Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa
File: 3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: 1BIboC4zAb4rHiLPSJcLYyMjUUIzNxkyW47bafD0diw=
Subject key identifier: 3B:4B:A2:FB:CC:80:67:27:A0:08:A1:21:B6:42:19:01:BB:EA:C3:49
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4645C014DDDD933922B5B47109165B40F4E3A60C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa
Signing time: Thu 15 May 2025 10:46:16 +0000
ROA not before: Thu 15 May 2025 10:41:16 +0000
ROA not after: Thu 14 May 2026 10:46:16 +0000
asID: 47583
IP address blocks: 185.164.108.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:45:c0:14:dd:dd:93:39:22:b5:b4:71:09:16:5b:40:f4:e3:a6:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 15 10:41:16 2025 GMT
Not After : May 14 10:46:16 2026 GMT
Subject: CN=3B4BA2FBCC806727A008A121B6421901BBEAC349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:85:06:f7:f5:4e:af:f1:f9:cc:5c:a5:78:53:
a1:ab:c0:a8:ff:7f:9a:d7:7e:fb:d8:fb:bd:a6:76:
ab:0b:93:bd:63:e7:49:90:f3:ff:bc:82:ce:02:67:
e3:32:9a:73:7e:11:83:e6:e5:f4:33:16:7e:25:ac:
00:b8:4b:fe:24:b8:f2:8c:f3:49:ac:50:13:27:76:
4a:19:e0:f2:d0:a8:92:b1:0c:f6:e9:80:71:ff:74:
f7:30:3e:04:58:c2:2d:41:7e:3d:2d:61:55:df:16:
bf:d2:0d:2a:90:57:64:46:e4:1a:fd:ca:fa:90:c3:
6d:43:f2:58:6a:77:ea:8c:35:a5:f7:b9:53:57:ef:
84:66:b7:46:45:95:9e:d1:de:94:21:fe:d5:76:1e:
14:a4:95:3a:54:5e:bf:c4:95:c5:d2:88:a0:1a:78:
2d:9d:c8:26:8c:39:3e:15:e9:17:87:aa:44:bc:a5:
d9:4f:7c:bb:63:c6:44:b1:25:65:3a:c6:aa:5c:e9:
59:b4:1b:1e:e8:85:9f:62:11:52:0b:04:29:96:21:
f6:31:76:8a:90:b3:9e:4b:e3:79:9f:72:f1:e8:1a:
36:2a:78:6b:19:1b:ed:a7:a5:53:38:d8:8b:c4:2d:
c5:bc:56:57:db:00:d6:67:06:4c:97:6e:50:a2:23:
91:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4B:A2:FB:CC:80:67:27:A0:08:A1:21:B6:42:19:01:BB:EA:C3:49
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.108.0/23
Signature Algorithm: sha256WithRSAEncryption
38:47:aa:49:b3:6b:31:b5:e7:de:68:09:02:69:09:cd:0b:8a:
8c:1e:45:4f:0a:fc:26:c4:80:cc:bd:5e:d3:49:3f:4c:99:e8:
e0:2c:a9:31:d4:71:71:55:50:a5:e3:54:06:91:1a:53:c5:c1:
c1:3d:9d:8a:3d:9f:0c:66:70:5a:48:05:b7:e9:2c:d9:65:0f:
2f:c2:90:a2:e6:85:78:8a:54:c1:81:f0:7e:44:18:b1:88:40:
53:be:8d:27:98:6c:3d:52:01:12:d5:99:23:30:27:f1:5a:32:
64:a5:72:88:8f:7c:82:72:8e:e7:90:10:dc:29:3d:19:ed:a8:
a2:bf:1c:7b:69:09:61:cb:50:a4:b0:4e:db:a5:12:23:24:5c:
2f:ac:55:ba:14:ff:26:33:fc:a5:f5:7b:a8:94:1a:d1:a7:bd:
90:ea:d6:8d:32:6c:fa:05:bb:88:84:4b:53:d4:e9:c2:06:27:
c6:a6:2d:11:ca:8d:8c:c3:53:23:ee:0b:e0:eb:fb:94:b1:42:
e8:00:3c:b5:9a:36:f8:a8:22:87:9f:e7:98:0e:1b:42:3d:4c:
f7:b1:94:be:78:01:9b:b1:0c:03:8a:f9:3d:bd:a5:1d:22:e0:
35:fd:a4:66:cb:2f:6a:01:10:e3:63:1e:54:ce:3a:2b:40:af:
8d:69:79:b6
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIURkXAFN3dkzkitbRxCRZbQPTjpgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA1MTUxMDQxMTZaFw0yNjA1MTQxMDQ2MTZaMDMxMTAvBgNV
BAMTKDNCNEJBMkZCQ0M4MDY3MjdBMDA4QTEyMUI2NDIxOTAxQkJFQUMzNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPhQb39U6v8fnMXKV4U6GrwKj/
f5rXfvvY+72mdqsLk71j50mQ8/+8gs4CZ+MymnN+EYPm5fQzFn4lrAC4S/4kuPKM
80msUBMndkoZ4PLQqJKxDPbpgHH/dPcwPgRYwi1Bfj0tYVXfFr/SDSqQV2RG5Br9
yvqQw21D8lhqd+qMNaX3uVNX74Rmt0ZFlZ7R3pQh/tV2HhSklTpUXr/ElcXSiKAa
eC2dyCaMOT4V6ReHqkS8pdlPfLtjxkSxJWU6xqpc6Vm0Gx7ohZ9iEVILBCmWIfYx
doqQs55L43mfcvHoGjYqeGsZG+2npVM42IvELcW8VlfbANZnBkyXblCiI5HnAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUO0ui+8yAZyegCKEhtkIZAbvqw0kwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NDJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmkbDANBgkqhkiG9w0BAQsFAAOCAQEAOEeqSbNrMbXn3mgJAmkJzQuK
jB5FTwr8JsSAzL1e00k/TJno4CypMdRxcVVQpeNUBpEaU8XBwT2dij2fDGZwWkgF
t+ks2WUPL8KQouaFeIpUwYHwfkQYsYhAU76NJ5hsPVIBEtWZIzAn8VoyZKVyiI98
gnKO55AQ3Ck9Ge2oor8ce2kJYctQpLBO26USIyRcL6xVuhT/JjP8pfV7qJQa0ae9
kOrWjTJs+gW7iIRLU9TpwgYnxqYtEcqNjMNTI+4L4Ov7lLFC6AA8tZo2+Kgih5/n
mA4bQj1M97GUvngBm7EMA4r5Pb2lHSLgNf2kZssvagEQ42MeVM46K0CvjWl5tg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:33:58 2025 by rpki-client