Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3136302e3233382e33362e302f32342d3234203d3e203437353833.roa
File: 3136302e3233382e33362e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: VNzgc9q1bHNA/h0zW4TqSFiC/HUvjQXiGqD85SWA9KE=
Subject key identifier: F5:EC:61:71:C7:89:FD:0F:3B:E0:49:F7:22:EE:6C:AC:EF:A4:92:D5
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4FB90D5A4133D09209D7A503CABEA4EFED23B971
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3136302e3233382e33362e302f32342d3234203d3e203437353833.roa
Signing time: Fri 27 Dec 2024 11:47:06 +0000
ROA not before: Fri 27 Dec 2024 11:42:06 +0000
ROA not after: Fri 26 Dec 2025 11:47:06 +0000
asID: 47583
IP address blocks: 160.238.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:b9:0d:5a:41:33:d0:92:09:d7:a5:03:ca:be:a4:ef:ed:23:b9:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:06 2024 GMT
Not After : Dec 26 11:47:06 2025 GMT
Subject: CN=F5EC6171C789FD0F3BE049F722EE6CACEFA492D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d9:d6:24:b2:65:26:45:27:56:2d:f1:ce:b3:
d6:32:64:f6:8d:9a:82:d8:84:43:a7:b0:9a:6a:93:
88:ae:84:d3:92:42:09:33:75:15:a1:75:f7:ff:11:
cf:fc:1c:a6:6d:43:4a:b6:32:67:2f:18:e8:6b:51:
29:e2:f8:bd:23:d6:54:b1:f9:70:4f:0d:43:6e:05:
25:2d:6e:a5:38:fa:b5:06:97:7b:a4:1e:2b:0c:27:
d3:5e:71:b7:28:a8:2a:ba:e9:c7:fe:59:8e:5b:9c:
0c:2b:8a:10:26:ed:c5:ef:37:b8:dd:cd:d1:f1:04:
71:e2:a6:97:44:a6:a1:ff:56:e7:90:46:89:f9:47:
a7:5d:45:28:85:1e:db:79:24:cc:29:63:a6:8c:d5:
99:7e:e3:13:db:3f:d0:b4:7d:a2:84:77:71:08:6b:
f5:d4:c0:e3:70:09:ae:3d:48:0d:a5:10:d4:f9:33:
22:9c:6f:63:1e:03:ff:ce:5a:9d:d8:36:0b:8e:6a:
ce:dc:62:a8:52:40:01:23:0c:2b:7c:c0:47:dc:8c:
87:b2:e0:4e:57:1e:d6:1d:52:82:71:15:69:72:e2:
fd:de:0b:8b:13:35:05:3b:2e:6d:ee:eb:08:35:fd:
a3:8c:ba:6a:b1:02:0f:ae:3c:53:83:a1:17:1a:d5:
b2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EC:61:71:C7:89:FD:0F:3B:E0:49:F7:22:EE:6C:AC:EF:A4:92:D5
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3136302e3233382e33362e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.238.36.0/24
Signature Algorithm: sha256WithRSAEncryption
85:0a:62:5e:ec:24:68:cf:da:3d:b6:f0:80:97:97:74:5f:bb:
c8:43:ca:77:a4:c1:4e:aa:84:9e:a1:2c:d5:64:10:dc:8e:5a:
e1:e7:74:03:a1:e0:07:7b:43:c4:25:5b:c7:c6:b0:ea:66:76:
3f:ec:57:b3:25:b5:71:f3:8d:de:ca:54:34:21:d9:2c:af:4b:
fc:4e:c0:c2:54:d9:5e:d5:0b:bc:5c:e6:9e:d1:ea:b2:88:a7:
ae:9c:42:5e:8e:88:51:a7:78:c8:76:65:f2:a7:4d:79:9a:71:
a0:75:0b:4c:6b:6e:aa:93:5c:67:83:dc:0b:97:67:c8:44:ca:
ce:5f:6a:b3:61:bd:4f:c9:e1:ee:ff:36:45:4c:6f:13:29:bb:
a0:0c:ba:5e:41:78:0b:fb:b3:06:f2:a0:b8:cd:3c:e4:4c:79:
e5:08:3b:e2:70:0a:87:2f:f4:fe:f0:be:f2:00:ad:04:4f:a7:
d9:50:55:12:30:8c:d0:67:be:45:72:f1:c9:e4:93:c8:a4:57:
e5:57:51:02:88:25:a3:8c:d9:4b:b5:82:d5:3b:c9:0d:13:c7:
02:da:e8:10:3c:fc:85:08:5c:ae:d4:1d:a2:20:ed:05:42:b6:
4e:79:91:9b:34:e7:bd:dc:89:32:75:aa:24:b9:9d:e4:9d:cc:
af:cc:d8:aa
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUT7kNWkEz0JIJ16UDyr6k7+0juXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMDZaFw0yNTEyMjYxMTQ3MDZaMDMxMTAvBgNV
BAMTKEY1RUM2MTcxQzc4OUZEMEYzQkUwNDlGNzIyRUU2Q0FDRUZBNDkyRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN2dYksmUmRSdWLfHOs9YyZPaN
moLYhEOnsJpqk4iuhNOSQgkzdRWhdff/Ec/8HKZtQ0q2MmcvGOhrUSni+L0j1lSx
+XBPDUNuBSUtbqU4+rUGl3ukHisMJ9NecbcoqCq66cf+WY5bnAwrihAm7cXvN7jd
zdHxBHHippdEpqH/VueQRon5R6ddRSiFHtt5JMwpY6aM1Zl+4xPbP9C0faKEd3EI
a/XUwONwCa49SA2lENT5MyKcb2MeA//OWp3YNguOas7cYqhSQAEjDCt8wEfcjIey
4E5XHtYdUoJxFWly4v3eC4sTNQU7Lm3u6wg1/aOMumqxAg+uPFODoRca1bK1AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU9exhcceJ/Q874En3Iu5srO+kktUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM2MzAyZTMyMzMz
ODJlMzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACg7iQwDQYJKoZIhvcNAQELBQADggEBAIUKYl7sJGjP2j228ICXl3Rfu8hD
ynekwU6qhJ6hLNVkENyOWuHndAOh4Ad7Q8QlW8fGsOpmdj/sV7MltXHzjd7KVDQh
2SyvS/xOwMJU2V7VC7xc5p7R6rKIp66cQl6OiFGneMh2ZfKnTXmacaB1C0xrbqqT
XGeD3AuXZ8hEys5farNhvU/J4e7/NkVMbxMpu6AMul5BeAv7swbyoLjNPORMeeUI
O+JwCocv9P7wvvIArQRPp9lQVRIwjNBnvkVy8cnkk8ikV+VXUQKIJaOM2Uu1gtU7
yQ0TxwLa6BA8/IUIXK7UHaIg7QVCtk55kZs0573ciTJ1qiS5neSdzK/M2Ko=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:42:14 2025 by rpki-client