Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa
File: 3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa (raw, json)
Hash identifier: lUSaJRI3VNneA85dXg+bx6kRPXDOxIeKFo+59U+nVNo=
Subject key identifier: CC:17:D2:C4:58:9A:BA:26:6F:E8:D2:53:63:8A:8B:05:90:4E:61:11
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 20FA451D365E75F0D8AFDEA7D8934513F10C9712
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa
Signing time: Thu 21 Dec 2023 14:10:26 +0000
ROA not before: Thu 21 Dec 2023 14:05:26 +0000
ROA not after: Thu 19 Dec 2024 14:10:26 +0000
asID: 205659
IP address blocks: 109.234.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:fa:45:1d:36:5e:75:f0:d8:af:de:a7:d8:93:45:13:f1:0c:97:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 21 14:05:26 2023 GMT
Not After : Dec 19 14:10:26 2024 GMT
Subject: CN=CC17D2C4589ABA266FE8D253638A8B05904E6111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c9:7e:de:f1:ad:22:a6:b3:ac:89:a7:db:f6:
58:fd:35:df:3d:98:ce:25:72:9c:39:54:14:e5:dc:
3b:07:1d:8f:d4:cb:2c:85:15:ba:d0:35:b2:47:3b:
b4:2f:61:9f:8d:b6:f5:39:d1:92:79:47:fe:74:60:
79:7b:fb:ab:b4:ea:6c:59:ff:4b:73:05:c3:65:55:
8e:fd:c1:e0:d9:ca:4e:ed:48:7b:75:c1:87:4c:80:
45:97:d3:56:84:77:ed:05:3e:55:e0:ee:c4:03:0c:
93:73:49:a8:ab:5c:2e:e4:1b:0c:39:21:38:7f:bf:
5e:6f:55:a4:48:47:94:d0:26:af:40:12:d0:dc:07:
11:c3:98:84:ec:3d:02:6f:85:02:94:a4:56:21:b2:
e3:a1:d4:28:99:81:db:31:09:f5:3e:3a:bc:0c:b4:
f4:27:96:79:d1:e7:9c:d3:9c:20:d9:d7:0e:b9:51:
5f:f3:3f:1d:2f:ec:69:d5:ab:c8:92:96:15:5d:39:
c2:47:89:ad:65:99:1f:25:b6:1a:9c:38:a5:c9:af:
c9:63:e7:eb:31:0a:30:f0:5d:6c:d0:d0:f9:35:ca:
17:77:a6:47:fa:33:1c:37:4d:fb:21:b9:a5:15:84:
20:f6:49:75:be:a4:67:e4:61:34:67:1f:89:04:54:
fc:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:17:D2:C4:58:9A:BA:26:6F:E8:D2:53:63:8A:8B:05:90:4E:61:11
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.79.0/24
Signature Algorithm: sha256WithRSAEncryption
77:3c:28:58:3c:a5:21:5e:8f:df:17:10:7b:d6:1d:aa:a1:4d:
2e:8b:a5:55:2b:f4:c2:a4:e1:0b:f2:42:b2:15:8a:38:b0:35:
da:78:5c:42:4d:ec:f4:ba:8e:21:76:38:a5:da:83:d4:ec:fb:
33:4e:a8:c9:5b:ad:70:05:4c:b7:74:e8:9b:fc:32:16:69:f0:
e1:ef:64:a4:d8:ac:5b:a7:f9:f2:e3:b8:78:77:1c:f7:11:7f:
0f:36:ef:a0:9c:ca:e6:02:7b:b3:bb:60:44:9d:9d:10:2f:72:
63:15:e7:25:6b:23:b2:4f:5e:4e:17:88:bf:cf:41:42:d1:68:
21:80:6f:1e:13:2e:33:10:c5:0f:e6:7a:4a:d0:08:8a:c7:39:
5a:f5:b8:e0:72:b4:ee:bb:d9:a4:b2:b2:24:c7:b1:2f:de:a8:
17:b5:0c:c9:e6:94:75:4e:f1:c5:07:61:73:14:5d:df:be:0f:
73:89:7d:d2:df:46:c7:a9:28:63:e5:6c:db:fc:13:a4:53:d0:
78:67:79:02:e9:9d:2b:26:e0:45:09:34:17:e1:ec:aa:23:1f:
5d:6c:b7:d2:54:a3:e8:d2:c5:e0:e7:00:a9:0a:ae:6a:e2:eb:
72:ba:f3:d5:5c:f8:1f:ce:a2:62:60:3a:e5:f7:89:9d:c7:e9:
5c:4a:bf:d8
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUIPpFHTZedfDYr96n2JNFE/EMlxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yMzEyMjExNDA1MjZaFw0yNDEyMTkxNDEwMjZaMDMxMTAvBgNV
BAMTKENDMTdEMkM0NTg5QUJBMjY2RkU4RDI1MzYzOEE4QjA1OTA0RTYxMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtyX7e8a0iprOsiafb9lj9Nd89
mM4lcpw5VBTl3DsHHY/UyyyFFbrQNbJHO7QvYZ+NtvU50ZJ5R/50YHl7+6u06mxZ
/0tzBcNlVY79weDZyk7tSHt1wYdMgEWX01aEd+0FPlXg7sQDDJNzSairXC7kGww5
ITh/v15vVaRIR5TQJq9AEtDcBxHDmITsPQJvhQKUpFYhsuOh1CiZgdsxCfU+OrwM
tPQnlnnR55zTnCDZ1w65UV/zPx0v7GnVq8iSlhVdOcJHia1lmR8lthqcOKXJr8lj
5+sxCjDwXWzQ0Pk1yhd3pkf6Mxw3TfshuaUVhCD2SXW+pGfkYTRnH4kEVPw9AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUzBfSxFiauiZv6NJTY4qLBZBOYREwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzkyZTMyMzMz
NDJlMzczOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTM2MzUzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAG3qTzANBgkqhkiG9w0BAQsFAAOCAQEAdzwoWDylIV6P3xcQe9YdqqFN
LoulVSv0wqThC/JCshWKOLA12nhcQk3s9LqOIXY4pdqD1Oz7M06oyVutcAVMt3To
m/wyFmnw4e9kpNisW6f58uO4eHcc9xF/DzbvoJzK5gJ7s7tgRJ2dEC9yYxXnJWsj
sk9eTheIv89BQtFoIYBvHhMuMxDFD+Z6StAIisc5WvW44HK07rvZpLKyJMexL96o
F7UMyeaUdU7xxQdhcxRd374Pc4l90t9Gx6koY+Vs2/wTpFPQeGd5AumdKybgRQk0
F+HsqiMfXWy30lSj6NLF4OcAqQquauLrcrrz1Vz4H86iYmA65feJncfpXEq/2A==
-----END CERTIFICATE-----
Generated at Fri May 24 10:40:00 2024 by rpki-client on console-ams.rpki-client.org