Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3136372e38382e33362e302f32322d3234203d3e203437353833.roa
File: 3136372e38382e33362e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: QXo8RSf8H2w0mIKSa0dBrg1abGsYC7TsRhYXfmHLlyY=
Subject key identifier: A6:55:B5:23:91:A5:12:BB:FB:F8:FE:A6:2A:7E:7C:BD:C3:53:4E:9C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4977D10A83A5E8B52D33ADEF2D5A8FB579FE0299
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3136372e38382e33362e302f32322d3234203d3e203437353833.roa
Signing time: Thu 22 May 2025 16:46:25 +0000
ROA not before: Thu 22 May 2025 16:41:25 +0000
ROA not after: Thu 21 May 2026 16:46:25 +0000
asID: 47583
IP address blocks: 167.88.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:77:d1:0a:83:a5:e8:b5:2d:33:ad:ef:2d:5a:8f:b5:79:fe:02:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 22 16:41:25 2025 GMT
Not After : May 21 16:46:25 2026 GMT
Subject: CN=A655B52391A512BBFBF8FEA62A7E7CBDC3534E9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:be:96:07:e4:fd:bc:5b:95:0c:87:48:f1:54:
6a:58:61:c2:8d:1c:cc:1e:2d:20:00:cf:63:86:19:
34:f4:de:40:89:84:48:63:10:7f:d5:83:73:d0:8d:
bc:d3:46:9d:2a:0c:8a:2b:d7:12:08:2b:2d:62:86:
43:c4:b7:6c:4f:96:ac:a7:c6:75:91:b0:7f:c9:0a:
83:d0:70:65:33:6c:0b:b3:36:e0:80:a5:82:28:76:
56:91:0a:5b:ae:25:60:3b:6f:2d:f9:e3:1c:2c:ac:
b6:d2:29:66:fd:6e:94:9b:02:dc:38:33:20:30:17:
1f:1f:ac:a7:e6:7a:e5:53:e9:99:ae:d4:05:69:25:
e0:d6:89:08:56:ba:f8:e7:c5:86:87:a0:04:2a:d9:
15:14:80:cd:bc:62:76:e6:8b:7b:19:7c:f7:c7:d6:
5e:51:1f:5d:1a:7b:69:d7:21:1c:25:1d:41:1a:d6:
9a:0a:d8:6b:8b:c1:ca:65:c2:6a:f9:7c:74:54:ef:
7c:99:f5:95:03:02:c4:63:06:32:bb:9b:f6:ff:a9:
9a:c7:db:ae:d1:8a:87:57:79:d2:95:ee:f5:8f:20:
27:e1:64:ff:55:0e:47:47:97:53:e2:46:80:9b:2a:
66:a9:87:93:29:81:9b:2b:21:14:d7:21:21:b2:c6:
b5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:55:B5:23:91:A5:12:BB:FB:F8:FE:A6:2A:7E:7C:BD:C3:53:4E:9C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3136372e38382e33362e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.88.36.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:20:ef:ca:31:56:c8:af:88:10:0d:8f:18:fe:e1:d5:6b:dd:
72:04:41:ec:d2:af:03:6c:4e:a2:e9:69:47:de:80:23:77:99:
4e:3e:05:d0:4d:e4:ca:59:f9:dd:84:cf:90:76:21:a2:e9:94:
72:c8:6c:8a:91:6e:09:d5:e9:f2:1d:f4:6b:bc:46:d2:cd:ab:
65:af:32:5a:9e:ff:2f:dd:60:e5:8c:c6:57:69:71:8e:d4:8c:
7c:17:cd:38:e7:fb:28:d5:86:85:e6:8f:a9:fc:75:83:cc:5e:
19:db:42:09:a8:74:29:1f:cf:8b:0b:e7:90:22:77:fa:84:a2:
64:30:1d:43:c1:18:87:fc:51:6a:7c:14:57:0a:85:80:f2:8a:
a8:3d:53:48:0f:c0:35:8b:3f:37:de:2d:42:85:59:57:33:2b:
10:41:f9:61:93:e3:93:ba:f9:23:30:db:31:7c:cc:7c:ac:71:
29:63:4b:4d:fc:36:01:cd:76:30:e8:c6:a3:cf:56:b7:15:d2:
e0:1a:91:67:1b:39:3f:20:e7:a9:02:23:5c:69:06:5c:24:22:
2e:9d:31:3b:66:30:69:30:f2:b8:9b:a5:68:77:0c:b7:32:1b:
49:f2:a7:b8:81:ae:62:f1:cc:36:99:84:57:02:67:d7:59:76:
49:d1:0f:01
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUSXfRCoOl6LUtM63vLVqPtXn+ApkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA1MjIxNjQxMjVaFw0yNjA1MjExNjQ2MjVaMDMxMTAvBgNV
BAMTKEE2NTVCNTIzOTFBNTEyQkJGQkY4RkVBNjJBN0U3Q0JEQzM1MzRFOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8vpYH5P28W5UMh0jxVGpYYcKN
HMweLSAAz2OGGTT03kCJhEhjEH/Vg3PQjbzTRp0qDIor1xIIKy1ihkPEt2xPlqyn
xnWRsH/JCoPQcGUzbAuzNuCApYIodlaRCluuJWA7by354xwsrLbSKWb9bpSbAtw4
MyAwFx8frKfmeuVT6Zmu1AVpJeDWiQhWuvjnxYaHoAQq2RUUgM28Ynbmi3sZfPfH
1l5RH10ae2nXIRwlHUEa1poK2GuLwcplwmr5fHRU73yZ9ZUDAsRjBjK7m/b/qZrH
267RiodXedKV7vWPICfhZP9VDkdHl1PiRoCbKmaph5MpgZsrIRTXISGyxrUJAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUplW1I5GlErv7+P6mKn58vcNTTpwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM2MzcyZTM4Mzgy
ZTMzMzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCp1gkMA0GCSqGSIb3DQEBCwUAA4IBAQC5IO/KMVbIr4gQDY8Y/uHVa91yBEHs
0q8DbE6i6WlH3oAjd5lOPgXQTeTKWfndhM+QdiGi6ZRyyGyKkW4J1enyHfRrvEbS
zatlrzJanv8v3WDljMZXaXGO1Ix8F8045/so1YaF5o+p/HWDzF4Z20IJqHQpH8+L
C+eQInf6hKJkMB1DwRiH/FFqfBRXCoWA8oqoPVNID8A1iz833i1ChVlXMysQQflh
k+OTuvkjMNsxfMx8rHEpY0tN/DYBzXYw6Majz1a3FdLgGpFnGzk/IOepAiNcaQZc
JCIunTE7ZjBpMPK4m6Vodwy3MhtJ8qe4ga5i8cw2mYRXAmfXWXZJ0Q8B
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:20:35 2025 by rpki-client