Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa
File: 3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: cYJTU0575sMMvwZFEmSMKgnaClUqJ2sNRv+mStMg7BI=
Subject key identifier: 44:73:90:01:DF:28:07:2A:DA:03:41:22:2E:44:F5:41:41:48:4D:95
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 79AF1CFAC8B651770F992EBB0B3C7FE7F960C54D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa
Signing time: Thu 21 Dec 2023 14:10:26 +0000
ROA not before: Thu 21 Dec 2023 14:05:26 +0000
ROA not after: Thu 19 Dec 2024 14:10:26 +0000
asID: 147049
IP address blocks: 176.100.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:af:1c:fa:c8:b6:51:77:0f:99:2e:bb:0b:3c:7f:e7:f9:60:c5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 21 14:05:26 2023 GMT
Not After : Dec 19 14:10:26 2024 GMT
Subject: CN=44739001DF28072ADA0341222E44F54141484D95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d5:42:e9:66:e2:60:ed:01:c7:fc:2a:fa:54:
fb:fc:c2:c8:e9:6e:1c:36:35:e0:f4:e5:d8:95:18:
1d:7b:87:1e:87:7f:62:20:73:ef:25:4b:28:50:15:
86:f9:7b:51:6e:6f:f8:c4:e9:0f:10:83:13:45:0e:
6d:e6:2a:7a:fd:64:f7:e8:eb:f0:0e:5a:d1:e4:b6:
99:9b:f1:3c:06:3b:ed:64:df:5b:2a:60:58:4d:ce:
f3:11:5f:23:ec:7d:33:77:9c:f8:b1:6a:31:6a:c8:
5d:28:49:fb:c1:6c:1d:b8:c2:9a:0f:73:54:b4:e2:
e9:65:32:b1:95:e6:91:c3:db:ad:90:85:5f:65:48:
a0:5d:ea:1b:f5:74:e5:22:ab:e3:19:b3:08:f7:13:
53:a5:c5:7d:7a:30:77:c5:8d:d6:a2:2d:2a:b4:4a:
8d:18:37:49:39:e5:83:07:04:ce:02:72:cd:fb:21:
85:72:95:13:6c:5d:c5:fc:d4:79:bd:92:f3:c7:78:
10:a6:a4:98:85:cd:e0:81:de:45:5a:66:7c:8b:0a:
d8:08:7f:b7:40:ed:29:d4:e5:7e:d8:fc:eb:55:f3:
42:f6:13:ee:46:ea:ce:77:46:22:17:fa:6f:51:31:
8b:5f:fa:a2:d2:79:ff:e0:aa:f2:16:05:d7:77:61:
12:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:73:90:01:DF:28:07:2A:DA:03:41:22:2E:44:F5:41:41:48:4D:95
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.43.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e4:b5:d7:4d:c6:0f:55:2b:09:3b:9a:4d:13:f0:50:3c:ef:
cd:a7:20:1b:4e:61:5b:ed:88:17:60:83:51:fd:65:b0:51:24:
0f:f2:06:9c:d3:0a:8d:53:13:e2:2f:01:06:0f:a5:71:29:12:
69:7f:44:02:96:0c:29:8f:e9:cc:7a:19:a1:5f:b7:c6:2e:9e:
c4:52:d4:d6:1b:d4:41:1d:1b:d6:7f:7e:e7:02:d4:53:ee:49:
e4:f9:21:05:6f:ec:81:80:62:7c:51:a4:c9:56:7b:8c:7b:56:
f9:77:94:bd:d6:8d:cc:e3:2e:95:f9:21:7a:5e:3b:00:46:07:
4b:15:cd:7f:68:e5:7f:2a:c0:42:4c:0b:ef:cd:8a:98:86:3d:
fa:1c:f4:e7:eb:8f:a6:f2:56:f9:c2:04:fc:64:9a:37:db:28:
fc:2e:67:b5:7f:77:0a:53:a5:45:ca:97:be:ab:37:8c:a5:76:
23:b8:eb:37:4e:bb:64:f0:1d:88:6e:3f:ab:dc:61:90:c7:e0:
c5:4a:16:bb:5c:7f:b8:c4:88:c2:f4:45:55:5a:87:79:ca:c4:
d0:63:45:cf:b3:86:77:33:a5:f4:c7:19:4b:e5:bb:66:e4:3e:
66:cf:09:33:5a:d0:10:db:c0:2f:5b:62:6f:5b:a6:58:c1:8d:
df:74:fe:60
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUea8c+si2UXcPmS67Czx/5/lgxU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yMzEyMjExNDA1MjZaFw0yNDEyMTkxNDEwMjZaMDMxMTAvBgNV
BAMTKDQ0NzM5MDAxREYyODA3MkFEQTAzNDEyMjJFNDRGNTQxNDE0ODREOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE1ULpZuJg7QHH/Cr6VPv8wsjp
bhw2NeD05diVGB17hx6Hf2Igc+8lSyhQFYb5e1Fub/jE6Q8QgxNFDm3mKnr9ZPfo
6/AOWtHktpmb8TwGO+1k31sqYFhNzvMRXyPsfTN3nPixajFqyF0oSfvBbB24wpoP
c1S04ullMrGV5pHD262QhV9lSKBd6hv1dOUiq+MZswj3E1OlxX16MHfFjdaiLSq0
So0YN0k55YMHBM4Ccs37IYVylRNsXcX81Hm9kvPHeBCmpJiFzeCB3kVaZnyLCtgI
f7dA7SnU5X7Y/OtV80L2E+5G6s53RiIX+m9RMYtf+qLSef/gqvIWBdd3YRJtAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQURHOQAd8oByraA0EiLkT1QUFITZUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzYyZTMxMzAz
MDJlMzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALBkKzANBgkqhkiG9w0BAQsFAAOCAQEATeS1103GD1UrCTuaTRPwUDzv
zacgG05hW+2IF2CDUf1lsFEkD/IGnNMKjVMT4i8BBg+lcSkSaX9EApYMKY/pzHoZ
oV+3xi6exFLU1hvUQR0b1n9+5wLUU+5J5PkhBW/sgYBifFGkyVZ7jHtW+XeUvdaN
zOMulfkhel47AEYHSxXNf2jlfyrAQkwL782KmIY9+hz05+uPpvJW+cIE/GSaN9so
/C5ntX93ClOlRcqXvqs3jKV2I7jrN067ZPAdiG4/q9xhkMfgxUoWu1x/uMSIwvRF
VVqHecrE0GNFz7OGdzOl9McZS+W7ZuQ+Zs8JM1rQENvAL1tib1umWMGN33T+YA==
-----END CERTIFICATE-----
Generated at Sun May 19 18:41:23 2024 by rpki-client on console-ams.rpki-client.org