Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3138342e302f32312d3332203d3e203531313637.roa
File: 3130302e34322e3138342e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: 2oTvk7ojL6AYLXHkTTRT/4wMxAXSr6+3EZ3p9NtM4BM=
Subject key identifier: 02:D4:B0:34:82:0D:6A:C1:1E:26:0D:EF:E7:DD:75:4C:E2:CF:63:FC
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 09DB1ACD705ACED5EE5E17F7D5C7A96C83D6B30E
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3138342e302f32312d3332203d3e203531313637.roa
Signing time: Mon 10 Jun 2024 09:49:58 +0000
ROA not before: Mon 10 Jun 2024 09:44:58 +0000
ROA not after: Mon 09 Jun 2025 09:49:58 +0000
asID: 51167
IP address blocks: 100.42.184.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 06:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:db:1a:cd:70:5a:ce:d5:ee:5e:17:f7:d5:c7:a9:6c:83:d6:b3:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 10 09:44:58 2024 GMT
Not After : Jun 9 09:49:58 2025 GMT
Subject: CN=02D4B034820D6AC11E260DEFE7DD754CE2CF63FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0a:c6:70:f8:e4:f0:d9:14:85:b6:59:f9:7d:
49:94:a5:9e:b1:41:38:95:07:27:0e:ba:73:af:ec:
66:ac:b1:77:ae:e1:e5:9d:4b:e0:1b:1d:95:6a:e6:
1a:e2:65:64:77:65:9f:b2:48:9b:38:ff:2c:78:ab:
cf:68:72:a0:4f:8b:0e:85:45:75:c6:36:d8:22:07:
7b:52:e8:85:68:f1:25:5b:46:10:77:ca:71:af:35:
e6:16:f0:0d:5d:4e:c8:7b:6d:f9:b1:ad:1d:b5:42:
a6:93:b7:5d:88:28:d5:47:cc:10:80:81:11:1f:29:
64:1a:3f:df:c7:77:0d:2b:d5:b2:64:72:54:33:ad:
63:f2:3f:58:5c:dd:0c:08:4c:bc:1b:55:77:8c:e6:
85:98:4b:99:e8:35:cd:42:a8:79:b1:aa:19:27:ae:
db:80:7a:2f:6d:75:19:7c:b4:df:ad:ce:f0:19:5a:
9d:85:f5:a8:8e:ec:b6:9e:e6:40:75:36:09:81:6c:
54:aa:bc:9f:81:3c:66:d3:8d:9f:6d:ab:0d:4b:f1:
b4:65:c1:88:57:f5:ef:ee:1a:60:54:7d:7e:5d:aa:
4e:5f:9e:53:a0:0d:36:0b:24:3e:b5:87:22:0e:df:
3d:d6:b2:0c:b6:85:01:f8:01:37:d6:2a:d5:1f:1f:
66:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D4:B0:34:82:0D:6A:C1:1E:26:0D:EF:E7:DD:75:4C:E2:CF:63:FC
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130302e34322e3138342e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
100.42.184.0/21
Signature Algorithm: sha256WithRSAEncryption
b4:ea:00:53:32:9f:d3:a8:f6:60:ae:71:e4:42:36:93:97:3f:
40:94:92:1d:50:3a:41:eb:cb:39:d0:33:aa:80:47:09:c2:a1:
83:94:17:6f:47:11:99:36:fa:10:66:2e:1c:53:34:37:71:20:
84:0f:1b:1d:8b:26:1b:af:56:c4:50:95:61:84:99:e8:5c:4d:
b4:d0:8e:fa:98:cd:94:26:ab:c3:62:2a:ad:b9:9a:b8:f4:fb:
73:16:29:3e:69:99:15:1d:cb:e1:60:96:ef:29:1c:2e:ae:db:
a6:50:16:54:11:d0:35:cc:8e:21:ac:be:ab:ea:f0:32:a6:6e:
d0:8a:ab:1b:bd:dc:ed:e5:04:70:48:c5:2b:c2:45:42:3e:6c:
1b:29:ef:5a:49:fd:63:e4:47:ca:b9:a2:e6:47:ca:d9:c5:9c:
07:2a:b0:f6:e5:e4:31:16:22:08:cf:ee:7f:eb:49:c4:4f:58:
f6:c0:e1:40:ca:f7:fe:52:43:c9:cf:92:46:94:1f:e5:3b:17:
e0:6f:0c:d4:39:03:4a:28:91:d2:09:31:49:3f:d1:b7:3a:5b:
8c:45:14:ea:e6:4b:d4:7f:9d:95:79:fc:41:91:75:6c:d7:fc:
07:6e:41:6c:d7:77:1a:32:e6:b3:e3:b1:0c:41:fb:b2:15:09:
39:84:bc:64
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUCdsazXBaztXuXhf31cepbIPWsw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA2MTAwOTQ0NThaFw0yNTA2MDkwOTQ5NThaMDMxMTAvBgNV
BAMTKDAyRDRCMDM0ODIwRDZBQzExRTI2MERFRkU3REQ3NTRDRTJDRjYzRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8CsZw+OTw2RSFtln5fUmUpZ6x
QTiVBycOunOv7GassXeu4eWdS+AbHZVq5hriZWR3ZZ+ySJs4/yx4q89ocqBPiw6F
RXXGNtgiB3tS6IVo8SVbRhB3ynGvNeYW8A1dTsh7bfmxrR21QqaTt12IKNVHzBCA
gREfKWQaP9/Hdw0r1bJkclQzrWPyP1hc3QwITLwbVXeM5oWYS5noNc1CqHmxqhkn
rtuAei9tdRl8tN+tzvAZWp2F9aiO7Lae5kB1NgmBbFSqvJ+BPGbTjZ9tqw1L8bRl
wYhX9e/uGmBUfX5dqk5fnlOgDTYLJD61hyIO3z3Wsgy2hQH4ATfWKtUfH2ZbAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUAtSwNIINasEeJg3v5911TOLPY/wwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzAyZTM0MzIy
ZTMxMzgzNDJlMzAyZjMyMzEyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANkKrgwDQYJKoZIhvcNAQELBQADggEBALTqAFMyn9Oo9mCuceRCNpOXP0CU
kh1QOkHryznQM6qARwnCoYOUF29HEZk2+hBmLhxTNDdxIIQPGx2LJhuvVsRQlWGE
mehcTbTQjvqYzZQmq8NiKq25mrj0+3MWKT5pmRUdy+Fglu8pHC6u26ZQFlQR0DXM
jiGsvqvq8DKmbtCKqxu93O3lBHBIxSvCRUI+bBsp71pJ/WPkR8q5ouZHytnFnAcq
sPbl5DEWIgjP7n/rScRPWPbA4UDK9/5SQ8nPkkaUH+U7F+BvDNQ5A0ookdIJMUk/
0bc6W4xFFOrmS9R/nZV5/EGRdWzX/AduQWzXdxoy5rPjsQxB+7IVCTmEvGQ=
-----END CERTIFICATE-----
Generated at Sun Jun 23 13:19:28 2024 by rpki-client on console-fra.rpki-client.org