Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139362e302f32332d3234203d3e203437353833.roa
File: 3138352e3137302e3139362e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: C1lVpQccQgQ16f6UK/cnzlPB5nUhV8bUVEsAX0GafzE=
Subject key identifier: 3D:EE:1B:BD:70:95:AF:3D:5B:B7:5E:45:46:3F:9A:4E:78:3D:C6:26
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 162DD041878C909B72BA6074905C19AD835D1344
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139362e302f32332d3234203d3e203437353833.roa
Signing time: Tue 11 Jun 2024 23:34:48 +0000
ROA not before: Tue 11 Jun 2024 23:29:48 +0000
ROA not after: Tue 10 Jun 2025 23:34:48 +0000
asID: 47583
IP address blocks: 185.170.196.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 06:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:2d:d0:41:87:8c:90:9b:72:ba:60:74:90:5c:19:ad:83:5d:13:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 11 23:29:48 2024 GMT
Not After : Jun 10 23:34:48 2025 GMT
Subject: CN=3DEE1BBD7095AF3D5BB75E45463F9A4E783DC626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:39:dc:71:75:fa:30:44:5e:f9:32:ec:4c:fd:
50:a6:18:83:08:41:e6:e0:09:63:54:48:9d:70:ec:
34:40:a7:a5:df:f9:1b:33:59:21:ab:3e:1d:62:f3:
f5:eb:44:82:b9:9e:77:70:af:a8:96:55:e1:f8:60:
7e:80:2c:44:86:7d:d4:38:9c:46:fa:28:ba:b1:f9:
a1:0c:d0:61:0a:9d:72:46:ea:de:dc:94:57:99:f0:
a0:3d:17:62:d6:62:15:8a:35:22:b9:40:db:37:c3:
48:7a:a5:04:dd:6a:62:4a:02:e9:8b:0b:fc:d6:6f:
54:4c:8e:02:78:21:f9:e0:19:c2:35:a2:c9:3f:a6:
67:87:09:15:0c:5c:c2:81:4b:e6:02:e2:d5:7f:99:
a4:df:0d:15:ae:9e:ae:3d:74:da:12:2e:e3:d6:95:
39:24:34:6d:a3:3f:2b:67:37:c6:6e:ab:ac:a8:d8:
5e:1a:6b:ac:ba:f5:32:cb:43:1a:51:1d:d2:79:09:
ea:de:f6:0c:5a:16:1a:08:95:07:0a:51:ed:5a:97:
0e:92:d1:0e:6c:b8:5d:4f:9a:05:2d:5b:0b:d0:a8:
c3:4a:56:44:62:2c:51:51:ad:d1:4f:65:47:40:fc:
21:fd:33:8a:46:b3:5a:b7:c9:a1:27:9b:d4:a3:20:
f8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:EE:1B:BD:70:95:AF:3D:5B:B7:5E:45:46:3F:9A:4E:78:3D:C6:26
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137302e3139362e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.196.0/23
Signature Algorithm: sha256WithRSAEncryption
13:5c:90:0d:e3:ff:77:79:cf:33:8a:7b:ac:53:87:e0:1e:4a:
38:70:ca:a5:04:95:22:3c:c9:7b:51:79:7d:b6:fb:93:28:5d:
88:bf:97:3c:a8:64:c9:dc:0e:78:c2:0a:e1:52:7e:eb:0d:56:
c6:3b:9b:2f:14:12:67:59:a5:1f:b9:68:a5:5c:f3:94:70:fe:
8b:d3:d2:b4:1a:da:56:2b:0b:c6:ee:90:ca:df:4d:72:08:ee:
d8:0f:5b:92:ad:9c:5a:76:40:6d:17:ef:cb:1e:52:b2:66:28:
c5:30:64:4a:81:17:bd:a2:ce:b0:76:19:6d:38:8d:91:b7:d1:
35:e3:8f:5d:9c:73:4c:6a:ab:49:df:c5:4c:a7:44:23:98:13:
1e:e2:40:bc:4d:06:f3:4d:b0:cd:75:3d:dd:32:2b:f4:e9:60:
ad:ac:6e:27:19:57:3d:36:db:58:c1:cd:c7:87:97:68:9e:a5:
ae:17:56:65:d7:10:ad:b3:7f:b6:de:57:40:3d:32:fb:0c:71:
e1:b7:d0:b9:2c:a8:9f:13:05:72:49:32:9f:70:c4:b0:2f:de:
cb:74:ee:1e:7d:fa:35:42:60:29:16:a1:65:bc:82:61:1e:df:
e1:80:97:f0:3b:b4:b3:7e:4d:bd:39:ba:df:25:5d:90:30:34:
c4:15:f1:9c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUFi3QQYeMkJtyumB0kFwZrYNdE0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA2MTEyMzI5NDhaFw0yNTA2MTAyMzM0NDhaMDMxMTAvBgNV
BAMTKDNERUUxQkJENzA5NUFGM0Q1QkI3NUU0NTQ2M0Y5QTRFNzgzREM2MjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyOdxxdfowRF75MuxM/VCmGIMI
QebgCWNUSJ1w7DRAp6Xf+RszWSGrPh1i8/XrRIK5nndwr6iWVeH4YH6ALESGfdQ4
nEb6KLqx+aEM0GEKnXJG6t7clFeZ8KA9F2LWYhWKNSK5QNs3w0h6pQTdamJKAumL
C/zWb1RMjgJ4IfngGcI1osk/pmeHCRUMXMKBS+YC4tV/maTfDRWunq49dNoSLuPW
lTkkNG2jPytnN8Zuq6yo2F4aa6y69TLLQxpRHdJ5Cere9gxaFhoIlQcKUe1alw6S
0Q5suF1PmgUtWwvQqMNKVkRiLFFRrdFPZUdA/CH9M4pGs1q3yaEnm9SjIPifAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUPe4bvXCVrz1bt15FRj+aTng9xiYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MDJlMzEzOTM2MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmqxDANBgkqhkiG9w0BAQsFAAOCAQEAE1yQDeP/d3nPM4p7rFOH4B5K
OHDKpQSVIjzJe1F5fbb7kyhdiL+XPKhkydwOeMIK4VJ+6w1WxjubLxQSZ1mlH7lo
pVzzlHD+i9PStBraVisLxu6Qyt9Ncgju2A9bkq2cWnZAbRfvyx5SsmYoxTBkSoEX
vaLOsHYZbTiNkbfRNeOPXZxzTGqrSd/FTKdEI5gTHuJAvE0G802wzXU93TIr9Olg
raxuJxlXPTbbWMHNx4eXaJ6lrhdWZdcQrbN/tt5XQD0y+wxx4bfQuSyonxMFckky
n3DEsC/ey3TuHn36NUJgKRahZbyCYR7f4YCX8Du0s35NvTm63yVdkDA0xBXxnA==
-----END CERTIFICATE-----
Generated at Sun Jun 23 12:09:42 2024 by rpki-client on console-ams.rpki-client.org