Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3232372e3234332e302f32342d3234203d3e20313437303439.roa
File: 3137362e3232372e3234332e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: M4vaTfXLq1O+fYDi8bPE4aKYet30m/t9+CLHa2jdmvk=
Subject key identifier: 6E:41:A7:71:39:F5:5F:80:D7:8E:1B:5F:7E:C7:57:B1:AB:FC:1E:B4
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5D78E899E6222FBF2E2640EE24E3285AD19AE6D0
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3232372e3234332e302f32342d3234203d3e20313437303439.roa
Signing time: Fri 27 Dec 2024 11:47:15 +0000
ROA not before: Fri 27 Dec 2024 11:42:15 +0000
ROA not after: Fri 26 Dec 2025 11:47:15 +0000
asID: 147049
IP address blocks: 176.227.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:78:e8:99:e6:22:2f:bf:2e:26:40:ee:24:e3:28:5a:d1:9a:e6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:15 2024 GMT
Not After : Dec 26 11:47:15 2025 GMT
Subject: CN=6E41A77139F55F80D78E1B5F7EC757B1ABFC1EB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:96:2a:bd:54:54:b7:46:cd:11:3c:37:b7:06:
13:86:b7:e8:b0:7d:98:74:e7:2a:43:2a:0c:cc:3c:
66:9f:ad:6d:27:de:c7:a6:1e:9b:ff:f3:ac:93:39:
69:80:66:cb:da:f2:7f:2b:bc:33:2f:fb:c6:ff:62:
ee:a0:9d:5f:8a:34:cc:89:52:59:6c:d6:a9:ee:a0:
71:63:90:02:ec:ad:16:3c:d7:cd:ad:c5:b2:00:54:
e1:56:ce:fe:67:46:32:36:dd:57:b1:ec:37:b2:fe:
64:98:0c:86:69:5d:d0:1c:55:57:6d:f1:2f:89:e1:
96:98:7f:0c:1b:51:43:b7:49:a0:8c:f7:30:da:2c:
b0:5b:40:85:b3:06:2c:b6:47:cc:6c:59:29:ca:c4:
fb:60:a2:da:82:4e:5d:72:19:55:59:95:0f:a3:b7:
32:61:fa:53:33:e0:2a:bd:28:31:f0:d4:4b:c9:a3:
7d:49:1e:64:29:13:6f:f7:a9:ce:92:c1:85:7b:eb:
b0:a3:d8:82:68:37:5b:47:9a:bd:a7:7a:5d:96:68:
fd:96:cc:33:2e:66:53:1b:9f:9b:22:b2:f7:b3:3a:
d8:90:0a:a2:7f:cf:3c:83:80:9d:61:77:9e:4a:a4:
68:f9:b2:d7:0a:a8:2f:ee:77:0e:44:fe:26:cf:5c:
62:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:41:A7:71:39:F5:5F:80:D7:8E:1B:5F:7E:C7:57:B1:AB:FC:1E:B4
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3232372e3234332e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.227.243.0/24
Signature Algorithm: sha256WithRSAEncryption
54:a3:65:c4:ec:7d:ab:a6:2c:4a:af:08:a6:69:e1:37:d5:fd:
30:5b:a9:4d:f4:00:79:02:30:e0:1e:f1:2d:34:0a:e8:54:59:
8a:11:b1:d7:0a:30:31:5d:11:62:ed:8d:65:05:4a:91:2f:ee:
f3:47:9b:00:1a:7e:40:4b:06:44:27:f3:f7:ef:15:f8:5e:a5:
3f:b7:25:df:e8:aa:8a:ba:ae:f1:10:08:46:0b:24:37:ff:7b:
de:48:54:a4:34:70:86:29:58:4f:97:5e:07:fb:49:37:a5:07:
68:18:4d:99:8d:9d:58:44:cb:97:75:90:2f:e5:c2:c7:2a:ef:
ed:1e:ac:84:b5:4b:b0:a3:fb:2f:3a:67:9d:81:ba:ae:3a:b6:
36:d2:1b:47:e3:4f:6c:ca:c7:1c:01:56:d8:93:72:24:1b:4d:
eb:91:33:c1:5e:cf:c9:e2:56:fc:3d:15:24:d6:d2:1f:1b:18:
75:7a:2b:02:11:0b:45:f9:13:5d:a4:76:5f:c9:8c:6d:21:a0:
87:d7:33:27:4a:af:58:dd:25:52:0e:ec:4c:9a:23:84:36:20:
14:9d:ea:33:04:5c:23:f3:ba:75:d0:a0:8a:db:4e:e2:33:5b:
4f:23:b2:27:a5:3e:a3:05:6a:0f:0e:07:35:bb:03:5e:f0:f9:
f8:96:01:d3
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUXXjomeYiL78uJkDuJOMoWtGa5tAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTVaFw0yNTEyMjYxMTQ3MTVaMDMxMTAvBgNV
BAMTKDZFNDFBNzcxMzlGNTVGODBENzhFMUI1RjdFQzc1N0IxQUJGQzFFQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcliq9VFS3Rs0RPDe3BhOGt+iw
fZh05ypDKgzMPGafrW0n3semHpv/86yTOWmAZsva8n8rvDMv+8b/Yu6gnV+KNMyJ
Ulls1qnuoHFjkALsrRY8182txbIAVOFWzv5nRjI23Vex7Dey/mSYDIZpXdAcVVdt
8S+J4ZaYfwwbUUO3SaCM9zDaLLBbQIWzBiy2R8xsWSnKxPtgotqCTl1yGVVZlQ+j
tzJh+lMz4Cq9KDHw1EvJo31JHmQpE2/3qc6SwYV767Cj2IJoN1tHmr2nel2WaP2W
zDMuZlMbn5sisvezOtiQCqJ/zzyDgJ1hd55KpGj5stcKqC/udw5E/ibPXGLLAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUbkGncTn1X4DXjhtffsdXsav8HrQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzYyZTMyMzIz
NzJlMzIzNDMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM3MzAzNDM5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAsOPzMA0GCSqGSIb3DQEBCwUAA4IBAQBUo2XE7H2rpixKrwimaeE3
1f0wW6lN9AB5AjDgHvEtNAroVFmKEbHXCjAxXRFi7Y1lBUqRL+7zR5sAGn5ASwZE
J/P37xX4XqU/tyXf6KqKuq7xEAhGCyQ3/3veSFSkNHCGKVhPl14H+0k3pQdoGE2Z
jZ1YRMuXdZAv5cLHKu/tHqyEtUuwo/svOmedgbquOrY20htH409sysccAVbYk3Ik
G03rkTPBXs/J4lb8PRUk1tIfGxh1eisCEQtF+RNdpHZfyYxtIaCH1zMnSq9Y3SVS
DuxMmiOENiAUneozBFwj87p10KCK207iM1tPI7InpT6jBWoPDgc1uwNe8Pn4lgHT
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:31:42 2025 by rpki-client