Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa
File: 3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: 5cQX/AKm9DalELWXLYXcc5qbqAoqOUYhOP8x7WYw/dE=
Subject key identifier: 2D:97:33:CC:BC:C2:3B:11:0B:FE:DA:8B:BD:8E:55:58:3A:62:BB:37
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3BD59A8127DC6DD0110368396BF0E17AD00DBAC5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa
Signing time: Tue 25 Jun 2024 21:47:08 +0000
ROA not before: Tue 25 Jun 2024 21:42:08 +0000
ROA not after: Tue 24 Jun 2025 21:47:08 +0000
asID: 204170
IP address blocks: 157.97.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:d5:9a:81:27:dc:6d:d0:11:03:68:39:6b:f0:e1:7a:d0:0d:ba:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 25 21:42:08 2024 GMT
Not After : Jun 24 21:47:08 2025 GMT
Subject: CN=2D9733CCBCC23B110BFEDA8BBD8E55583A62BB37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:47:d4:02:c9:2e:e9:3a:18:d0:91:ab:db:7d:
6c:fd:22:6a:c6:01:56:15:36:2a:2d:29:51:ef:92:
91:50:be:ba:ec:83:ad:49:60:11:f0:f3:94:5b:42:
4d:23:18:41:ab:5e:f3:d3:ba:be:69:0b:64:45:09:
a9:7e:03:1c:35:8b:92:f5:ef:76:24:21:94:70:23:
73:da:0e:f8:ce:4e:84:f2:21:1c:2c:3e:6c:11:01:
31:0e:16:5d:8b:5c:40:11:8c:98:d8:01:80:9f:7f:
ec:90:e4:f4:26:5a:be:41:c1:5d:9e:f4:13:fc:31:
cc:d8:3c:be:53:6e:fc:85:19:af:50:0b:49:53:9f:
ca:89:85:48:34:d9:39:3d:8b:0b:ac:f3:4d:ec:c7:
f7:4b:ac:60:72:c4:17:fb:61:c1:20:a9:80:27:27:
13:d1:2e:19:1a:06:f7:34:46:34:fd:b1:70:6a:de:
3a:5c:66:8c:b0:31:4b:aa:c3:59:99:cf:3c:fd:45:
2d:e8:cc:93:4e:71:36:06:08:3a:f2:4a:0f:c8:3a:
8c:f7:5c:e9:48:6b:78:0e:be:c1:03:ba:d5:b1:6e:
74:0d:7a:ee:69:3f:cd:45:e0:dc:7d:d7:4c:ea:62:
2e:49:a2:f8:d4:e0:66:8e:eb:4f:83:7d:7b:f8:89:
20:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:97:33:CC:BC:C2:3B:11:0B:FE:DA:8B:BD:8E:55:58:3A:62:BB:37
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3135372e39372e3133332e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.133.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:c1:94:91:cb:3b:8d:11:f0:01:06:d0:69:fa:e4:ec:5e:0e:
74:ff:7a:dc:ba:d1:d2:56:4e:0c:39:35:b7:25:1b:0d:e3:0e:
12:70:5f:e9:a5:d1:7a:d4:22:63:3f:5e:5d:94:5a:18:d0:0c:
a7:70:86:85:c6:9a:27:fb:20:d9:b5:a8:e1:92:02:85:e7:b4:
87:80:99:49:7c:99:5f:fb:5d:68:7b:42:45:0f:dd:7c:81:a1:
6c:45:47:b6:f7:89:be:ee:23:39:c4:56:8d:a4:0f:5f:6d:ef:
eb:45:11:04:da:df:99:18:11:ab:f7:61:ae:76:08:18:91:2f:
73:4a:55:76:86:13:72:78:47:25:9b:d0:52:17:46:00:77:c9:
82:08:ed:ed:e5:1c:a5:76:57:2b:fc:42:11:2e:53:af:26:98:
e1:c0:38:22:1d:a9:10:ee:2c:2d:c7:eb:6e:71:55:d2:82:51:
15:3d:42:e8:dd:0b:b3:d6:0c:63:83:5b:14:5e:02:20:17:f6:
35:ce:d5:54:48:48:06:48:b9:87:50:95:65:8b:1c:38:c5:bf:
7a:0a:4e:ce:9e:84:c2:e6:ba:0f:b4:7b:aa:12:bf:4e:8e:c9:
34:b2:2d:eb:f8:49:3c:f3:f3:bb:c3:df:50:26:33:3c:b9:3c:
6b:d2:99:eb
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUO9WagSfcbdARA2g5a/DhetANusUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA2MjUyMTQyMDhaFw0yNTA2MjQyMTQ3MDhaMDMxMTAvBgNV
BAMTKDJEOTczM0NDQkNDMjNCMTEwQkZFREE4QkJEOEU1NTU4M0E2MkJCMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGR9QCyS7pOhjQkavbfWz9ImrG
AVYVNiotKVHvkpFQvrrsg61JYBHw85RbQk0jGEGrXvPTur5pC2RFCal+Axw1i5L1
73YkIZRwI3PaDvjOToTyIRwsPmwRATEOFl2LXEARjJjYAYCff+yQ5PQmWr5BwV2e
9BP8MczYPL5TbvyFGa9QC0lTn8qJhUg02Tk9iwus803sx/dLrGByxBf7YcEgqYAn
JxPRLhkaBvc0RjT9sXBq3jpcZoywMUuqw1mZzzz9RS3ozJNOcTYGCDrySg/IOoz3
XOlIa3gOvsEDutWxbnQNeu5pP81F4Nx910zqYi5JovjU4GaO60+DfXv4iSBhAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQULZczzLzCOxEL/tqLvY5VWDpiuzcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM1MzcyZTM5Mzcy
ZTMxMzMzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAJ1hhTANBgkqhkiG9w0BAQsFAAOCAQEACsGUkcs7jRHwAQbQafrk7F4O
dP963LrR0lZODDk1tyUbDeMOEnBf6aXRetQiYz9eXZRaGNAMp3CGhcaaJ/sg2bWo
4ZIChee0h4CZSXyZX/tdaHtCRQ/dfIGhbEVHtveJvu4jOcRWjaQPX23v60URBNrf
mRgRq/dhrnYIGJEvc0pVdoYTcnhHJZvQUhdGAHfJggjt7eUcpXZXK/xCES5TryaY
4cA4Ih2pEO4sLcfrbnFV0oJRFT1C6N0Ls9YMY4NbFF4CIBf2Nc7VVEhIBki5h1CV
ZYscOMW/egpOzp6Ewua6D7R7qhK/To7JNLIt6/hJPPPzu8PfUCYzPLk8a9KZ6w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:07:17 2024 by rpki-client on console-ams.rpki-client.org