Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa
File: 3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: Nl3YbaOy8X6gOCvTvblncYY1aSf3eg1Pb9GanjiS16w=
Subject key identifier: 11:FD:5E:C1:50:4D:23:E2:91:9F:B9:6F:E0:FE:2D:6C:3C:02:AA:6D
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 31794CC7CEBDA336849B3BE352DFCBD1741FA8C2
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa
Signing time: Thu 15 May 2025 10:46:16 +0000
ROA not before: Thu 15 May 2025 10:41:16 +0000
ROA not after: Thu 14 May 2026 10:46:16 +0000
asID: 47583
IP address blocks: 185.173.108.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 20:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:79:4c:c7:ce:bd:a3:36:84:9b:3b:e3:52:df:cb:d1:74:1f:a8:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 15 10:41:16 2025 GMT
Not After : May 14 10:46:16 2026 GMT
Subject: CN=11FD5EC1504D23E2919FB96FE0FE2D6C3C02AA6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4f:f3:a0:4c:cc:7a:d2:2d:c2:b0:a5:f9:c5:
4c:0c:87:ab:8d:df:20:8d:1f:dd:7f:2c:3f:eb:aa:
4d:c9:d3:24:f2:1e:43:25:74:1e:83:6a:72:15:9b:
eb:a3:89:41:19:93:45:b9:f5:13:b4:0e:8e:1c:a1:
01:f6:57:d2:c6:a4:c9:90:c6:e7:0b:b1:e2:c5:de:
d9:56:45:30:0c:08:4f:9e:fd:5b:62:14:05:0d:a7:
da:8f:e1:0b:d8:32:56:04:0e:d3:ee:3b:91:e0:02:
24:1d:28:de:18:60:17:b4:84:79:3c:3c:f7:c6:9a:
0c:97:76:02:b3:23:f6:d3:3a:aa:b3:ed:c9:a8:d7:
9a:55:61:d3:6a:11:94:52:2c:15:cb:14:50:88:1f:
fb:7e:84:e6:ca:73:ac:47:ab:95:2a:f4:d5:47:f3:
68:1b:f6:91:f4:80:f3:ab:f9:d3:15:63:e6:35:cd:
08:62:17:fa:38:72:cb:b7:49:67:f3:56:7a:69:f7:
1f:12:fa:75:99:2f:89:6c:35:45:02:9f:6c:c1:8e:
16:ad:2e:9b:0a:7b:c9:e3:3d:37:ac:77:68:d1:3d:
b1:80:ff:2f:2e:6f:e4:40:47:c6:63:f1:ea:11:6e:
cb:e2:91:59:f8:13:36:7e:5e:6b:ec:82:5a:e9:96:
cb:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:FD:5E:C1:50:4D:23:E2:91:9F:B9:6F:E0:FE:2D:6C:3C:02:AA:6D
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.108.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:17:67:3e:f7:16:4b:94:ba:b2:31:0d:ea:12:bc:f0:87:bd:
18:5a:c5:ce:29:44:24:07:a3:53:45:8e:4b:b0:e7:3b:34:36:
49:df:a1:bc:4d:38:db:61:11:c1:8f:40:3c:4a:07:54:0c:97:
f9:31:25:41:82:c2:c7:69:20:1e:c4:9e:ac:8f:47:8c:4c:e9:
c6:df:dc:6a:09:c4:81:e9:65:c0:73:29:5e:df:8c:91:fd:7d:
ef:ba:d8:a2:52:bf:5b:04:13:86:56:13:c5:50:db:11:74:1f:
13:2c:f9:5c:ae:99:07:55:be:24:18:cf:f1:84:78:0c:12:a1:
74:3c:a3:d6:22:0c:33:35:ad:60:c5:37:b4:33:f3:96:9d:ed:
34:30:ad:ec:12:ca:7a:84:96:23:af:68:00:3b:89:da:d3:18:
06:cd:38:09:5b:53:52:2c:36:5d:5d:bc:5a:2d:26:72:56:99:
f0:4d:6c:e9:df:f0:59:b6:fe:bd:55:70:8b:07:b9:1b:9e:d6:
dc:20:45:f9:dc:4b:15:da:64:bf:81:d6:4e:c2:0c:e6:17:a5:
57:cc:6c:dc:31:44:ae:37:16:6e:4a:17:6a:0f:e6:11:8b:68:
a4:e3:f0:ae:b8:79:1a:5e:19:7b:1a:8e:99:a2:1b:f7:57:80:
05:c3:d6:b2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUMXlMx869ozaEmzvjUt/L0XQfqMIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA1MTUxMDQxMTZaFw0yNjA1MTQxMDQ2MTZaMDMxMTAvBgNV
BAMTKDExRkQ1RUMxNTA0RDIzRTI5MTlGQjk2RkUwRkUyRDZDM0MwMkFBNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAT/OgTMx60i3CsKX5xUwMh6uN
3yCNH91/LD/rqk3J0yTyHkMldB6DanIVm+ujiUEZk0W59RO0Do4coQH2V9LGpMmQ
xucLseLF3tlWRTAMCE+e/VtiFAUNp9qP4QvYMlYEDtPuO5HgAiQdKN4YYBe0hHk8
PPfGmgyXdgKzI/bTOqqz7cmo15pVYdNqEZRSLBXLFFCIH/t+hObKc6xHq5Uq9NVH
82gb9pH0gPOr+dMVY+Y1zQhiF/o4csu3SWfzVnpp9x8S+nWZL4lsNUUCn2zBjhat
LpsKe8njPTesd2jRPbGA/y8ub+RAR8Zj8eoRbsvikVn4EzZ+Xmvsglrplsv7AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUEf1ewVBNI+KRn7lv4P4tbDwCqm0wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MzJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmtbDANBgkqhkiG9w0BAQsFAAOCAQEAixdnPvcWS5S6sjEN6hK88Ie9
GFrFzilEJAejU0WOS7DnOzQ2Sd+hvE0422ERwY9APEoHVAyX+TElQYLCx2kgHsSe
rI9HjEzpxt/cagnEgellwHMpXt+Mkf1977rYolK/WwQThlYTxVDbEXQfEyz5XK6Z
B1W+JBjP8YR4DBKhdDyj1iIMMzWtYMU3tDPzlp3tNDCt7BLKeoSWI69oADuJ2tMY
Bs04CVtTUiw2XV28Wi0mclaZ8E1s6d/wWbb+vVVwiwe5G57W3CBF+dxLFdpkv4HW
TsIM5helV8xs3DFErjcWbkoXag/mEYtopOPwrrh5Gl4ZexqOmaIb91eABcPWsg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:50:18 2025 by rpki-client