c:64:69:11:a8:7b:31:09:e4:1c:a0:36:c4:e0:ea:bb:cf:a1:
0c:e3:73:19:f8:ac:bf:5a:98:0b:44:f8:e0:d0:b9:00:16:50:
8d:ca:0b:6e:07:b4:36:5d:71:d5:a1:1d:03:20:68:60:8f:4d:
ef:69:41:8b:34:c1:3d:37:2a:05:f0:fc:14:50:d0:ee:03:94:
47:fa:ab:ae
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUH+nxuhXvyQc4W7zpVrKKHJyH/L0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA1MjcyMjQxMjlaFw0yNjA1MjYyMjQ2MjlaMDMxMTAvBgNV
BAMTKDU3NzI1MkJBQzMxMjVFNjZDNDE0Q0MzRDBGMDFGMTQxQzczRUM0RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWHsm+tbhB/I64R/l6QsBhJHR9
1NM61ben62GnvAHrMcJlgpqVS7HVYUb+9b07sAreVrwouTQS3GY+szz+Am1o8+zq
nuSA3afqt4h4erOgFmkUlXgr8TVhU88KjrFXUX+JCr1AERFY6BbmWCFLvh0nfXNQ
ANzrYo8H6hUcsqKWqA2DvyP7NCrL7ECC8eJP3KfLat9zzvhnGPxXj+HHrs2CZ30c
/h5KdAGX7OSeLmNZJ9UX1LKs1qipgNdKhSg/esfXn/8vfSDKMWRTxa+nL6pHDtFH
wBDCeAJvgoDEB6eqzvlaH6kwb3JHT5iUcD6fiTKwCOlWRFbw3sw+7K1hG4xNAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUV3JSusMSXmbEFMw9DwHxQcc+xPUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM1MzcyZTM5Mzcy
ZTMxMzMzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAJ1hhTANBgkqhkiG9w0BAQsFAAOCAQEAm7t9NbkY0We1cKSlGA/5JTIh
5Yi3p/UScmQ+k/I8GW2Q0BnmbXndtvLZlWs3UmJKUDLKW2BegKt7Li7B7CEDo27h
ytnmavdHqjFqqOSdYvBefgN8vfJPKBe37fmS89i0E2K2bRaDdsB/D3q8ru7O1IAG
Keih2YsiRWhJpknwZL7aK1F+lRSk+V0UNkhDi5aa+Dyw1MNhfxCE8vdeNEW6uKmE
UOVPSBCGKjL8zyY6yhzdKT5sXGRpEah7MQnkHKA2xODqu8+hDONzGfisv1qYC0T4
4NC5ABZQjcoLbge0Nl1x1aEdAyBoYI9N72lBizTBPTcqBfD8FFDQ7gOUR/qrrg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:03:25 2025 by rpki-client