Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3133302e3138352e3131382e302f32342d3332203d3e203531313637.roa
File: 3133302e3138352e3131382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 2Ykh1ou/qiuEn0F9x1P76XAbhI4ePg+W1IHizISruKE=
Subject key identifier: 27:A0:75:71:A1:B9:41:EB:46:B8:2F:86:C8:6F:0E:BB:FB:A1:E5:AA
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5C7DA5F11ED5F7DBE086E2696AB33996F51B576E
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3133302e3138352e3131382e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:45 +0000
ROA not before: Fri 27 Dec 2024 11:42:45 +0000
ROA not after: Fri 26 Dec 2025 11:47:45 +0000
asID: 51167
IP address blocks: 130.185.118.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:7d:a5:f1:1e:d5:f7:db:e0:86:e2:69:6a:b3:39:96:f5:1b:57:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:45 2024 GMT
Not After : Dec 26 11:47:45 2025 GMT
Subject: CN=27A07571A1B941EB46B82F86C86F0EBBFBA1E5AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d2:4e:0b:3f:63:2c:a8:2f:f2:7b:01:9e:45:
55:54:c2:0a:c0:c3:b6:19:7c:04:3e:96:d9:5e:c1:
ae:52:c5:44:4c:dc:b5:57:3e:c4:8b:9e:39:c3:9b:
bb:24:67:ab:c7:6f:ac:02:2b:0c:a4:36:ed:59:ec:
ff:00:53:31:e1:9b:5f:2f:50:76:80:3c:bd:57:34:
76:f2:21:99:c5:73:00:45:6c:f4:bd:27:04:1d:34:
d5:ae:e5:76:92:5a:91:95:a6:41:1b:07:26:50:80:
1d:ee:ce:e7:fa:42:3b:eb:2e:c6:4b:73:b6:bb:ae:
9f:09:a0:83:6e:73:d4:11:51:78:a0:ec:e2:d3:ef:
10:f1:54:bc:b8:9c:9b:f5:5f:96:70:a1:02:dc:b1:
05:8b:90:5e:3c:f9:ec:1e:ad:08:80:f5:76:67:49:
ee:cb:7b:e2:c2:96:3f:df:de:8a:3b:5e:25:11:92:
91:76:94:96:99:7b:69:4b:12:f5:53:ed:a3:cc:b1:
86:ea:4d:45:a8:f3:52:68:44:f7:c2:ce:d1:fe:9c:
fa:5d:2c:aa:37:21:b1:63:3a:86:ac:47:7d:15:00:
9e:c9:c0:f2:30:54:03:18:c3:d6:b7:09:7a:17:45:
f9:2e:45:2b:03:f7:b5:9a:ad:b0:2d:28:40:09:51:
f2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A0:75:71:A1:B9:41:EB:46:B8:2F:86:C8:6F:0E:BB:FB:A1:E5:AA
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3133302e3138352e3131382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.118.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:ac:79:82:79:6e:63:28:dd:3f:a2:94:d0:38:79:73:ff:f0:
a7:0e:8e:73:db:51:ff:a4:55:da:0b:f1:b6:4b:e2:cc:9a:40:
cf:d3:8d:57:cc:1a:11:e2:e0:b3:16:d1:79:78:09:df:d1:c9:
13:f7:4e:d9:5f:67:d6:67:18:06:45:93:d0:5c:be:a7:cd:d1:
ae:15:9f:1a:e4:a5:99:70:fb:7b:bb:da:32:9e:7f:4d:e8:9d:
1a:53:e6:f2:79:6d:2f:60:05:99:08:0b:2d:86:e9:bd:11:f4:
35:2f:81:0d:c7:d7:ce:d2:70:35:c3:21:08:00:9a:11:a4:0f:
76:2f:42:71:c4:70:6c:bb:ba:3b:58:f5:85:ce:8b:91:1b:d9:
a1:b3:25:6e:64:b0:7c:eb:fe:b6:0b:d2:0c:fe:4d:65:ac:4e:
a4:05:dd:14:67:24:c3:f5:c6:27:8f:3f:8b:5a:7a:0c:aa:ba:
4c:5b:40:dc:11:87:a8:4c:aa:b9:e1:0c:f0:1b:85:89:de:7e:
8e:ec:f2:ec:4d:79:e3:d6:03:cb:28:31:bc:35:fc:a1:cb:68:
06:ed:0c:9e:1c:74:58:50:71:69:fd:48:aa:c8:22:f0:cf:ee:
be:e3:63:9f:b5:06:6e:c4:ce:d7:41:6d:fb:1a:40:1b:6b:96:
25:09:df:68
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUXH2l8R7V99vghuJparM5lvUbV24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyNDVaFw0yNTEyMjYxMTQ3NDVaMDMxMTAvBgNV
BAMTKDI3QTA3NTcxQTFCOTQxRUI0NkI4MkY4NkM4NkYwRUJCRkJBMUU1QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr0k4LP2MsqC/yewGeRVVUwgrA
w7YZfAQ+ltlewa5SxURM3LVXPsSLnjnDm7skZ6vHb6wCKwykNu1Z7P8AUzHhm18v
UHaAPL1XNHbyIZnFcwBFbPS9JwQdNNWu5XaSWpGVpkEbByZQgB3uzuf6QjvrLsZL
c7a7rp8JoINuc9QRUXig7OLT7xDxVLy4nJv1X5ZwoQLcsQWLkF48+ewerQiA9XZn
Se7Le+LClj/f3oo7XiURkpF2lJaZe2lLEvVT7aPMsYbqTUWo81JoRPfCztH+nPpd
LKo3IbFjOoasR30VAJ7JwPIwVAMYw9a3CXoXRfkuRSsD97WarbAtKEAJUfJ9AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUJ6B1caG5QetGuC+GyG8Ou/uh5aowHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTMzMzAyZTMxMzgz
NTJlMzEzMTM4MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAIK5djANBgkqhkiG9w0BAQsFAAOCAQEAs6x5gnluYyjdP6KU0Dh5c//w
pw6Oc9tR/6RV2gvxtkvizJpAz9ONV8waEeLgsxbReXgJ39HJE/dO2V9n1mcYBkWT
0Fy+p83RrhWfGuSlmXD7e7vaMp5/TeidGlPm8nltL2AFmQgLLYbpvRH0NS+BDcfX
ztJwNcMhCACaEaQPdi9CccRwbLu6O1j1hc6LkRvZobMlbmSwfOv+tgvSDP5NZaxO
pAXdFGckw/XGJ48/i1p6DKq6TFtA3BGHqEyqueEM8BuFid5+juzy7E1549YDyygx
vDX8octoBu0Mnhx0WFBxaf1Iqsgi8M/uvuNjn7UGbsTO10Ft+xpAG2uWJQnfaA==
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:23:08 2025 by rpki-client