Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139362e302f32332d3234203d3e203437353833.roa
File: 3138352e3137302e3139362e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: htJIJSRCsadrJFxvBhlNX1aKF2BTjP4T8CbOwN9KnUk=
Subject key identifier: 4F:97:D2:3A:A1:82:15:FC:15:C9:06:76:4E:8C:E4:9D:F4:21:9B:8C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7070C3D1B1A99C62493E5A2F9C5965E940EF4192
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139362e302f32332d3234203d3e203437353833.roa
Signing time: Tue 13 May 2025 23:46:15 +0000
ROA not before: Tue 13 May 2025 23:41:15 +0000
ROA not after: Tue 12 May 2026 23:46:15 +0000
asID: 47583
IP address blocks: 185.170.196.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:70:c3:d1:b1:a9:9c:62:49:3e:5a:2f:9c:59:65:e9:40:ef:41:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 13 23:41:15 2025 GMT
Not After : May 12 23:46:15 2026 GMT
Subject: CN=4F97D23AA18215FC15C906764E8CE49DF4219B8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3d:77:97:65:ed:9b:94:bd:33:48:d7:a0:17:
6b:a7:99:52:a8:7e:56:6e:a8:58:d7:93:0a:c7:c4:
08:4e:64:1a:3d:fc:8f:60:5c:4f:bd:bb:23:a0:8b:
28:90:89:4e:ce:a2:b3:07:13:84:0a:cb:56:e8:86:
d4:47:b5:8e:7d:32:1d:f8:ef:20:c2:36:e5:18:06:
4a:71:5b:70:78:d4:8e:72:19:5e:62:3e:1c:05:1a:
fe:9e:e0:ce:1a:88:13:af:7c:00:99:80:1b:14:48:
4f:18:71:bd:fd:60:af:04:d9:6c:40:03:96:b0:ea:
da:4b:d4:9c:fb:3e:ac:e2:29:25:cc:73:ff:ee:b7:
f7:a4:16:02:bb:28:9b:07:a2:b2:48:16:d9:5c:84:
ab:e2:33:22:20:af:2a:32:c9:19:a4:b6:44:05:a6:
13:9b:98:56:a4:36:23:c3:0d:31:ea:82:f0:d4:78:
fe:33:25:de:18:ed:c9:a8:5b:23:10:66:ae:6e:e3:
c3:e5:64:fc:b7:62:24:22:23:9e:de:0a:1c:b6:08:
2d:f2:b3:41:ec:97:70:51:99:1a:c3:74:81:03:cf:
fa:65:18:da:01:03:e3:60:06:ac:4a:b9:cc:c5:c3:
0b:e2:7f:b1:21:91:b1:66:de:1b:4b:85:e4:a3:81:
e2:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:97:D2:3A:A1:82:15:FC:15:C9:06:76:4E:8C:E4:9D:F4:21:9B:8C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139362e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.196.0/23
Signature Algorithm: sha256WithRSAEncryption
60:dc:44:96:42:2e:90:90:8d:59:3c:38:f6:38:ea:4e:63:61:
fd:7a:7f:b8:ca:65:60:d9:90:50:1d:e0:64:98:d7:ad:8c:90:
4e:e9:68:ef:ae:cd:15:5b:be:ec:56:b4:c1:f6:0a:4a:f2:a2:
28:eb:e0:07:17:fc:30:3d:fa:39:0f:af:db:6f:7c:76:c9:91:
9c:30:2c:d3:4c:1e:c1:8a:ee:77:2b:fb:e7:95:b3:64:37:f0:
41:22:89:98:26:a1:2c:0d:97:8f:32:b4:6d:43:8b:29:f9:c4:
4f:6a:0f:77:dd:81:71:95:d5:7f:ca:09:a2:3c:41:b3:b7:80:
78:10:c8:e5:c9:19:eb:59:79:3e:a5:dc:58:ba:36:66:36:b8:
16:72:de:f4:a6:9b:d6:3b:81:ed:8f:fd:89:a7:c6:32:f9:ad:
0e:6a:d9:a6:04:4c:ce:19:a3:b3:79:8f:10:db:99:ee:23:28:
97:a3:27:97:37:10:bf:e9:67:d8:2e:b2:e9:fe:37:7b:40:73:
89:cb:c0:8c:22:6b:6a:99:dc:c9:75:d6:89:51:84:0f:fb:9c:
ce:90:77:e3:e4:74:8d:0a:be:93:d5:d8:1e:a4:b3:a6:be:c4:
7b:2f:aa:df:a2:60:f2:a4:49:55:fa:4a:7a:f3:df:c9:d7:2d:
76:ad:41:c3
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUcHDD0bGpnGJJPlovnFll6UDvQZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA1MTMyMzQxMTVaFw0yNjA1MTIyMzQ2MTVaMDMxMTAvBgNV
BAMTKDRGOTdEMjNBQTE4MjE1RkMxNUM5MDY3NjRFOENFNDlERjQyMTlCOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNPXeXZe2blL0zSNegF2unmVKo
flZuqFjXkwrHxAhOZBo9/I9gXE+9uyOgiyiQiU7OorMHE4QKy1bohtRHtY59Mh34
7yDCNuUYBkpxW3B41I5yGV5iPhwFGv6e4M4aiBOvfACZgBsUSE8Ycb39YK8E2WxA
A5aw6tpL1Jz7PqziKSXMc//ut/ekFgK7KJsHorJIFtlchKviMyIgryoyyRmktkQF
phObmFakNiPDDTHqgvDUeP4zJd4Y7cmoWyMQZq5u48PlZPy3YiQiI57eChy2CC3y
s0Hsl3BRmRrDdIEDz/plGNoBA+NgBqxKuczFwwvif7EhkbFm3htLheSjgeKLAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUT5fSOqGCFfwVyQZ2TozknfQhm4wwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MDJlMzEzOTM2MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmqxDANBgkqhkiG9w0BAQsFAAOCAQEAYNxElkIukJCNWTw49jjqTmNh
/Xp/uMplYNmQUB3gZJjXrYyQTulo767NFVu+7Fa0wfYKSvKiKOvgBxf8MD36OQ+v
2298dsmRnDAs00wewYrudyv755WzZDfwQSKJmCahLA2XjzK0bUOLKfnET2oPd92B
cZXVf8oJojxBs7eAeBDI5ckZ61l5PqXcWLo2Zja4FnLe9Kab1juB7Y/9iafGMvmt
DmrZpgRMzhmjs3mPENuZ7iMol6MnlzcQv+ln2C6y6f43e0BzicvAjCJrapncyXXW
iVGED/uczpB34+R0jQq+k9XYHqSzpr7Eey+q36Jg8qRJVfpKevPfydctdq1Bww==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:56:31 2025 by rpki-client