Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135332e39322e34302e302f32342d3234203d3e20313437303439.roa
File: 3135332e39322e34302e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: EOyMGmmM0mY7AKO5HaQLt5aFoQokxNoO6554TlV+ZoQ=
Subject key identifier: A8:57:7E:38:92:87:E5:A3:68:D8:A4:D6:24:42:02:10:06:40:37:76
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 76582892F1A959C9E43792219D8F184B1948B497
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135332e39322e34302e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 27 Jan 2025 09:44:53 +0000
ROA not before: Mon 27 Jan 2025 09:39:53 +0000
ROA not after: Mon 26 Jan 2026 09:44:53 +0000
asID: 147049
IP address blocks: 153.92.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:58:28:92:f1:a9:59:c9:e4:37:92:21:9d:8f:18:4b:19:48:b4:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:53 2025 GMT
Not After : Jan 26 09:44:53 2026 GMT
Subject: CN=A8577E389287E5A368D8A4D62442021006403776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:31:68:f6:d8:76:f7:26:e3:8f:7f:bc:c3:68:
0f:5e:c3:f3:f2:b0:11:8b:67:dd:85:aa:d3:f1:42:
8a:82:10:3e:65:b6:9f:b7:f4:25:58:ee:ba:bf:97:
4c:67:de:0f:26:30:c2:ca:ab:67:e9:b8:52:1b:19:
31:75:a0:3c:ba:71:7d:d4:89:b4:c6:92:db:cb:91:
1b:d7:dd:ae:c3:a2:6b:47:99:8f:db:5f:bc:f4:3a:
a4:0a:5f:43:c4:8d:8b:2b:af:0e:e4:52:d8:19:00:
6b:ea:5c:93:f7:af:f1:aa:17:e3:5b:53:02:e5:b2:
2f:06:53:58:f9:06:c3:45:0f:bd:ec:b5:ea:9e:c4:
54:b6:b2:48:34:bd:20:ef:ee:64:9d:f5:ab:75:b7:
5f:fc:94:07:6d:ec:39:4d:74:1e:6c:c8:d3:d4:b4:
24:1a:44:09:79:a6:7d:ae:3e:c2:60:80:b2:cd:d8:
1c:86:50:ac:3b:f0:62:ec:c3:f6:8c:26:1e:7e:05:
d6:ed:d0:64:37:b2:c9:d2:a8:e2:5e:3c:de:4f:44:
ac:d1:e9:4f:f3:7c:12:1c:f1:41:e7:3b:f5:da:c9:
73:5d:53:ac:3b:c5:69:6b:8b:fa:a6:4c:d2:56:60:
a5:a3:a3:d3:0a:95:70:08:58:7e:78:9e:0e:69:a3:
7f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:57:7E:38:92:87:E5:A3:68:D8:A4:D6:24:42:02:10:06:40:37:76
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135332e39322e34302e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.40.0/24
Signature Algorithm: sha256WithRSAEncryption
11:d0:de:09:70:5b:03:0d:82:57:be:40:b2:93:f0:37:c2:b7:
8f:c7:5c:0c:ca:da:cb:78:9b:79:f4:8b:f1:a1:58:02:25:37:
7c:ae:c9:fe:fc:19:b0:98:f0:91:82:63:6f:cf:c4:e2:68:51:
67:b2:5b:27:4e:75:53:c2:5c:e4:6f:13:c8:ae:80:97:9a:65:
6c:73:59:ec:f9:b0:b7:38:aa:3f:f4:8e:53:9d:98:9a:a2:a5:
6b:81:aa:61:b8:16:f9:78:60:09:e7:bc:10:1a:fe:1b:f4:d6:
ee:93:c5:b9:36:31:6c:0e:a8:81:13:ed:23:89:17:f5:ca:4a:
20:a2:b1:f7:ee:67:2c:11:bb:f2:18:9e:6a:77:6b:11:11:59:
c5:a9:22:f6:4a:20:56:53:ba:93:f3:89:27:ba:88:62:81:ff:
81:b8:54:c6:ed:e5:1d:f3:ae:c3:09:51:f8:6a:18:ed:67:ba:
73:29:78:e1:d5:95:88:fb:c9:f4:79:4f:7d:a6:99:64:54:35:
0c:e7:f0:70:af:e6:64:67:7d:4d:5f:9b:8b:dd:f1:1d:d8:c7:
c7:3b:40:e0:2d:00:9d:53:c8:25:21:ae:aa:2a:9c:f5:f2:7e:
36:cd:5d:bd:ff:de:21:6f:68:7c:f6:4b:77:3d:2d:a8:e7:17:
f4:78:35:bb
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUdlgokvGpWcnkN5IhnY8YSxlItJcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTNaFw0yNjAxMjYwOTQ0NTNaMDMxMTAvBgNV
BAMTKEE4NTc3RTM4OTI4N0U1QTM2OEQ4QTRENjI0NDIwMjEwMDY0MDM3NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcMWj22Hb3JuOPf7zDaA9ew/Py
sBGLZ92FqtPxQoqCED5ltp+39CVY7rq/l0xn3g8mMMLKq2fpuFIbGTF1oDy6cX3U
ibTGktvLkRvX3a7DomtHmY/bX7z0OqQKX0PEjYsrrw7kUtgZAGvqXJP3r/GqF+Nb
UwLlsi8GU1j5BsNFD73steqexFS2skg0vSDv7mSd9at1t1/8lAdt7DlNdB5syNPU
tCQaRAl5pn2uPsJggLLN2ByGUKw78GLsw/aMJh5+Bdbt0GQ3ssnSqOJePN5PRKzR
6U/zfBIc8UHnO/XayXNdU6w7xWlri/qmTNJWYKWjo9MKlXAIWH54ng5po3/nAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUqFd+OJKH5aNo2KTWJEICEAZAN3YwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM1MzMyZTM5MzIy
ZTM0MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM0Mzkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACZXCgwDQYJKoZIhvcNAQELBQADggEBABHQ3glwWwMNgle+QLKT8DfCt4/H
XAzK2st4m3n0i/GhWAIlN3yuyf78GbCY8JGCY2/PxOJoUWeyWydOdVPCXORvE8iu
gJeaZWxzWez5sLc4qj/0jlOdmJqipWuBqmG4Fvl4YAnnvBAa/hv01u6Txbk2MWwO
qIET7SOJF/XKSiCisffuZywRu/IYnmp3axERWcWpIvZKIFZTupPziSe6iGKB/4G4
VMbt5R3zrsMJUfhqGO1nunMpeOHVlYj7yfR5T32mmWRUNQzn8HCv5mRnfU1fm4vd
8R3Yx8c7QOAtAJ1TyCUhrqoqnPXyfjbNXb3/3iFvaHz2S3c9LajnF/R4Nbs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:31:33 2025 by rpki-client