Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa
File: 3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: zJjVmmrzgsTrmmOnie2JY21v8r5c6KnYDW0FVwY14Hs=
Subject key identifier: 89:E6:4B:84:17:F2:86:78:7E:B4:F2:92:7E:5A:E7:92:AE:4A:13:C2
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5954DA6DB31257E78DF2965374FFFA8AB029FB3C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa
Signing time: Fri 27 Dec 2024 11:47:20 +0000
ROA not before: Fri 27 Dec 2024 11:42:20 +0000
ROA not after: Fri 26 Dec 2025 11:47:20 +0000
asID: 209854
IP address blocks: 176.227.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:54:da:6d:b3:12:57:e7:8d:f2:96:53:74:ff:fa:8a:b0:29:fb:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:20 2024 GMT
Not After : Dec 26 11:47:20 2025 GMT
Subject: CN=89E64B8417F286787EB4F2927E5AE792AE4A13C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7b:28:2a:b3:03:d7:22:b4:0a:50:8e:ea:94:
3e:f4:f4:8a:e1:f6:a0:d9:70:d2:93:df:aa:76:2a:
5c:05:75:bd:35:ba:d9:1c:fd:86:1d:11:6c:a5:f8:
c5:7c:5b:40:60:66:e6:f0:dd:3c:7c:8b:bf:01:79:
f9:6c:4f:74:5d:bc:8e:e0:a6:67:c8:4a:8a:4d:3f:
3b:da:39:1c:42:63:df:1f:b5:87:fd:63:9c:0b:39:
22:62:51:1e:4a:7a:51:a1:06:fd:1e:5b:09:bd:2f:
1b:57:1c:07:0a:b3:f5:a6:96:56:28:7f:62:e5:06:
ca:17:28:bd:4c:91:4b:43:0d:fc:9e:50:0e:8c:17:
74:06:7f:f9:2c:36:f6:39:3a:49:31:12:85:54:8d:
72:e5:66:3c:7f:b4:7f:4d:90:9a:83:0b:70:ee:65:
68:5b:22:db:34:12:57:91:4d:8e:1d:16:93:96:60:
a3:52:26:e0:e3:b0:35:47:17:d3:cf:b3:96:ed:5a:
63:5e:63:21:6d:a2:be:4d:54:e6:04:b4:63:2c:cd:
74:aa:9e:ae:d6:0a:a6:48:b6:8e:24:39:31:9b:b3:
0e:52:68:88:1b:fd:1e:27:46:c5:18:69:83:fb:90:
df:da:94:e5:df:db:bf:cd:a6:27:f8:d7:e9:2b:18:
11:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E6:4B:84:17:F2:86:78:7E:B4:F2:92:7E:5A:E7:92:AE:4A:13:C2
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.227.240.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:d2:f0:21:77:57:d0:fc:ea:2a:0e:04:d5:71:77:fd:0f:88:
98:0c:7b:14:e6:77:ee:96:07:fe:62:42:4d:cb:c9:f3:ba:b9:
69:16:bf:64:b5:3a:0b:a0:6c:2c:36:d7:52:58:64:74:1a:51:
4f:a5:7c:94:9b:39:78:c8:f4:5d:66:55:7b:88:26:9a:00:9f:
59:02:de:80:2d:d5:c0:32:d2:b6:23:ac:e0:be:87:90:e4:90:
a8:b6:21:11:9f:db:c2:d0:f0:23:6d:99:d8:db:47:47:2e:4d:
17:d3:fa:fc:cd:a7:cd:5e:d6:0e:15:98:63:c6:89:26:1c:c3:
bf:6c:ff:c7:65:e9:6d:d1:8a:81:f4:f7:3f:e7:c8:e9:15:25:
91:aa:38:d9:c3:c9:83:af:06:8d:48:d0:37:f6:27:43:c0:7c:
9f:29:c6:d2:80:99:4c:c8:4f:a2:d1:94:58:0a:81:43:20:87:
db:74:f0:a9:cf:30:c1:bc:27:5d:4a:0e:2e:9b:9c:e4:d4:3b:
46:7d:5e:17:d8:97:14:a9:74:ae:58:85:3f:2b:f7:ff:f7:46:
b6:6e:25:55:5d:1d:f5:a0:8d:9a:f6:54:65:d5:4a:fa:98:54:
9d:1d:c7:de:a4:c5:7b:8a:d2:06:25:ed:f8:b5:a2:ab:a5:17:
86:3c:d6:8e
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUWVTabbMSV+eN8pZTdP/6irAp+zwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjBaFw0yNTEyMjYxMTQ3MjBaMDMxMTAvBgNV
BAMTKDg5RTY0Qjg0MTdGMjg2Nzg3RUI0RjI5MjdFNUFFNzkyQUU0QTEzQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmeygqswPXIrQKUI7qlD709Irh
9qDZcNKT36p2KlwFdb01utkc/YYdEWyl+MV8W0BgZubw3Tx8i78BeflsT3RdvI7g
pmfISopNPzvaORxCY98ftYf9Y5wLOSJiUR5KelGhBv0eWwm9LxtXHAcKs/WmllYo
f2LlBsoXKL1MkUtDDfyeUA6MF3QGf/ksNvY5OkkxEoVUjXLlZjx/tH9NkJqDC3Du
ZWhbIts0EleRTY4dFpOWYKNSJuDjsDVHF9PPs5btWmNeYyFtor5NVOYEtGMszXSq
nq7WCqZIto4kOTGbsw5SaIgb/R4nRsUYaYP7kN/alOXf27/Npif41+krGBGXAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUieZLhBfyhnh+tPKSflrnkq5KE8IwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzYyZTMyMzIz
NzJlMzIzNDMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzgzNTM0LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAsOPwMA0GCSqGSIb3DQEBCwUAA4IBAQCN0vAhd1fQ/OoqDgTVcXf9
D4iYDHsU5nfulgf+YkJNy8nzurlpFr9ktToLoGwsNtdSWGR0GlFPpXyUmzl4yPRd
ZlV7iCaaAJ9ZAt6ALdXAMtK2I6zgvoeQ5JCotiERn9vC0PAjbZnY20dHLk0X0/r8
zafNXtYOFZhjxokmHMO/bP/HZelt0YqB9Pc/58jpFSWRqjjZw8mDrwaNSNA39idD
wHyfKcbSgJlMyE+i0ZRYCoFDIIfbdPCpzzDBvCddSg4um5zk1DtGfV4X2JcUqXSu
WIU/K/f/90a2biVVXR31oI2a9lRl1Ur6mFSdHcfepMV7itIGJe34taKrpReGPNaO
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:44:56 2025 by rpki-client