Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e38382e302f32342d3234203d3e20313336373837.roa
File: 3134362e31392e38382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: j+V+PTuyVN6uleYKqDQxczs4dB6GI0R2q+ePu8CQyJ8=
Subject key identifier: 64:BA:E7:86:13:9D:18:39:B9:12:51:AC:00:11:C5:6F:55:4F:6E:D4
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6A9821591AF7280371CA4AC2035D5574AF73BF64
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e38382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 22 Nov 2024 07:44:22 +0000
ROA not before: Fri 22 Nov 2024 07:39:22 +0000
ROA not after: Fri 21 Nov 2025 07:44:22 +0000
asID: 136787
IP address blocks: 146.19.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:98:21:59:1a:f7:28:03:71:ca:4a:c2:03:5d:55:74:af:73:bf:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 22 07:39:22 2024 GMT
Not After : Nov 21 07:44:22 2025 GMT
Subject: CN=64BAE786139D1839B91251AC0011C56F554F6ED4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f3:e4:c2:7d:89:46:bd:9f:7f:ff:f9:09:e4:
70:c7:9e:f6:42:bf:ba:a0:bd:d0:88:8e:78:3a:55:
8d:50:b0:a7:5e:60:e4:0e:75:6a:f0:48:75:d9:5b:
d5:2d:33:c7:b0:96:73:61:1f:f9:25:7b:45:b6:77:
6a:eb:8e:d7:a0:44:a6:b6:a5:65:a7:58:e5:a3:22:
92:8a:0d:ae:e4:9e:8f:7d:a6:07:3e:6d:4e:b8:81:
09:73:c8:75:6e:95:ad:27:ce:64:21:35:a6:8a:25:
67:94:af:d2:47:d0:e4:9c:7f:91:cc:0c:56:9a:f3:
03:d9:c1:17:38:d9:e9:53:5d:17:36:6a:80:09:83:
e9:e2:7f:d9:6a:23:49:cc:a7:63:c9:0c:8b:bf:7e:
14:3c:a2:d2:d6:0c:38:ed:4d:69:19:5d:e4:09:c0:
8a:ec:8c:6e:c4:f2:b7:4b:44:e3:00:bd:59:53:a0:
90:11:bc:20:8b:ed:81:5d:19:76:a6:3b:55:6d:c9:
b8:0a:89:a9:77:70:d0:c3:76:11:64:8c:d9:d2:be:
ad:59:21:df:dd:7d:e4:4f:a0:e2:70:e4:dc:9c:4d:
fb:23:5e:b0:94:a1:64:57:e9:c5:a4:06:f5:ee:dc:
fd:62:8c:94:c1:7b:d8:aa:4a:6a:bb:59:71:0b:9b:
22:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:BA:E7:86:13:9D:18:39:B9:12:51:AC:00:11:C5:6F:55:4F:6E:D4
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3134362e31392e38382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.88.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:4b:94:c3:57:76:9a:4e:2d:67:b8:a8:bb:2c:6c:e4:07:8e:
78:fa:00:32:7c:cb:d7:23:a3:e7:0a:1f:37:68:89:21:df:c3:
25:4f:77:c2:cb:1c:ca:cd:e0:c5:d3:0c:7f:88:62:e5:80:34:
f0:c0:b4:70:db:e9:1e:d9:92:ea:4c:a3:71:0a:6e:21:f7:f9:
bb:33:7f:e9:44:2b:91:13:64:0d:11:83:b9:a3:fe:30:12:9b:
55:be:fa:9a:af:0a:7b:e4:eb:f6:27:ee:ce:95:48:cc:59:92:
70:34:a9:d1:02:ac:96:72:a1:63:f0:73:24:dc:ef:61:f5:0a:
04:6f:7e:ce:34:33:25:9a:e7:31:41:8a:46:f2:8b:da:ff:23:
91:b4:40:e0:56:52:d4:aa:03:c6:11:8b:91:9e:82:2e:72:4a:
79:c3:59:cf:05:a3:45:20:cd:b0:43:ad:d2:ad:8e:d0:dd:1a:
7e:09:ed:60:c4:6a:e9:c2:fc:d8:1c:b8:e7:e5:d9:bd:dc:0f:
bf:62:52:a3:8f:f3:4c:0f:45:6d:db:32:c7:21:1e:28:85:8c:
2a:b0:7b:36:61:62:b7:f1:7b:7b:49:b0:1c:c8:a2:44:de:12:
c4:ba:4d:dd:5f:19:d8:ea:99:47:90:a8:3e:82:f0:59:23:9b:
bb:28:51:85
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUapghWRr3KANxykrCA11VdK9zv2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDExMjIwNzM5MjJaFw0yNTExMjEwNzQ0MjJaMDMxMTAvBgNV
BAMTKDY0QkFFNzg2MTM5RDE4MzlCOTEyNTFBQzAwMTFDNTZGNTU0RjZFRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh8+TCfYlGvZ9///kJ5HDHnvZC
v7qgvdCIjng6VY1QsKdeYOQOdWrwSHXZW9UtM8ewlnNhH/kle0W2d2rrjtegRKa2
pWWnWOWjIpKKDa7kno99pgc+bU64gQlzyHVula0nzmQhNaaKJWeUr9JH0OScf5HM
DFaa8wPZwRc42elTXRc2aoAJg+nif9lqI0nMp2PJDIu/fhQ8otLWDDjtTWkZXeQJ
wIrsjG7E8rdLROMAvVlToJARvCCL7YFdGXamO1VtybgKial3cNDDdhFkjNnSvq1Z
Id/dfeRPoOJw5NycTfsjXrCUoWRX6cWkBvXu3P1ijJTBe9iqSmq7WXELmyJ3AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUZLrnhhOdGDm5ElGsABHFb1VPbtQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM0MzYyZTMxMzky
ZTM4MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACSE1gwDQYJKoZIhvcNAQELBQADggEBANdLlMNXdppOLWe4qLssbOQHjnj6
ADJ8y9cjo+cKHzdoiSHfwyVPd8LLHMrN4MXTDH+IYuWANPDAtHDb6R7ZkupMo3EK
biH3+bszf+lEK5ETZA0Rg7mj/jASm1W++pqvCnvk6/Yn7s6VSMxZknA0qdECrJZy
oWPwcyTc72H1CgRvfs40MyWa5zFBikbyi9r/I5G0QOBWUtSqA8YRi5Gegi5ySnnD
Wc8Fo0UgzbBDrdKtjtDdGn4J7WDEaunC/NgcuOfl2b3cD79iUqOP80wPRW3bMsch
HiiFjCqwezZhYrfxe3tJsBzIokTeEsS6Td1fGdjqmUeQqD6C8Fkjm7soUYU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:44:36 2025 by rpki-client