Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa
File: 3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: ThjnCAjy9oAa7ciSc9+piDAE8JZTmZbEGmNmFqWbbFg=
Subject key identifier: D1:13:56:18:84:EB:76:C3:E8:80:C1:0E:39:82:4E:0D:23:65:D1:96
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7DC12510E12345C7489903DFB2ADF7AA45D59E39
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa
Signing time: Thu 21 Nov 2024 14:44:19 +0000
ROA not before: Thu 21 Nov 2024 14:39:19 +0000
ROA not after: Thu 20 Nov 2025 14:44:19 +0000
asID: 147049
IP address blocks: 176.100.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:c1:25:10:e1:23:45:c7:48:99:03:df:b2:ad:f7:aa:45:d5:9e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 21 14:39:19 2024 GMT
Not After : Nov 20 14:44:19 2025 GMT
Subject: CN=D113561884EB76C3E880C10E39824E0D2365D196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:29:ba:3e:18:8f:9d:f0:aa:c9:cc:6e:8b:48:
79:9d:64:f3:4a:87:7c:69:76:59:f9:de:36:c1:9a:
ea:32:c3:8f:b9:ed:9a:67:16:2f:dd:7c:32:22:4e:
d3:57:0f:70:eb:68:fd:f5:ba:d7:a6:36:ed:7c:c7:
97:7b:91:24:02:25:3d:11:4c:3d:f6:5a:67:21:5c:
d5:ce:38:63:2b:7e:00:49:a1:46:9d:ca:85:10:80:
04:84:d4:23:20:3a:f1:b5:06:70:f4:05:0e:7a:c3:
4d:28:75:3a:64:b5:0f:46:4b:6c:ff:43:6f:0c:72:
f4:6a:e0:ea:04:c6:4a:1e:73:3f:23:a4:a2:96:00:
51:fc:79:36:ea:7a:ab:d3:04:c6:5c:ee:a7:83:17:
de:b8:2a:de:21:c2:a1:b5:d7:4d:4d:04:1d:4f:94:
67:9f:05:c5:56:ba:7f:af:62:48:87:45:7f:72:8c:
df:c7:b5:b6:e4:07:dd:69:95:5e:4b:db:5d:8e:73:
fd:9f:0e:88:45:71:54:58:64:fa:04:f9:5d:4c:47:
f5:a0:24:b6:05:c8:53:bb:d6:3c:cb:29:6e:ba:2b:
10:7c:55:e0:8c:d8:74:c6:63:e8:06:b1:e7:3e:35:
05:21:76:3b:9c:d4:84:0a:fb:a6:da:7a:fb:bd:42:
5c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:13:56:18:84:EB:76:C3:E8:80:C1:0E:39:82:4E:0D:23:65:D1:96
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3130302e34332e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.43.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:ea:39:88:d7:64:4f:2f:6b:4a:3d:39:fd:50:15:0e:1c:2d:
bd:75:96:7b:7d:e1:cc:09:69:3c:5a:8e:ef:e1:9f:d4:48:15:
af:06:28:b6:df:ac:fa:de:15:9a:10:a8:88:f5:25:95:ef:eb:
40:da:68:39:c0:e9:66:ed:b4:f8:b6:2d:26:93:c9:ab:7a:9a:
76:2b:80:c3:6c:b9:9b:1b:90:91:bc:bd:19:a7:30:5f:61:19:
f2:57:c8:cd:75:a1:bb:61:d9:38:a0:a2:0e:10:c5:2f:ad:6c:
2e:8b:56:2e:3d:51:29:db:f0:bf:bb:74:85:53:5f:00:e8:17:
67:18:80:47:a2:96:ee:af:fc:08:fd:64:04:36:e3:14:50:ca:
1a:89:e7:53:e3:d4:c8:d2:7d:b3:46:53:f2:b4:db:94:26:1e:
11:f0:0b:19:4d:00:20:85:51:2f:7e:6c:2e:31:75:61:4f:47:
e0:6d:40:52:28:2b:1b:64:f8:11:43:8c:bb:09:b3:23:52:3e:
c9:7b:c5:1f:a5:4c:4c:e2:d0:c3:d3:63:72:6f:ba:e0:aa:69:
61:7b:26:25:52:8f:03:09:50:81:f9:1e:48:21:18:31:84:c9:
cd:68:1e:58:9a:ed:59:c3:ae:30:7e:81:41:73:0c:f7:4d:6b:
58:0a:cf:e1
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfcElEOEjRcdImQPfsq33qkXVnjkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDExMjExNDM5MTlaFw0yNTExMjAxNDQ0MTlaMDMxMTAvBgNV
BAMTKEQxMTM1NjE4ODRFQjc2QzNFODgwQzEwRTM5ODI0RTBEMjM2NUQxOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDKbo+GI+d8KrJzG6LSHmdZPNK
h3xpdln53jbBmuoyw4+57ZpnFi/dfDIiTtNXD3DraP31utemNu18x5d7kSQCJT0R
TD32WmchXNXOOGMrfgBJoUadyoUQgASE1CMgOvG1BnD0BQ56w00odTpktQ9GS2z/
Q28McvRq4OoExkoecz8jpKKWAFH8eTbqeqvTBMZc7qeDF964Kt4hwqG1101NBB1P
lGefBcVWun+vYkiHRX9yjN/HtbbkB91plV5L212Oc/2fDohFcVRYZPoE+V1MR/Wg
JLYFyFO71jzLKW66KxB8VeCM2HTGY+gGsec+NQUhdjuc1IQK+6baevu9Qlw9AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU0RNWGITrdsPogMEOOYJODSNl0ZYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzYyZTMxMzAz
MDJlMzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALBkKzANBgkqhkiG9w0BAQsFAAOCAQEAzOo5iNdkTy9rSj05/VAVDhwt
vXWWe33hzAlpPFqO7+Gf1EgVrwYott+s+t4VmhCoiPUlle/rQNpoOcDpZu20+LYt
JpPJq3qadiuAw2y5mxuQkby9GacwX2EZ8lfIzXWhu2HZOKCiDhDFL61sLotWLj1R
Kdvwv7t0hVNfAOgXZxiAR6KW7q/8CP1kBDbjFFDKGonnU+PUyNJ9s0ZT8rTblCYe
EfALGU0AIIVRL35sLjF1YU9H4G1AUigrG2T4EUOMuwmzI1I+yXvFH6VMTOLQw9Nj
cm+64KppYXsmJVKPAwlQgfkeSCEYMYTJzWgeWJrtWcOuMH6BQXMM901rWArP4Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:10 2024 by rpki-client on console-fra.rpki-client.org