Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135322e38392e38382e302f32322d3232203d3e203536333736.roa
File: 3135322e38392e38382e302f32322d3232203d3e203536333736.roa (raw, json)
Hash identifier: CvhFCi1/Sy+QGlgWgSART7oG88/m+jd7Z7u5RtQL+Js=
Subject key identifier: FC:52:AF:76:B9:75:87:48:EE:5C:5C:50:F1:7F:8D:41:96:DE:B9:18
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 43C3D455306536E17F1D845A352C98350891B8A3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135322e38392e38382e302f32322d3232203d3e203536333736.roa
Signing time: Fri 20 Dec 2024 15:23:34 +0000
ROA not before: Fri 20 Dec 2024 15:18:34 +0000
ROA not after: Fri 19 Dec 2025 15:23:34 +0000
asID: 56376
IP address blocks: 152.89.88.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:c3:d4:55:30:65:36:e1:7f:1d:84:5a:35:2c:98:35:08:91:b8:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:34 2024 GMT
Not After : Dec 19 15:23:34 2025 GMT
Subject: CN=FC52AF76B9758748EE5C5C50F17F8D4196DEB918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8a:ed:cc:46:6f:2f:b1:27:15:c4:6a:04:97:
f0:16:03:bc:02:71:90:f8:0a:51:ac:fe:cf:3b:84:
57:9c:18:d7:56:0c:bb:6f:9f:0e:64:eb:cd:85:25:
ef:ea:1a:a8:03:d5:91:29:6c:b3:61:c2:6d:ca:ea:
17:d4:4c:0f:aa:dc:2d:47:9d:61:e1:84:a5:46:a1:
46:d2:e5:cb:9c:b3:18:e6:09:0e:9a:97:dd:8f:8e:
11:27:73:b6:01:71:c3:6e:9b:8d:6e:c2:42:7b:6d:
35:bf:17:c0:8b:a9:f4:c3:57:f3:52:36:74:21:b3:
e2:4d:d8:32:29:e9:ce:37:4b:c2:31:30:4e:11:71:
65:42:95:16:33:76:b0:95:c3:74:e6:94:d8:d0:0e:
80:fd:be:0e:07:51:e4:d6:93:0e:24:86:0e:d8:db:
37:39:3c:2e:d9:9e:73:85:b6:09:19:82:35:f1:4d:
9a:3d:61:d9:57:78:c8:7a:ad:3e:7e:46:2e:74:d7:
a4:10:9c:ca:fc:59:94:9f:d1:42:aa:30:4a:5f:93:
56:cb:8a:9e:f3:15:43:dd:e7:bc:dc:3a:b6:44:b4:
77:69:c7:cb:35:9f:27:5b:31:5c:bd:53:1f:fd:c8:
01:44:8e:47:c2:24:64:e5:9f:50:f3:c0:cc:a6:07:
0f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:52:AF:76:B9:75:87:48:EE:5C:5C:50:F1:7F:8D:41:96:DE:B9:18
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135322e38392e38382e302f32322d3232203d3e203536333736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.88.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:61:3a:72:21:5b:09:79:71:54:7c:d4:67:1b:f8:35:81:5e:
1a:a7:9c:b5:08:8f:43:27:c0:60:25:72:61:9c:37:e6:52:cb:
48:b6:c0:f7:2e:22:71:d2:b9:cd:03:07:9b:5f:5f:46:05:c2:
68:14:0c:8c:46:95:00:52:1e:2b:7f:cb:05:56:31:40:fe:d2:
ad:6e:a8:57:3d:a4:21:54:1d:f8:e2:fd:58:ca:19:84:2c:e1:
0a:3e:6f:00:d0:86:45:3e:13:ed:cb:63:53:36:70:bc:91:cd:
b4:fd:22:a0:35:4a:ea:ec:cf:ec:60:9c:fe:82:38:92:5d:9b:
ee:f6:93:17:ea:dc:77:f1:c4:9b:a7:d9:e2:c4:f6:46:01:d0:
b6:58:37:9b:1b:57:a8:9e:0a:ef:13:09:7f:b3:2e:44:95:b1:
d1:a2:1c:5e:46:f5:33:07:bd:c9:e0:86:5a:bd:1f:92:54:a8:
ea:4b:f0:10:0b:ad:61:ee:2c:ba:0d:eb:c9:b8:aa:f2:a5:3a:
74:5f:8e:13:64:49:82:e1:22:20:20:96:68:e9:04:3c:0d:37:
15:79:93:ca:ac:d2:be:b7:27:ec:7e:1b:eb:7d:30:2d:78:85:
f3:2f:ac:4e:8b:cd:7c:3d:f3:58:fd:aa:af:50:1d:29:c2:a6:
dc:01:70:1b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUQ8PUVTBlNuF/HYRaNSyYNQiRuKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzRaFw0yNTEyMTkxNTIzMzRaMDMxMTAvBgNV
BAMTKEZDNTJBRjc2Qjk3NTg3NDhFRTVDNUM1MEYxN0Y4RDQxOTZERUI5MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSiu3MRm8vsScVxGoEl/AWA7wC
cZD4ClGs/s87hFecGNdWDLtvnw5k682FJe/qGqgD1ZEpbLNhwm3K6hfUTA+q3C1H
nWHhhKVGoUbS5cucsxjmCQ6al92PjhEnc7YBccNum41uwkJ7bTW/F8CLqfTDV/NS
NnQhs+JN2DIp6c43S8IxME4RcWVClRYzdrCVw3TmlNjQDoD9vg4HUeTWkw4khg7Y
2zc5PC7ZnnOFtgkZgjXxTZo9YdlXeMh6rT5+Ri5016QQnMr8WZSf0UKqMEpfk1bL
ip7zFUPd57zcOrZEtHdpx8s1nydbMVy9Ux/9yAFEjkfCJGTln1DzwMymBw9vAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU/FKvdrl1h0juXFxQ8X+NQZbeuRgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM1MzIyZTM4Mzky
ZTM4MzgyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzNTM2MzMzNzM2LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCmFlYMA0GCSqGSIb3DQEBCwUAA4IBAQDBYTpyIVsJeXFUfNRnG/g1gV4ap5y1
CI9DJ8BgJXJhnDfmUstItsD3LiJx0rnNAwebX19GBcJoFAyMRpUAUh4rf8sFVjFA
/tKtbqhXPaQhVB344v1YyhmELOEKPm8A0IZFPhPty2NTNnC8kc20/SKgNUrq7M/s
YJz+gjiSXZvu9pMX6tx38cSbp9nixPZGAdC2WDebG1eongrvEwl/sy5ElbHRohxe
RvUzB73J4IZavR+SVKjqS/AQC61h7iy6DevJuKrypTp0X44TZEmC4SIgIJZo6QQ8
DTcVeZPKrNK+tyfsfhvrfTAteIXzL6xOi818PfNY/aqvUB0pwqbcAXAb
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:13:56 2025 by rpki-client