Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139382e302f32332d3234203d3e203437353833.roa
File: 3138352e3137302e3139382e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: EFCuupQHUkU7P4XXiCbgf5eV/KUpECraARrWl1BWhdQ=
Subject key identifier: AB:85:B0:36:85:31:A0:4D:81:76:ED:31:E2:26:27:03:B2:95:8D:9C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5B3D1DE8070AC4754F8B6D6793C14DD4738BA527
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139382e302f32332d3234203d3e203437353833.roa
Signing time: Thu 15 May 2025 10:46:16 +0000
ROA not before: Thu 15 May 2025 10:41:16 +0000
ROA not after: Thu 14 May 2026 10:46:16 +0000
asID: 47583
IP address blocks: 185.170.198.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:3d:1d:e8:07:0a:c4:75:4f:8b:6d:67:93:c1:4d:d4:73:8b:a5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 15 10:41:16 2025 GMT
Not After : May 14 10:46:16 2026 GMT
Subject: CN=AB85B0368531A04D8176ED31E2262703B2958D9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:79:79:ac:32:2a:97:5a:0a:14:91:09:0f:b9:
17:a5:3c:df:cf:d4:8a:ae:7e:1f:a1:b4:d0:0e:3e:
de:d2:56:26:38:fd:82:43:24:f5:d2:8b:4f:2c:2a:
fe:8f:78:c0:5a:48:58:f6:d0:4d:69:bf:e0:ec:75:
c6:b7:d2:ba:69:22:3a:c8:93:d5:f3:ea:0d:ce:47:
96:1b:74:0a:94:6e:28:02:6a:fe:07:6b:f5:6b:80:
94:4e:4b:c2:26:73:3f:30:e4:90:6d:4b:ea:c0:ef:
b2:73:3d:bd:09:e1:f2:e2:3e:12:ad:17:71:a5:a9:
b4:81:7a:1a:f3:27:e5:cc:79:17:f3:c4:02:13:ec:
23:45:aa:e0:62:bd:f3:93:44:08:66:a2:bf:43:cc:
2f:3a:63:c7:a8:20:0f:db:ef:cb:69:99:ac:6d:22:
08:f4:ae:91:8c:26:48:6e:20:45:92:ce:10:e3:fc:
aa:f4:60:f1:75:89:90:83:fc:d5:2b:64:87:7b:de:
87:2d:cd:0a:09:e1:48:f8:53:80:de:e4:d8:ff:c3:
80:37:43:28:3c:96:09:dd:42:99:75:ef:56:a3:ac:
0e:96:6d:fc:b5:52:43:bf:c7:fa:8f:b4:20:59:ee:
15:59:e4:15:f0:32:c1:db:f9:2b:27:cf:f1:5d:af:
91:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:85:B0:36:85:31:A0:4D:81:76:ED:31:E2:26:27:03:B2:95:8D:9C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139382e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.198.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:dc:9e:b8:39:2c:3d:7e:93:7d:bb:d2:ca:e5:ad:93:0b:43:
fb:f9:e1:97:fc:a5:57:44:fc:2d:62:05:89:a1:04:3e:a7:b4:
06:02:87:d4:a6:5f:bc:ff:3d:18:c5:60:c9:80:07:65:f8:86:
4c:64:67:ff:f2:d1:c0:a0:fd:c6:be:25:e4:af:8c:12:47:e9:
e4:27:a3:9e:16:03:ae:60:35:9a:61:68:34:26:f3:cd:a1:93:
35:11:b4:46:f0:3b:e5:c3:31:0e:4c:ff:2a:2c:1d:1a:3d:2b:
07:ca:22:88:24:6f:eb:d3:c0:1f:56:ca:83:65:e3:01:10:7e:
d5:68:d9:10:43:a6:3b:4e:5b:e1:80:43:d5:7c:fa:2c:32:89:
bc:13:2a:97:f7:65:85:9e:bb:9b:ac:db:39:70:1b:5e:b4:4b:
92:75:7f:14:a5:3b:db:f8:56:1b:2e:e7:7c:fb:21:e4:f4:ac:
a2:48:c2:c8:c7:00:be:d1:ee:75:17:6d:7c:04:a5:a0:cb:be:
1a:da:8e:6b:1c:b6:32:6b:a3:a5:79:0e:0f:38:ea:5e:b5:5b:
19:41:a7:76:64:d7:bc:fb:f1:45:74:3e:5a:e3:d5:5c:ef:92:
01:87:1b:62:ca:0c:88:88:a3:3a:47:e4:15:6e:27:c8:bb:a0:
a4:fc:14:ff
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWz0d6AcKxHVPi21nk8FN1HOLpScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA1MTUxMDQxMTZaFw0yNjA1MTQxMDQ2MTZaMDMxMTAvBgNV
BAMTKEFCODVCMDM2ODUzMUEwNEQ4MTc2RUQzMUUyMjYyNzAzQjI5NThEOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBeXmsMiqXWgoUkQkPuRelPN/P
1Iqufh+htNAOPt7SViY4/YJDJPXSi08sKv6PeMBaSFj20E1pv+Dsdca30rppIjrI
k9Xz6g3OR5YbdAqUbigCav4Ha/VrgJROS8Imcz8w5JBtS+rA77JzPb0J4fLiPhKt
F3GlqbSBehrzJ+XMeRfzxAIT7CNFquBivfOTRAhmor9DzC86Y8eoIA/b78tpmaxt
Igj0rpGMJkhuIEWSzhDj/Kr0YPF1iZCD/NUrZId73octzQoJ4Uj4U4De5Nj/w4A3
Qyg8lgndQpl171ajrA6Wbfy1UkO/x/qPtCBZ7hVZ5BXwMsHb+Ssnz/Fdr5GPAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUq4WwNoUxoE2Bdu0x4iYnA7KVjZwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MDJlMzEzOTM4MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmqxjANBgkqhkiG9w0BAQsFAAOCAQEAt9yeuDksPX6TfbvSyuWtkwtD
+/nhl/ylV0T8LWIFiaEEPqe0BgKH1KZfvP89GMVgyYAHZfiGTGRn//LRwKD9xr4l
5K+MEkfp5CejnhYDrmA1mmFoNCbzzaGTNRG0RvA75cMxDkz/KiwdGj0rB8oiiCRv
69PAH1bKg2XjARB+1WjZEEOmO05b4YBD1Xz6LDKJvBMql/dlhZ67m6zbOXAbXrRL
knV/FKU72/hWGy7nfPsh5PSsokjCyMcAvtHudRdtfASloMu+GtqOaxy2MmujpXkO
DzjqXrVbGUGndmTXvPvxRXQ+WuPVXO+SAYcbYsoMiIijOkfkFW4nyLugpPwU/w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:58:39 2025 by rpki-client