Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139352e302f32342d3234203d3e20313337323335.roa
File: 34352e3133372e3139352e302f32342d3234203d3e20313337323335.roa (raw, json)
Hash identifier: IdyuZOXwcAhUQg6ppPqwAcmhE/YDOA2wM7i2MyULEFc=
Subject key identifier: E8:85:45:42:67:8A:6C:37:0E:1B:C7:A9:F2:23:1A:5A:2C:35:70:60
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 02EB2FD0D429DA7B3EE234A0C98CB6E63E97DA55
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139352e302f32342d3234203d3e20313337323335.roa
Signing time: Thu 12 Jun 2025 05:41:12 +0000
ROA not before: Thu 12 Jun 2025 05:36:12 +0000
ROA not after: Thu 11 Jun 2026 05:41:12 +0000
asID: 137235
IP address blocks: 45.137.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:eb:2f:d0:d4:29:da:7b:3e:e2:34:a0:c9:8c:b6:e6:3e:97:da:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 12 05:36:12 2025 GMT
Not After : Jun 11 05:41:12 2026 GMT
Subject: CN=E8854542678A6C370E1BC7A9F2231A5A2C357060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:4a:b9:00:3c:9a:ae:51:70:e2:3d:90:10:04:
27:ba:1d:d9:03:d6:a5:66:1d:86:3d:7f:16:5e:51:
19:b8:4a:3c:59:6d:45:f0:51:23:ec:17:47:79:c8:
1a:15:25:aa:e8:04:f4:27:be:67:c1:8f:0b:25:dc:
2d:62:76:24:5a:f9:eb:b3:d8:d8:ab:c7:c3:ae:50:
2a:2c:68:f8:5f:ed:0e:10:3f:cb:9c:64:cd:4d:84:
db:dd:97:e1:e7:cf:58:7f:a7:27:2c:d2:38:8d:0e:
c8:40:5b:66:24:04:16:3a:5d:75:ba:b2:0a:de:30:
ce:8e:be:14:fa:46:b8:ae:5d:35:e0:1a:75:ab:e9:
17:da:02:9d:9f:d7:1e:86:08:37:68:fc:f6:47:dd:
36:8e:11:3d:22:b2:db:3d:14:4e:44:40:55:36:e9:
c0:47:06:05:86:7a:29:e5:df:3e:6e:13:94:e7:a4:
30:7c:4d:23:c9:1c:18:a7:ed:97:a0:36:02:fe:3a:
76:71:81:7d:73:64:ee:11:35:c8:86:6e:90:81:00:
2d:89:7a:c5:bf:fc:fa:cb:96:2a:4a:11:b8:91:f9:
78:f1:07:2f:c1:a3:07:ff:9a:d6:53:d7:c5:a1:1e:
99:a4:20:84:bc:34:02:e4:2c:84:4f:1c:02:0c:f6:
8b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:85:45:42:67:8A:6C:37:0E:1B:C7:A9:F2:23:1A:5A:2C:35:70:60
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139352e302f32342d3234203d3e20313337323335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.195.0/24
Signature Algorithm: sha256WithRSAEncryption
99:78:9f:84:10:7b:53:f3:d7:a7:4e:5c:69:88:8e:03:da:70:
29:51:22:28:e0:35:74:fd:4c:68:da:9f:45:b5:ac:1f:e0:4f:
fb:3d:9b:92:ca:09:bc:ae:43:84:97:ca:85:12:a5:d1:5d:47:
ba:7d:57:e1:08:b8:00:88:af:23:e5:97:16:4f:c6:76:67:da:
1a:c6:cd:a8:24:77:3f:b8:33:bb:f2:2b:2e:3d:cf:7e:5d:89:
f0:22:ef:03:22:01:98:9a:83:5b:4a:c7:f4:a7:27:dc:5f:61:
bb:9d:87:16:ef:66:48:c3:30:35:2f:22:c2:fd:c3:d1:c2:6d:
f5:de:97:3b:68:ed:cc:80:bf:bb:69:1f:3d:a1:6e:31:1f:ff:
1f:e1:46:2d:8b:9e:31:a5:84:c4:3b:ae:54:b5:60:af:21:4c:
b1:79:26:ef:b7:4f:cd:56:07:a4:45:84:45:6c:7e:c7:11:b4:
81:01:fb:8e:d9:b9:e2:43:2b:56:86:de:36:92:f1:f2:02:c6:
f2:d9:7d:5e:a4:f3:1a:0c:ff:f0:6c:98:07:2c:e0:5b:25:ad:
df:5a:73:68:36:e1:55:7f:7e:f2:26:f8:f2:5f:2a:82:8c:27:
4e:38:8a:38:3e:a5:48:f9:f2:f4:a7:55:c7:01:79:26:5c:91:
d2:e2:cf:23
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUAusv0NQp2ns+4jSgyYy25j6X2lUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MTIwNTM2MTJaFw0yNjA2MTEwNTQxMTJaMDMxMTAvBgNV
BAMTKEU4ODU0NTQyNjc4QTZDMzcwRTFCQzdBOUYyMjMxQTVBMkMzNTcwNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5SrkAPJquUXDiPZAQBCe6HdkD
1qVmHYY9fxZeURm4SjxZbUXwUSPsF0d5yBoVJaroBPQnvmfBjwsl3C1idiRa+euz
2Nirx8OuUCosaPhf7Q4QP8ucZM1NhNvdl+Hnz1h/pycs0jiNDshAW2YkBBY6XXW6
sgreMM6OvhT6RriuXTXgGnWr6RfaAp2f1x6GCDdo/PZH3TaOET0ists9FE5EQFU2
6cBHBgWGeinl3z5uE5TnpDB8TSPJHBin7ZegNgL+OnZxgX1zZO4RNciGbpCBAC2J
esW//PrLlipKEbiR+XjxBy/Bowf/mtZT18WhHpmkIIS8NALkLIRPHAIM9ovzAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU6IVFQmeKbDcOG8ep8iMaWiw1cGAwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzcy
ZTMxMzkzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNzMyMzMzNS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2JwzANBgkqhkiG9w0BAQsFAAOCAQEAmXifhBB7U/PXp05caYiOA9pw
KVEiKOA1dP1MaNqfRbWsH+BP+z2bksoJvK5DhJfKhRKl0V1Hun1X4Qi4AIivI+WX
Fk/GdmfaGsbNqCR3P7gzu/IrLj3Pfl2J8CLvAyIBmJqDW0rH9Kcn3F9hu52HFu9m
SMMwNS8iwv3D0cJt9d6XO2jtzIC/u2kfPaFuMR//H+FGLYueMaWExDuuVLVgryFM
sXkm77dPzVYHpEWERWx+xxG0gQH7jtm54kMrVobeNpLx8gLG8tl9XqTzGgz/8GyY
ByzgWyWt31pzaDbhVX9+8ib48l8qgownTjiKOD6lSPny9KdVxwF5JlyR0uLPIw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 12:57:26 2025 by rpki-client