Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa
File: 3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa (raw, json)
Hash identifier: +/hp9i0eurtZ3vbGKRBl10WrpLXOCg0Ivjptud5529I=
Subject key identifier: E6:C8:D8:62:3B:40:F2:D3:71:03:8C:62:ED:FD:4F:B5:EE:14:08:13
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 79F0584CBBED8DCC6C1A11DBCA977DA4E44316C5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa
Signing time: Thu 21 Nov 2024 14:44:19 +0000
ROA not before: Thu 21 Nov 2024 14:39:19 +0000
ROA not after: Thu 20 Nov 2025 14:44:19 +0000
asID: 205659
IP address blocks: 109.234.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:f0:58:4c:bb:ed:8d:cc:6c:1a:11:db:ca:97:7d:a4:e4:43:16:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 21 14:39:19 2024 GMT
Not After : Nov 20 14:44:19 2025 GMT
Subject: CN=E6C8D8623B40F2D371038C62EDFD4FB5EE140813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ab:09:1f:31:5f:03:0a:b4:75:cf:b3:b4:44:
f3:c6:19:d1:ca:c0:ae:3b:bd:66:2d:1d:bb:1e:82:
5b:7b:a2:f1:85:ec:4c:ae:be:3b:d9:f2:77:71:24:
3e:c0:2c:36:ad:4f:b5:07:b9:f4:20:25:ee:0d:71:
37:53:e7:ce:9c:4d:c5:1c:6b:f4:d5:49:49:6d:36:
00:1f:57:50:db:a5:8f:33:33:14:16:a4:9e:b4:52:
01:0f:6f:59:df:89:e2:1e:e2:31:21:25:85:4a:e2:
d9:ab:2a:0a:4c:91:98:40:a6:4a:98:0e:c2:12:cd:
90:4f:b2:2c:70:3e:e6:22:8d:ba:f5:21:3a:ec:0e:
14:3c:f9:cf:d7:32:c5:9a:28:b0:be:3f:35:54:a7:
18:fa:e3:b5:58:41:ca:27:5b:a6:a7:15:d6:6a:81:
d4:13:b7:99:ab:22:3a:86:17:3f:43:3c:de:2c:5e:
fe:5f:e7:66:78:d4:70:94:6b:db:85:44:a7:ba:ce:
1b:1e:ea:b5:8d:f0:e7:69:40:a2:8e:fd:64:08:27:
19:f6:41:ba:32:7c:6a:0e:e5:52:82:60:7d:e5:30:
27:18:56:8b:f5:65:d6:16:d2:8b:cd:a6:eb:86:20:
10:44:19:ee:9e:55:63:df:ec:eb:ae:8f:1d:98:d5:
3d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C8:D8:62:3B:40:F2:D3:71:03:8C:62:ED:FD:4F:B5:EE:14:08:13
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3130392e3233342e37392e302f32342d3234203d3e20323035363539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.79.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:11:d4:98:1b:93:e1:5e:7b:78:1c:23:01:81:55:8f:c5:65:
b7:5b:b6:a0:84:ba:ca:c7:fc:30:40:01:01:89:ee:4f:4b:e1:
19:31:4a:2b:cf:a6:b8:63:96:1b:bb:02:2f:3a:1a:13:7b:55:
20:6e:2e:39:07:b7:12:7e:45:50:c5:1a:fb:e0:0c:50:83:52:
71:a9:2d:9b:58:a4:e1:5f:c0:b7:59:73:0f:89:e7:ee:e7:e4:
52:21:83:5a:ae:5b:69:92:5e:e5:ae:59:bb:27:c8:64:11:11:
06:1a:70:93:e3:6a:4e:4d:74:dc:3a:12:7f:cb:e9:d1:a6:0a:
b2:5b:b4:d3:1d:00:4b:88:d4:0c:ea:17:32:44:93:5c:5f:af:
ce:8d:f8:df:8b:96:64:88:df:06:74:32:fc:c1:f1:c5:df:be:
4b:a1:00:57:91:48:d7:55:d0:bd:f6:51:48:45:e3:77:de:42:
ac:04:84:cb:4a:a8:a3:a4:ff:54:88:4a:cb:0d:32:74:7f:d0:
9e:fc:1d:4e:c7:04:33:db:a2:f3:ec:bf:62:f0:29:d3:cc:ae:
6f:71:c9:4f:20:c4:a4:26:27:9a:0a:4a:48:ea:86:69:dd:de:
b2:51:95:c7:24:c8:c1:2a:30:0e:b9:16:ae:25:46:25:24:b9:
a6:82:a4:bf
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUefBYTLvtjcxsGhHbypd9pORDFsUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDExMjExNDM5MTlaFw0yNTExMjAxNDQ0MTlaMDMxMTAvBgNV
BAMTKEU2QzhEODYyM0I0MEYyRDM3MTAzOEM2MkVERkQ0RkI1RUUxNDA4MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOqwkfMV8DCrR1z7O0RPPGGdHK
wK47vWYtHbseglt7ovGF7EyuvjvZ8ndxJD7ALDatT7UHufQgJe4NcTdT586cTcUc
a/TVSUltNgAfV1DbpY8zMxQWpJ60UgEPb1nfieIe4jEhJYVK4tmrKgpMkZhApkqY
DsISzZBPsixwPuYijbr1ITrsDhQ8+c/XMsWaKLC+PzVUpxj647VYQconW6anFdZq
gdQTt5mrIjqGFz9DPN4sXv5f52Z41HCUa9uFRKe6zhse6rWN8OdpQKKO/WQIJxn2
QboyfGoO5VKCYH3lMCcYVov1ZdYW0ovNpuuGIBBEGe6eVWPf7Ouujx2Y1T2zAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU5sjYYjtA8tNxA4xi7f1Pte4UCBMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMwMzkyZTMyMzMz
NDJlMzczOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTM2MzUzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAG3qTzANBgkqhkiG9w0BAQsFAAOCAQEAsRHUmBuT4V57eBwjAYFVj8Vl
t1u2oIS6ysf8MEABAYnuT0vhGTFKK8+muGOWG7sCLzoaE3tVIG4uOQe3En5FUMUa
++AMUINScaktm1ik4V/At1lzD4nn7ufkUiGDWq5baZJe5a5ZuyfIZBERBhpwk+Nq
Tk103DoSf8vp0aYKslu00x0AS4jUDOoXMkSTXF+vzo3434uWZIjfBnQy/MHxxd++
S6EAV5FI11XQvfZRSEXjd95CrASEy0qoo6T/VIhKyw0ydH/QnvwdTscEM9ui8+y/
YvAp08yub3HJTyDEpCYnmgpKSOqGad3eslGVxyTIwSowDrkWriVGJSS5poKkvw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:07:17 2024 by rpki-client on console-ams.rpki-client.org