Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e39372e3230362e302f32342d3234203d3e20313336373837.roa
File: 3137362e39372e3230362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: E3ctbyXjAlyEY5+m8wkagj6LpYuKViw/0z7sKz8I04Y=
Subject key identifier: 4D:8D:53:AB:4A:B3:85:3D:54:8E:0C:0C:EA:AB:03:5C:58:0E:97:25
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 09DE740AE51AFEC4E5AC995978092EB7DD6A97B1
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e39372e3230362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:19 +0000
ROA not before: Fri 27 Dec 2024 11:42:19 +0000
ROA not after: Fri 26 Dec 2025 11:47:19 +0000
asID: 136787
IP address blocks: 176.97.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:de:74:0a:e5:1a:fe:c4:e5:ac:99:59:78:09:2e:b7:dd:6a:97:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:19 2024 GMT
Not After : Dec 26 11:47:19 2025 GMT
Subject: CN=4D8D53AB4AB3853D548E0C0CEAAB035C580E9725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d8:51:14:1d:ef:f6:8f:e1:4e:5b:58:18:c7:
c8:de:22:a8:00:82:bc:85:66:23:92:da:37:22:0f:
a3:d7:b0:21:1e:c8:50:63:65:be:a5:49:37:0f:bf:
36:ca:3e:2f:b8:5c:c6:08:8b:9d:b0:ae:f0:ed:4a:
bd:dc:32:fe:70:6a:c9:d8:5d:37:5f:fd:a9:66:47:
d0:0a:17:a7:1d:e6:25:5d:79:a4:de:09:57:42:ed:
a2:04:0c:ba:1c:06:a0:a5:81:91:1a:8d:a5:0d:e5:
e6:d8:1a:68:85:bb:10:0d:ac:8a:3b:97:a9:e2:7b:
95:71:39:f8:c2:76:09:08:73:f7:a5:21:56:20:f8:
3b:20:2a:0f:e4:90:87:16:fd:22:e9:53:63:84:36:
a4:8a:25:c0:f7:c7:ba:e7:5e:0f:6a:a1:bf:87:6e:
58:36:a2:f4:a2:b3:81:c0:1e:23:df:f2:3d:7c:0c:
00:10:92:0a:aa:0f:70:ae:2f:41:58:0e:7c:08:e4:
a5:fa:e2:35:5e:11:73:f6:b0:d3:aa:6f:75:2c:4d:
f9:35:70:bc:7e:6a:71:d0:f0:dc:7e:59:31:78:52:
17:ab:cb:bf:16:c1:49:40:4d:44:19:e6:e2:68:c8:
5a:b2:41:7b:13:46:d1:97:bc:12:14:e3:9e:30:11:
c2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:8D:53:AB:4A:B3:85:3D:54:8E:0C:0C:EA:AB:03:5C:58:0E:97:25
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e39372e3230362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.206.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:fb:e8:c1:15:26:69:37:c3:24:c3:16:ad:e2:6c:ac:fc:90:
31:1d:41:f6:ca:40:d5:15:03:fe:76:b1:69:33:56:88:93:b5:
3b:67:5b:dc:db:ba:c9:5d:c0:4f:60:4b:ec:79:79:1c:ff:70:
5d:34:a1:71:bd:66:d7:3f:8a:55:4c:3c:d7:77:43:9f:d4:98:
27:58:12:d2:81:15:8f:2b:b8:31:38:d3:a1:70:ef:f8:d8:11:
9f:54:35:fc:c4:ca:c1:c6:34:c9:52:bf:8f:be:8e:e3:95:ad:
ff:30:9a:bf:65:96:01:28:c2:41:5f:42:bf:f5:56:77:26:40:
e4:ed:5c:21:87:d7:4f:3b:2b:5f:12:31:89:97:46:3e:ca:93:
a8:e4:e7:ae:3c:58:1a:0e:46:6d:03:b3:88:15:8f:eb:f5:a1:
24:b9:61:73:43:c3:26:67:36:ae:d9:ba:7a:50:33:3d:b1:f3:
fd:8a:04:83:65:3f:4d:4b:db:4a:3a:71:44:36:80:59:4b:cb:
67:3a:bf:95:5c:ed:a4:b9:69:fc:84:d9:40:80:de:4d:43:62:
c5:5c:42:25:f2:6b:98:53:f6:29:c0:05:b5:cd:a6:b0:bd:b8:
af:a3:76:c1:89:42:0a:8d:5b:62:aa:90:69:d0:37:41:8e:b7:
a0:c7:ed:d2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUCd50CuUa/sTlrJlZeAkut91ql7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTlaFw0yNTEyMjYxMTQ3MTlaMDMxMTAvBgNV
BAMTKDREOEQ1M0FCNEFCMzg1M0Q1NDhFMEMwQ0VBQUIwMzVDNTgwRTk3MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF2FEUHe/2j+FOW1gYx8jeIqgA
gryFZiOS2jciD6PXsCEeyFBjZb6lSTcPvzbKPi+4XMYIi52wrvDtSr3cMv5wasnY
XTdf/almR9AKF6cd5iVdeaTeCVdC7aIEDLocBqClgZEajaUN5ebYGmiFuxANrIo7
l6nie5VxOfjCdgkIc/elIVYg+DsgKg/kkIcW/SLpU2OENqSKJcD3x7rnXg9qob+H
blg2ovSis4HAHiPf8j18DAAQkgqqD3CuL0FYDnwI5KX64jVeEXP2sNOqb3UsTfk1
cLx+anHQ8Nx+WTF4Uhery78WwUlATUQZ5uJoyFqyQXsTRtGXvBIU454wEcLVAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUTY1Tq0qzhT1UjgwM6qsDXFgOlyUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzYyZTM5Mzcy
ZTMyMzAzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALBhzjANBgkqhkiG9w0BAQsFAAOCAQEAe/vowRUmaTfDJMMWreJsrPyQ
MR1B9spA1RUD/naxaTNWiJO1O2db3Nu6yV3AT2BL7Hl5HP9wXTShcb1m1z+KVUw8
13dDn9SYJ1gS0oEVjyu4MTjToXDv+NgRn1Q1/MTKwcY0yVK/j76O45Wt/zCav2WW
ASjCQV9Cv/VWdyZA5O1cIYfXTzsrXxIxiZdGPsqTqOTnrjxYGg5GbQOziBWP6/Wh
JLlhc0PDJmc2rtm6elAzPbHz/YoEg2U/TUvbSjpxRDaAWUvLZzq/lVztpLlp/ITZ
QIDeTUNixVxCJfJrmFP2KcAFtc2msL24r6N2wYlCCo1bYqqQadA3QY63oMft0g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:51:07 2025 by rpki-client