Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e3135362e302f32342d3234203d3e20313336373837.roa
File: 3134362e31392e3135362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: XydZZpeClLS38TXf3ZFttmWfWpWqLhY9kRhjEr0QIFE=
Subject key identifier: BF:50:4D:93:6A:A9:37:CD:47:C5:FD:67:BC:C5:65:13:AE:11:B7:70
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7475E9FF9BDB76F568B7113CBCC4095C9AA17310
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e3135362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 22 Dec 2023 07:26:14 +0000
ROA not before: Fri 22 Dec 2023 07:21:14 +0000
ROA not after: Fri 20 Dec 2024 07:26:14 +0000
asID: 136787
IP address blocks: 146.19.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:75:e9:ff:9b:db:76:f5:68:b7:11:3c:bc:c4:09:5c:9a:a1:73:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 22 07:21:14 2023 GMT
Not After : Dec 20 07:26:14 2024 GMT
Subject: CN=BF504D936AA937CD47C5FD67BCC56513AE11B770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:26:59:ea:28:cc:d1:b2:ca:25:d1:02:3c:68:
5b:46:9c:09:10:5b:be:fd:75:c5:fe:99:71:6d:e5:
1c:00:97:8e:72:3b:db:f2:05:e9:d5:a8:46:0f:08:
8c:af:ab:d4:6e:82:bc:bd:6a:5c:70:ab:d9:1c:4b:
27:b3:78:a6:84:29:04:75:e6:d4:f7:61:80:50:1a:
39:0d:7d:d9:40:d0:34:8f:7e:4a:24:94:fc:07:26:
5f:3a:c5:64:24:19:40:2e:f8:f7:73:4f:82:34:52:
60:d0:a7:a0:4e:aa:3c:b1:42:f3:e2:d2:97:09:ab:
2d:b8:4c:80:1d:71:05:ce:35:17:ef:f1:fa:b9:a8:
af:5b:ae:6e:89:d1:78:bd:dd:82:83:ad:99:94:42:
d3:a2:5d:09:d4:72:f2:c1:af:81:93:5b:d8:82:29:
b2:44:bc:15:7b:d8:88:b7:7e:ed:3e:3e:d0:ca:dd:
b7:c4:a6:77:ef:0e:68:d0:81:54:ef:32:3a:ee:7e:
08:11:7b:96:14:a8:6c:54:23:f3:2f:ae:c7:ce:03:
4d:35:85:e3:cb:43:32:33:30:25:98:8d:9e:62:23:
7f:ac:ca:2d:78:b9:b2:7f:ba:38:c4:84:76:78:9b:
ed:ab:c9:d6:48:3e:0f:c3:13:a7:1b:6b:0f:60:26:
42:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:50:4D:93:6A:A9:37:CD:47:C5:FD:67:BC:C5:65:13:AE:11:B7:70
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e3135362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.156.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:7b:c8:6a:60:55:7b:c2:86:88:eb:51:a8:b8:5f:c3:ba:16:
7a:6d:8e:ea:52:ff:a3:b6:2e:d7:e8:b8:b0:c4:6e:dd:a3:44:
5c:a5:83:cb:97:0c:e7:af:76:86:82:f9:88:c5:fa:f3:21:02:
7e:f4:ce:e2:46:67:e3:3e:7b:86:1e:06:9e:e6:15:40:0b:94:
fa:1b:5e:37:6b:ea:e3:36:b8:d0:e7:7b:44:32:b0:d4:ee:f7:
47:09:4e:f8:7f:ea:52:3a:45:13:d6:fb:e5:0f:d7:58:fc:c1:
c8:2f:db:90:40:ea:75:bf:7b:66:13:cb:bb:84:ec:53:80:15:
36:ad:37:f3:59:71:ed:ae:01:f6:a3:2d:15:de:f9:38:ac:39:
ba:97:b6:20:fd:53:30:a6:ff:c9:b2:1f:b0:5c:d6:0c:e3:1a:
07:1c:62:96:db:d4:60:be:ad:04:45:00:a2:8b:21:33:b9:0d:
11:7b:00:cd:93:8d:29:be:0f:14:8d:81:26:68:86:27:11:2e:
56:78:4b:c8:a0:23:34:d2:cd:19:63:67:3f:64:b0:1e:c2:16:
21:55:62:20:ee:7f:8f:59:c7:97:10:29:d3:77:9e:09:8f:90:
99:a8:29:6a:72:93:df:cd:4b:70:f5:3a:95:72:dd:42:de:64:
cf:58:9d:1d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdHXp/5vbdvVotxE8vMQJXJqhcxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yMzEyMjIwNzIxMTRaFw0yNDEyMjAwNzI2MTRaMDMxMTAvBgNV
BAMTKEJGNTA0RDkzNkFBOTM3Q0Q0N0M1RkQ2N0JDQzU2NTEzQUUxMUI3NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhJlnqKMzRssol0QI8aFtGnAkQ
W779dcX+mXFt5RwAl45yO9vyBenVqEYPCIyvq9Rugry9alxwq9kcSyezeKaEKQR1
5tT3YYBQGjkNfdlA0DSPfkoklPwHJl86xWQkGUAu+PdzT4I0UmDQp6BOqjyxQvPi
0pcJqy24TIAdcQXONRfv8fq5qK9brm6J0Xi93YKDrZmUQtOiXQnUcvLBr4GTW9iC
KbJEvBV72Ii3fu0+PtDK3bfEpnfvDmjQgVTvMjrufggRe5YUqGxUI/MvrsfOA001
hePLQzIzMCWYjZ5iI3+syi14ubJ/ujjEhHZ4m+2rydZIPg/DE6cbaw9gJkI7AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUv1BNk2qpN81Hxf1nvMVlE64Rt3AwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM0MzYyZTMxMzky
ZTMxMzUzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAJITnDANBgkqhkiG9w0BAQsFAAOCAQEAG3vIamBVe8KGiOtRqLhfw7oW
em2O6lL/o7Yu1+i4sMRu3aNEXKWDy5cM5692hoL5iMX68yECfvTO4kZn4z57hh4G
nuYVQAuU+hteN2vq4za40Od7RDKw1O73RwlO+H/qUjpFE9b75Q/XWPzByC/bkEDq
db97ZhPLu4TsU4AVNq0381lx7a4B9qMtFd75OKw5upe2IP1TMKb/ybIfsFzWDOMa
BxxiltvUYL6tBEUAooshM7kNEXsAzZONKb4PFI2BJmiGJxEuVnhLyKAjNNLNGWNn
P2SwHsIWIVViIO5/j1nHlxAp03eeCY+QmagpanKT381LcPU6lXLdQt5kz1idHQ==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:22 2024 by rpki-client on console-fra.rpki-client.org