Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3137362e302f32312d3332203d3e203531313637.roa
File: 3130302e34322e3137362e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: Axn4sRayXbgVf7/Wx2gC4odFlINBKpYlLKTc9zagQxY=
Subject key identifier: 66:B2:B2:59:F9:08:8B:3A:A5:40:FB:C8:0B:CB:31:6B:60:DF:5B:36
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 785A64BE66AD758BCE2EB29880638011FD951B08
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3137362e302f32312d3332203d3e203531313637.roa
Signing time: Mon 10 Jun 2024 09:49:42 +0000
ROA not before: Mon 10 Jun 2024 09:44:42 +0000
ROA not after: Mon 09 Jun 2025 09:49:42 +0000
asID: 51167
IP address blocks: 100.42.176.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 06:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:5a:64:be:66:ad:75:8b:ce:2e:b2:98:80:63:80:11:fd:95:1b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 10 09:44:42 2024 GMT
Not After : Jun 9 09:49:42 2025 GMT
Subject: CN=66B2B259F9088B3AA540FBC80BCB316B60DF5B36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b5:ce:f2:48:f3:1e:70:80:7d:8c:eb:42:0c:
ea:cf:6c:88:51:e5:bb:fc:ca:65:7e:fb:23:97:8d:
9d:77:21:2d:ae:61:86:f0:89:b8:5c:a7:b4:be:42:
57:21:eb:13:8d:54:7d:c6:f5:22:81:4c:32:d7:d2:
3e:eb:59:47:64:39:c5:44:97:a4:79:8f:e6:0b:b6:
ff:8a:0f:46:c7:09:95:73:ca:d7:26:00:00:81:17:
bb:5f:9b:1e:0b:c2:47:21:4a:9c:ea:81:e4:d1:59:
3a:e7:c6:c1:5f:54:2b:4b:c1:35:40:88:95:49:ec:
3d:08:fc:96:34:aa:a2:28:a5:b1:98:3c:55:ea:1d:
ea:14:64:11:6e:7b:18:43:19:d8:31:9e:82:26:fa:
ff:d5:34:0d:62:6e:8f:5b:61:83:d2:ce:63:00:4c:
15:5d:90:a5:7b:27:4b:0d:d6:7f:38:f0:83:e3:6b:
03:98:5e:7a:dc:60:ae:39:fe:27:02:08:a8:63:75:
2a:b9:23:85:ba:f0:94:a6:53:79:b0:20:2c:eb:ce:
23:58:a4:9f:76:37:08:1c:cc:26:77:b3:58:39:b5:
21:05:e4:65:e5:dc:52:aa:2d:02:8e:91:14:bc:2b:
35:ee:3f:ae:8e:91:70:0b:96:81:a4:f1:aa:bc:53:
01:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B2:B2:59:F9:08:8B:3A:A5:40:FB:C8:0B:CB:31:6B:60:DF:5B:36
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3137362e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
100.42.176.0/21
Signature Algorithm: sha256WithRSAEncryption
58:ab:01:90:d6:32:b9:10:76:90:ba:f8:42:7c:a0:66:f9:b0:
7e:d8:51:00:3d:ba:ea:5a:18:1d:f9:29:56:d4:08:09:bc:7f:
6d:39:87:5c:ce:b7:0b:c6:36:cf:51:06:21:76:0c:eb:ab:be:
e3:65:66:3d:9a:3c:96:e3:3b:f4:11:3e:7d:3e:76:7c:01:2f:
71:39:12:fb:4d:2b:d9:e3:43:be:e3:95:a5:61:1c:5d:2a:bb:
1b:d3:8f:53:f7:44:9e:e6:95:c9:21:47:a8:31:33:6f:a5:e3:
c6:0e:1c:d0:63:60:cb:05:81:6c:04:ee:df:7b:4c:26:10:76:
b9:d5:a7:6c:bf:fe:3c:ff:23:e7:c6:2f:cc:7b:2c:bb:9e:87:
78:15:ba:94:66:52:83:45:a2:97:ed:96:1d:b9:0f:04:b9:d6:
78:c7:96:c8:28:8a:ee:c9:13:96:a1:bf:2c:6f:0f:e5:14:30:
0c:d4:0e:f8:19:ee:c3:76:4e:c2:61:95:51:3e:79:b7:e4:2d:
fe:13:9e:5b:5b:20:9d:33:34:ed:e2:58:38:4c:14:5b:fc:b7:
53:47:91:c7:5d:c9:6d:fd:74:a8:98:87:72:59:75:1c:02:d5:
68:8d:fb:a1:f4:a6:bd:e1:35:d3:58:c8:96:f5:2a:d4:4d:3a:
51:8f:71:5a
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUeFpkvmatdYvOLrKYgGOAEf2VGwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA2MTAwOTQ0NDJaFw0yNTA2MDkwOTQ5NDJaMDMxMTAvBgNV
BAMTKDY2QjJCMjU5RjkwODhCM0FBNTQwRkJDODBCQ0IzMTZCNjBERjVCMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQtc7ySPMecIB9jOtCDOrPbIhR
5bv8ymV++yOXjZ13IS2uYYbwibhcp7S+Qlch6xONVH3G9SKBTDLX0j7rWUdkOcVE
l6R5j+YLtv+KD0bHCZVzytcmAACBF7tfmx4LwkchSpzqgeTRWTrnxsFfVCtLwTVA
iJVJ7D0I/JY0qqIopbGYPFXqHeoUZBFuexhDGdgxnoIm+v/VNA1ibo9bYYPSzmMA
TBVdkKV7J0sN1n848IPjawOYXnrcYK45/icCCKhjdSq5I4W68JSmU3mwICzrziNY
pJ92NwgczCZ3s1g5tSEF5GXl3FKqLQKOkRS8KzXuP66OkXALloGk8aq8UwGtAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUZrKyWfkIizqlQPvIC8sxa2DfWzYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzAyZTM0MzIy
ZTMxMzczNjJlMzAyZjMyMzEyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANkKrAwDQYJKoZIhvcNAQELBQADggEBAFirAZDWMrkQdpC6+EJ8oGb5sH7Y
UQA9uupaGB35KVbUCAm8f205h1zOtwvGNs9RBiF2DOurvuNlZj2aPJbjO/QRPn0+
dnwBL3E5EvtNK9njQ77jlaVhHF0quxvTj1P3RJ7mlckhR6gxM2+l48YOHNBjYMsF
gWwE7t97TCYQdrnVp2y//jz/I+fGL8x7LLueh3gVupRmUoNFopftlh25DwS51njH
lsgoiu7JE5ahvyxvD+UUMAzUDvgZ7sN2TsJhlVE+ebfkLf4TnltbIJ0zNO3iWDhM
FFv8t1NHkcddyW39dKiYh3JZdRwC1WiN+6H0pr3hNdNYyJb1KtRNOlGPcVo=
-----END CERTIFICATE-----
Generated at Sun Jun 23 13:19:28 2024 by rpki-client on console-fra.rpki-client.org