Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38312e32322e33362e302f32342d3234203d3e203239383032.roa
File: 38312e32322e33362e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: gyZSyVRW1BGMkbaha7Yuvz+7Qsy3E8pezpZR+S4wczg=
Subject key identifier: 9E:9A:5D:05:2A:88:F1:08:7D:60:B3:12:6C:4B:D7:09:E4:B0:E0:2B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 54CC696F23D23D0F70C5BEBE61B3DCF5DB29555D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38312e32322e33362e302f32342d3234203d3e203239383032.roa
Signing time: Fri 06 Jun 2025 11:10:53 +0000
ROA not before: Fri 06 Jun 2025 11:05:53 +0000
ROA not after: Fri 05 Jun 2026 11:10:53 +0000
asID: 29802
IP address blocks: 81.22.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:cc:69:6f:23:d2:3d:0f:70:c5:be:be:61:b3:dc:f5:db:29:55:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 6 11:05:53 2025 GMT
Not After : Jun 5 11:10:53 2026 GMT
Subject: CN=9E9A5D052A88F1087D60B3126C4BD709E4B0E02B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:44:ef:33:15:29:bc:a4:5d:22:aa:1c:19:f8:
0d:c5:4f:bc:73:13:1a:05:85:fb:73:9a:a9:10:14:
61:23:73:a3:12:2a:8b:77:18:2a:3a:87:08:89:98:
92:1a:d3:f5:14:91:e8:a4:99:8f:73:43:13:71:a6:
24:18:43:d1:fe:1d:3d:0a:e0:d5:e0:83:1a:e2:fc:
57:be:1f:c2:fb:99:ba:c1:b4:ad:5a:0c:b4:e2:09:
a0:ac:e3:8c:8e:69:77:0b:f8:fe:f1:5b:fd:1f:bf:
a7:d8:2c:3d:34:21:ce:e8:78:4e:6c:a4:2f:72:41:
c9:74:63:d0:13:5b:e6:87:4f:d4:49:e5:bf:3d:66:
15:eb:c1:24:a4:3b:3e:d6:1e:25:c6:80:83:20:9c:
70:8d:4c:60:47:8d:fa:d7:66:76:cc:1e:0e:ce:5e:
c3:4f:d2:18:4c:67:58:27:72:d9:27:be:98:53:9b:
0d:d7:6a:95:a2:8e:1d:a4:75:c7:fe:9a:ef:f4:99:
2a:27:0e:56:b3:59:c0:c2:35:fd:2b:4c:5e:e9:54:
d0:2d:f7:c1:85:24:6d:fa:e2:d4:38:87:5d:3d:69:
f4:4c:1c:fd:c4:9a:36:1c:0f:1b:10:60:2d:46:54:
b2:07:e6:48:19:15:ba:72:80:c5:00:a3:89:83:0f:
29:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9A:5D:05:2A:88:F1:08:7D:60:B3:12:6C:4B:D7:09:E4:B0:E0:2B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38312e32322e33362e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.36.0/24
Signature Algorithm: sha256WithRSAEncryption
72:9e:94:5e:54:f4:32:2c:16:fe:4b:7b:34:7e:34:bb:44:7d:
58:8d:98:82:68:14:2f:cb:86:5f:77:3c:b2:5f:17:7b:5b:f5:
6f:0f:06:cf:fb:8d:c9:05:55:3c:27:ce:b3:85:94:ab:fb:f7:
0f:b0:55:0f:42:00:1b:49:b9:e7:22:4c:62:46:21:6c:b4:d9:
f8:c1:fe:55:2d:57:50:4d:25:d7:10:12:bc:e2:16:b8:f0:35:
fd:c6:ab:d0:d1:dc:63:6d:f5:0b:d7:64:37:a5:01:69:40:01:
7e:5d:da:34:c7:30:31:67:3c:af:ee:7b:c5:89:e5:23:5c:b9:
83:3d:f2:a0:6b:e7:d8:92:fb:cd:5a:07:b1:66:c8:92:10:ad:
99:a0:9c:b5:cb:a4:b6:bf:9a:ab:a0:58:a4:86:67:ac:b4:ac:
e7:8d:77:01:fe:28:3b:08:c2:2b:e8:26:cb:46:d1:e6:0e:48:
f8:a7:a0:a5:0a:fb:d2:0d:94:c4:ab:1d:db:17:06:52:50:3a:
4a:07:2f:3e:f0:a7:82:44:28:38:76:35:3d:20:bc:76:8f:d3:
41:fb:8c:5d:31:63:52:ee:e1:e7:6e:da:c7:d6:61:ff:52:d0:
8b:8d:5a:08:cb:3f:af:e7:36:bf:cb:35:40:34:56:02:ad:09:
a7:98:4e:b3
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUVMxpbyPSPQ9wxb6+YbPc9dspVV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA2MDYxMTA1NTNaFw0yNjA2MDUxMTEwNTNaMDMxMTAvBgNV
BAMTKDlFOUE1RDA1MkE4OEYxMDg3RDYwQjMxMjZDNEJENzA5RTRCMEUwMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXRO8zFSm8pF0iqhwZ+A3FT7xz
ExoFhftzmqkQFGEjc6MSKot3GCo6hwiJmJIa0/UUkeikmY9zQxNxpiQYQ9H+HT0K
4NXggxri/Fe+H8L7mbrBtK1aDLTiCaCs44yOaXcL+P7xW/0fv6fYLD00Ic7oeE5s
pC9yQcl0Y9ATW+aHT9RJ5b89ZhXrwSSkOz7WHiXGgIMgnHCNTGBHjfrXZnbMHg7O
XsNP0hhMZ1gnctknvphTmw3XapWijh2kdcf+mu/0mSonDlazWcDCNf0rTF7pVNAt
98GFJG364tQ4h109afRMHP3EmjYcDxsQYC1GVLIH5kgZFbpygMUAo4mDDykdAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUnppdBSqI8Qh9YLMSbEvXCeSw4CswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMxMmUzMjMyMmUz
MzM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AFEWJDANBgkqhkiG9w0BAQsFAAOCAQEAcp6UXlT0MiwW/kt7NH40u0R9WI2YgmgU
L8uGX3c8sl8Xe1v1bw8Gz/uNyQVVPCfOs4WUq/v3D7BVD0IAG0m55yJMYkYhbLTZ
+MH+VS1XUE0l1xASvOIWuPA1/car0NHcY231C9dkN6UBaUABfl3aNMcwMWc8r+57
xYnlI1y5gz3yoGvn2JL7zVoHsWbIkhCtmaCctcuktr+aq6BYpIZnrLSs5413Af4o
OwjCK+gmy0bR5g5I+KegpQr70g2UxKsd2xcGUlA6SgcvPvCngkQoOHY1PSC8do/T
QfuMXTFjUu7h527ax9Zh/1LQi41aCMs/r+c2v8s1QDRWAq0Jp5hOsw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:05:32 2025 by rpki-client