Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa
File: 3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: G/A3heQ5pXLFZqavnPYSLLN++EJYhToz3TJt/IsnCOY=
Subject key identifier: 76:17:FF:94:5A:86:A2:D3:A8:D5:5B:9A:7A:FF:2D:AF:AB:B6:A0:2B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6275292F7B58DFB1E8B74925D393928E52DB7358
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 21 Apr 2025 11:46:07 +0000
ROA not before: Mon 21 Apr 2025 11:41:07 +0000
ROA not after: Mon 20 Apr 2026 11:46:07 +0000
asID: 147049
IP address blocks: 185.172.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:75:29:2f:7b:58:df:b1:e8:b7:49:25:d3:93:92:8e:52:db:73:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 21 11:41:07 2025 GMT
Not After : Apr 20 11:46:07 2026 GMT
Subject: CN=7617FF945A86A2D3A8D55B9A7AFF2DAFABB6A02B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:29:0d:ea:f3:31:46:ca:35:12:cc:4b:2a:0f:
4f:62:47:d4:70:60:25:ef:6e:25:02:f0:8b:91:aa:
4a:57:f5:93:9c:3e:96:60:4d:23:33:7c:e0:91:46:
48:c8:56:41:e2:95:ad:a9:96:34:0a:fe:e5:34:0f:
38:af:58:aa:57:9c:b3:0c:6e:63:e9:cd:b5:e9:94:
2d:10:67:c2:aa:1c:71:5a:39:3c:36:15:ae:2f:58:
90:b8:53:9d:f8:35:b5:79:73:87:b1:5e:43:ba:24:
59:b6:a6:5a:43:14:79:70:9a:65:c9:b2:d0:a1:19:
b2:b9:46:b5:28:a6:41:26:81:a5:f5:ce:86:db:0a:
c9:18:81:8e:58:13:00:a9:03:a1:aa:9b:72:a7:0e:
ae:c8:e9:3e:27:3d:28:34:f7:9c:80:22:42:ca:03:
b8:00:bd:d0:23:b5:dc:0a:c3:18:c6:d9:a0:73:38:
e5:5e:a3:62:c3:1d:d8:6c:8d:f5:50:a3:e3:50:9c:
0f:af:39:55:f9:e6:ca:c2:e2:1f:7d:3d:c8:4f:e5:
70:b4:c6:3c:8c:d5:b6:08:a4:59:5c:8d:d4:e0:be:
35:1d:8e:e5:a3:64:41:84:31:f9:b7:c9:ab:7a:14:
00:04:8c:ba:dc:8e:65:58:e4:d7:e8:c3:da:50:70:
1c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:17:FF:94:5A:86:A2:D3:A8:D5:5B:9A:7A:FF:2D:AF:AB:B6:A0:2B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.53.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:41:00:5b:a7:c2:4d:99:bd:86:96:06:ef:6e:d4:61:30:a4:
05:aa:ad:0e:cb:57:02:1a:72:ee:45:df:c3:b7:69:6b:22:bf:
fc:75:23:95:31:16:b7:0c:10:5d:dd:73:f3:49:07:69:1b:2c:
c9:d4:6b:25:bd:52:a5:e4:c2:5c:89:1e:00:e8:5c:c5:f6:57:
69:38:0a:16:c8:dc:eb:65:1f:07:0f:0f:b0:7f:ea:de:99:5a:
6c:da:e0:a1:71:d3:76:ba:44:d4:4e:d8:c1:dd:23:d6:b9:96:
bf:23:19:86:4a:6b:08:78:4e:a2:6b:dd:85:a0:28:d2:68:80:
82:e8:60:c9:bf:65:3c:06:f1:a6:a2:0b:db:ab:59:b3:f6:c8:
9b:91:a3:d9:5a:c1:a0:db:26:95:9c:76:a5:8e:8a:9a:5b:d1:
73:b8:24:e3:f3:56:b3:d0:dd:2b:3f:0f:ee:c3:ad:6c:f7:f9:
b1:9c:08:8f:0b:68:e8:b0:71:5f:74:2e:82:75:6f:9f:39:d1:
4e:90:b0:c6:8d:90:ec:9f:a8:5f:6b:82:84:ed:e6:94:93:00:
87:34:95:8f:cd:41:19:d5:01:25:0d:c5:53:59:95:ed:cc:9e:
91:92:85:b8:6e:de:61:12:cc:2e:a9:16:58:92:1e:8b:28:6c:
0b:a1:4d:e2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUYnUpL3tY37Hot0kl05OSjlLbc1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA0MjExMTQxMDdaFw0yNjA0MjAxMTQ2MDdaMDMxMTAvBgNV
BAMTKDc2MTdGRjk0NUE4NkEyRDNBOEQ1NUI5QTdBRkYyREFGQUJCNkEwMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrKQ3q8zFGyjUSzEsqD09iR9Rw
YCXvbiUC8IuRqkpX9ZOcPpZgTSMzfOCRRkjIVkHila2pljQK/uU0DzivWKpXnLMM
bmPpzbXplC0QZ8KqHHFaOTw2Fa4vWJC4U534NbV5c4exXkO6JFm2plpDFHlwmmXJ
stChGbK5RrUopkEmgaX1zobbCskYgY5YEwCpA6Gqm3KnDq7I6T4nPSg095yAIkLK
A7gAvdAjtdwKwxjG2aBzOOVeo2LDHdhsjfVQo+NQnA+vOVX55srC4h99PchP5XC0
xjyM1bYIpFlcjdTgvjUdjuWjZEGEMfm3yat6FAAEjLrcjmVY5Nfow9pQcBxtAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUdhf/lFqGotOo1Vuaev8tr6u2oCswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MjJlMzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmsNTANBgkqhkiG9w0BAQsFAAOCAQEAtkEAW6fCTZm9hpYG727UYTCk
BaqtDstXAhpy7kXfw7dpayK//HUjlTEWtwwQXd1z80kHaRssydRrJb1SpeTCXIke
AOhcxfZXaTgKFsjc62UfBw8PsH/q3plabNrgoXHTdrpE1E7Ywd0j1rmWvyMZhkpr
CHhOomvdhaAo0miAguhgyb9lPAbxpqIL26tZs/bIm5Gj2VrBoNsmlZx2pY6KmlvR
c7gk4/NWs9DdKz8P7sOtbPf5sZwIjwto6LBxX3QugnVvnznRTpCwxo2Q7J+oX2uC
hO3mlJMAhzSVj81BGdUBJQ3FU1mV7cyekZKFuG7eYRLMLqkWWJIeiyhsC6FN4g==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:06:42 2025 by rpki-client