Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34382e302f32342d3234203d3e20313336373837.roa
File: 3139342e3234322e34382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: RQnRYYiXod/Mch4xAPDLWh7vcGUk3Ji54v5YD9UjUtY=
Subject key identifier: CD:DB:A8:B1:C9:5C:B7:BB:52:F3:26:B3:6B:4F:DC:04:7E:C3:D1:96
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 30DA2AD1AC958E085FF0213E8291389DA9FC2BBD
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 25 Apr 2025 17:34:51 +0000
ROA not before: Fri 25 Apr 2025 17:29:51 +0000
ROA not after: Fri 24 Apr 2026 17:34:51 +0000
asID: 136787
IP address blocks: 194.242.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:da:2a:d1:ac:95:8e:08:5f:f0:21:3e:82:91:38:9d:a9:fc:2b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Apr 25 17:29:51 2025 GMT
Not After : Apr 24 17:34:51 2026 GMT
Subject: CN=CDDBA8B1C95CB7BB52F326B36B4FDC047EC3D196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b0:1b:2d:6e:1e:a4:52:fb:6b:6e:12:6d:d2:
9a:70:a7:25:3c:cd:94:b9:e9:a7:71:19:77:dc:ed:
03:85:e1:b1:a5:40:38:4c:25:0e:57:47:d3:77:87:
20:a1:69:06:05:1d:ea:93:8f:1f:97:dc:9c:e5:fc:
b6:18:50:d7:5b:15:02:a1:e2:18:67:48:92:41:19:
59:ef:e7:c9:32:09:ec:c0:68:f8:52:40:06:aa:b5:
f5:c9:96:87:cc:42:06:06:ea:b5:f6:09:97:03:6a:
cb:9c:e4:03:55:f5:00:d6:53:88:99:60:0f:f1:98:
7f:83:7a:77:14:a2:94:fc:b6:05:54:9d:d4:7b:17:
f2:ec:6a:a7:c0:eb:25:e6:e7:ea:3f:40:ba:8a:18:
33:e9:fd:76:e6:b8:26:03:b7:29:8f:42:e6:43:a8:
0e:71:7d:21:1a:4e:15:bf:db:90:67:52:26:6c:07:
b3:78:73:10:f1:fd:40:22:7e:c3:7a:b8:ad:1f:a8:
17:f1:50:7f:cf:e8:5e:a7:1e:7d:14:54:cd:c5:0b:
46:5b:50:66:49:ab:c8:f9:07:83:c3:80:25:fb:88:
78:2d:a6:78:26:3a:3f:2f:a5:fd:1d:a9:3c:dc:d1:
d8:84:b4:51:e0:c9:09:40:22:14:9c:d1:66:59:6f:
c6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DB:A8:B1:C9:5C:B7:BB:52:F3:26:B3:6B:4F:DC:04:7E:C3:D1:96
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e34382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.48.0/24
Signature Algorithm: sha256WithRSAEncryption
58:b2:ac:ab:8a:5c:c6:73:99:a3:42:ae:f1:d1:24:27:17:bb:
b1:d5:69:96:02:3c:84:40:99:2a:7f:42:19:9f:e3:7f:c2:30:
63:08:46:30:57:50:2b:c0:a2:0a:53:54:27:18:f6:84:0e:61:
fa:0b:76:b7:fc:a3:75:d8:91:8d:d7:67:67:ba:b7:b3:5b:65:
db:ff:da:1d:e8:29:0c:74:65:c6:ee:31:72:4a:94:c6:bf:dc:
89:d5:33:60:1d:8d:da:f6:69:12:ef:97:e1:63:af:ec:d0:e9:
44:56:55:1c:7b:68:14:1d:6c:3a:ab:4f:20:6b:da:d6:c2:9b:
8b:7a:ab:a5:29:f4:4e:92:04:e4:58:65:ee:19:f2:14:75:7d:
2b:9f:9a:03:99:55:da:f1:aa:92:dd:fb:45:bd:f9:9e:69:bd:
3a:dd:98:da:98:ca:fd:36:42:74:7c:74:c2:1d:8c:b6:c5:61:
e0:0e:03:21:f3:77:4d:28:40:ca:e3:95:20:67:64:f6:47:2d:
c9:b2:80:33:51:a0:d4:71:c5:41:05:5e:c5:3d:80:1a:80:b5:
5f:d8:7f:21:7f:12:27:08:77:db:a8:af:fa:61:19:07:43:e2:
a0:24:61:a3:14:a7:48:9a:ef:37:6a:2f:1d:34:9a:49:1a:91:
11:ca:9e:d6
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUMNoq0ayVjghf8CE+gpE4nan8K70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA0MjUxNzI5NTFaFw0yNjA0MjQxNzM0NTFaMDMxMTAvBgNV
BAMTKENEREJBOEIxQzk1Q0I3QkI1MkYzMjZCMzZCNEZEQzA0N0VDM0QxOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDasBstbh6kUvtrbhJt0ppwpyU8
zZS56adxGXfc7QOF4bGlQDhMJQ5XR9N3hyChaQYFHeqTjx+X3Jzl/LYYUNdbFQKh
4hhnSJJBGVnv58kyCezAaPhSQAaqtfXJlofMQgYG6rX2CZcDasuc5ANV9QDWU4iZ
YA/xmH+DencUopT8tgVUndR7F/LsaqfA6yXm5+o/QLqKGDPp/XbmuCYDtymPQuZD
qA5xfSEaThW/25BnUiZsB7N4cxDx/UAifsN6uK0fqBfxUH/P6F6nHn0UVM3FC0Zb
UGZJq8j5B4PDgCX7iHgtpngmOj8vpf0dqTzc0diEtFHgyQlAIhSc0WZZb8Y7AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUzduosclct7tS8yaza0/cBH7D0ZYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMyMzQz
MjJlMzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMLyMDANBgkqhkiG9w0BAQsFAAOCAQEAWLKsq4pcxnOZo0Ku8dEkJxe7
sdVplgI8hECZKn9CGZ/jf8IwYwhGMFdQK8CiClNUJxj2hA5h+gt2t/yjddiRjddn
Z7q3s1tl2//aHegpDHRlxu4xckqUxr/cidUzYB2N2vZpEu+X4WOv7NDpRFZVHHto
FB1sOqtPIGva1sKbi3qrpSn0TpIE5Fhl7hnyFHV9K5+aA5lV2vGqkt37Rb35nmm9
Ot2Y2pjK/TZCdHx0wh2MtsVh4A4DIfN3TShAyuOVIGdk9kctybKAM1Gg1HHFQQVe
xT2AGoC1X9h/IX8SJwh326iv+mEZB0PioCRhoxSnSJrvN2ovHTSaSRqREcqe1g==
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:26:25 2025 by rpki-client