Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa
File: 3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: /EK9b2pxfTW4BPmtC7zdhiuofiIoBMZHQsnNAA+W7I4=
Subject key identifier: F5:C7:75:F2:07:0A:A6:6F:A3:FC:F2:B9:BB:2D:D1:CA:77:ED:57:E6
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 65D1A107C26961E9FB43EAE2498ED29B340402E6
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa
Signing time: Thu 13 Jun 2024 10:41:26 +0000
ROA not before: Thu 13 Jun 2024 10:36:26 +0000
ROA not after: Thu 12 Jun 2025 10:41:26 +0000
asID: 47583
IP address blocks: 185.173.108.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 06:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:d1:a1:07:c2:69:61:e9:fb:43:ea:e2:49:8e:d2:9b:34:04:02:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 13 10:36:26 2024 GMT
Not After : Jun 12 10:41:26 2025 GMT
Subject: CN=F5C775F2070AA66FA3FCF2B9BB2DD1CA77ED57E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:71:46:42:eb:7a:a7:a3:1b:64:ea:0e:6c:f5:
39:d0:b1:a2:48:74:f5:8c:43:31:e3:70:31:58:ef:
d8:5b:1f:79:12:f5:e2:d9:b9:84:4f:03:78:c0:5e:
fb:60:93:d3:6f:9e:f2:53:96:5e:5e:1e:33:06:03:
c7:eb:55:f4:6f:2c:aa:ad:fd:44:b2:b4:ad:98:b2:
cf:74:87:58:aa:66:1e:80:8c:a6:d9:dc:08:c0:00:
c1:59:23:fa:75:f5:e8:98:0b:ac:d3:70:ea:42:b5:
fd:8f:dd:6b:25:e1:bb:83:05:26:41:1e:c9:03:a9:
28:5c:09:3a:c4:2a:00:52:a1:57:d0:15:30:0b:20:
e9:fd:f0:69:52:4e:2d:2b:8a:85:aa:7c:0c:59:5a:
71:d2:11:b1:92:84:33:c1:15:a7:8d:58:ae:41:b6:
80:0f:be:71:87:fa:98:b8:5f:fa:5e:d4:9e:23:62:
e4:a4:97:56:71:38:c9:13:6d:64:03:66:d9:57:cb:
ef:5c:93:12:9a:97:cf:d3:78:fe:7b:2e:82:ce:ad:
99:66:5c:c2:a8:de:c0:c7:4f:8f:6b:f3:6d:a3:a2:
50:ad:71:9b:ac:3e:1b:ef:81:51:5a:b7:e0:68:24:
de:ea:01:06:2f:3b:56:28:42:3a:33:ea:bd:c3:26:
2f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:C7:75:F2:07:0A:A6:6F:A3:FC:F2:B9:BB:2D:D1:CA:77:ED:57:E6
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137332e3130382e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.108.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:72:4c:8c:e8:a6:2b:1d:0a:53:d1:2f:0d:71:72:07:9f:ad:
3c:dd:ab:4f:6d:52:49:87:4c:56:0a:b8:4d:28:b9:b1:fd:93:
53:71:0d:ec:0c:04:79:0d:b0:52:21:fb:18:26:98:40:30:e7:
48:7b:3c:69:90:34:7e:2a:36:f2:ba:43:71:a0:f5:cb:ba:27:
56:35:ad:9e:17:1e:df:ef:dc:1d:78:68:bf:63:dd:ce:c2:31:
16:09:a3:52:df:85:47:1d:91:15:8b:98:6b:3e:b2:36:73:6c:
49:6c:cc:c7:1a:e1:6a:31:2a:a8:39:59:0f:6e:43:cf:e8:2a:
1c:93:50:69:34:6b:7e:ab:a2:aa:e1:21:d6:91:5f:d7:f9:02:
f5:cd:26:cc:47:f3:ba:57:51:74:b7:e3:75:53:b9:5b:48:d8:
d1:a7:c9:ed:d1:78:7a:88:02:e9:4e:88:a4:cc:26:a5:71:72:
8c:a9:be:36:9b:e9:20:95:ad:1d:6e:47:06:95:40:0d:0b:99:
45:b2:20:bb:e0:56:74:dc:9d:97:69:aa:be:f8:db:21:32:b0:
d7:e9:51:20:01:ef:d5:06:9c:1e:ef:66:db:56:5d:e8:14:77:
0f:9e:bf:f9:bf:98:4b:4a:e3:a4:18:0c:84:3b:9d:70:e7:80:
20:17:77:9e
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUZdGhB8JpYen7Q+riSY7SmzQEAuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA2MTMxMDM2MjZaFw0yNTA2MTIxMDQxMjZaMDMxMTAvBgNV
BAMTKEY1Qzc3NUYyMDcwQUE2NkZBM0ZDRjJCOUJCMkREMUNBNzdFRDU3RTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCscUZC63qnoxtk6g5s9TnQsaJI
dPWMQzHjcDFY79hbH3kS9eLZuYRPA3jAXvtgk9NvnvJTll5eHjMGA8frVfRvLKqt
/USytK2Yss90h1iqZh6AjKbZ3AjAAMFZI/p19eiYC6zTcOpCtf2P3Wsl4buDBSZB
HskDqShcCTrEKgBSoVfQFTALIOn98GlSTi0rioWqfAxZWnHSEbGShDPBFaeNWK5B
toAPvnGH+pi4X/pe1J4jYuSkl1ZxOMkTbWQDZtlXy+9ckxKal8/TeP57LoLOrZlm
XMKo3sDHT49r822jolCtcZusPhvvgVFat+BoJN7qAQYvO1YoQjoz6r3DJi+hAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU9cd18gcKpm+j/PK5uy3RynftV+YwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MzJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmtbDANBgkqhkiG9w0BAQsFAAOCAQEAqnJMjOimKx0KU9EvDXFyB5+t
PN2rT21SSYdMVgq4TSi5sf2TU3EN7AwEeQ2wUiH7GCaYQDDnSHs8aZA0fio28rpD
caD1y7onVjWtnhce3+/cHXhov2PdzsIxFgmjUt+FRx2RFYuYaz6yNnNsSWzMxxrh
ajEqqDlZD25Dz+gqHJNQaTRrfquiquEh1pFf1/kC9c0mzEfzuldRdLfjdVO5W0jY
0afJ7dF4eogC6U6IpMwmpXFyjKm+NpvpIJWtHW5HBpVADQuZRbIgu+BWdNydl2mq
vvjbITKw1+lRIAHv1QacHu9m21Zd6BR3D56/+b+YS0rjpBgMhDudcOeAIBd3ng==
-----END CERTIFICATE-----
Generated at Sun Jun 23 13:19:28 2024 by rpki-client on console-fra.rpki-client.org