Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e39372e3230392e302f32342d3234203d3e20313336373837.roa
File: 3137362e39372e3230392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: grWaMIZLpaiIJIuXYqUQ1AUCt1a/12+1wyRSJlpeI6k=
Subject key identifier: B2:8F:AF:20:4D:52:96:E2:1D:A4:24:36:E9:E9:40:A5:C1:04:5F:F3
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 49B5D31E842176DC651AFF9C85AE6C06BDA9EF16
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e39372e3230392e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 21 Mar 2024 09:16:24 +0000
ROA not before: Thu 21 Mar 2024 09:11:24 +0000
ROA not after: Thu 20 Mar 2025 09:16:24 +0000
asID: 136787
IP address blocks: 176.97.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:b5:d3:1e:84:21:76:dc:65:1a:ff:9c:85:ae:6c:06:bd:a9:ef:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 21 09:11:24 2024 GMT
Not After : Mar 20 09:16:24 2025 GMT
Subject: CN=B28FAF204D5296E21DA42436E9E940A5C1045FF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:35:c9:6e:e1:5d:a1:41:13:00:29:df:38:8b:
36:73:5c:8c:2b:81:c6:a5:29:38:07:26:b0:5b:14:
60:05:d3:2c:2e:83:ee:1a:6f:84:da:ad:8c:b0:37:
82:6e:c1:73:03:97:e8:0f:2b:c7:17:c6:1d:ff:d7:
ff:88:d0:a9:5e:a3:e0:1b:b5:67:33:68:f7:15:d7:
4b:dc:8e:e0:1f:2a:b9:06:b2:26:cb:0a:18:f9:3d:
60:a0:6b:e6:1b:f4:59:13:1c:b4:25:ad:07:61:fd:
7f:6c:42:52:f2:dd:61:ba:15:fb:ab:bc:09:05:cb:
03:c3:96:b8:b1:ad:cb:ef:4a:0e:25:8a:a9:42:b7:
8f:c5:63:9d:b2:67:41:72:e1:31:b7:cf:80:23:09:
8e:92:ae:b4:a6:91:70:d4:86:0c:67:2d:76:ad:b4:
a9:d6:68:2b:03:9b:6a:03:8d:aa:9a:54:a5:4d:50:
bb:7c:d4:2c:fb:b6:81:da:e3:37:22:00:b2:a5:f5:
5b:62:62:98:1d:a1:12:1f:84:11:c4:63:0e:9d:9a:
60:64:4f:84:1b:eb:df:0d:1a:a9:54:48:f5:09:5e:
7e:49:7c:32:f3:a4:27:57:c8:02:78:34:f8:8b:63:
59:f3:90:55:56:95:0f:8a:e8:7a:bf:40:62:d4:e5:
42:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:8F:AF:20:4D:52:96:E2:1D:A4:24:36:E9:E9:40:A5:C1:04:5F:F3
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e39372e3230392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.209.0/24
Signature Algorithm: sha256WithRSAEncryption
e3:5f:4e:1b:0e:ee:9c:99:fd:08:7f:ae:b7:08:d7:e8:cd:71:
73:9b:62:55:3a:c6:e2:0e:84:99:d6:08:49:d6:31:79:24:de:
75:73:7f:67:0d:8a:06:7e:53:6f:11:bd:40:b9:8e:83:f6:8d:
a3:dc:09:43:8b:44:60:42:06:f2:18:fe:92:dc:f5:21:15:a1:
19:d4:b4:4e:e6:8f:5f:b5:3f:0c:4d:4e:32:94:b2:25:32:5a:
bb:24:13:ee:a9:b8:1b:d5:61:70:95:ef:3b:98:94:5b:9e:71:
bd:32:e3:3b:5b:96:bf:0d:69:03:36:a6:72:40:e4:40:d3:b8:
b8:f6:4b:8f:dc:40:ef:1d:da:f6:60:5d:ba:22:28:7b:3f:de:
9a:8c:b2:7d:f3:16:c5:9d:82:fd:ad:8c:35:81:f0:5c:a8:c6:
7f:72:4f:3d:68:45:e7:b9:bc:4d:20:c3:75:e1:92:72:4f:d2:
14:f0:37:2f:2d:fb:07:fc:4d:0b:2c:95:07:4b:0b:43:e7:00:
c5:f5:69:40:e3:2e:9d:e8:b8:72:87:71:88:a6:24:58:3e:48:
4a:2b:3a:0e:67:31:bc:d9:81:82:21:de:b7:03:60:41:b2:4b:
be:48:a6:c4:55:4a:1a:d4:b6:fa:60:e7:6a:b7:26:e9:93:9d:
56:fa:09:a9
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUSbXTHoQhdtxlGv+cha5sBr2p7xYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAzMjEwOTExMjRaFw0yNTAzMjAwOTE2MjRaMDMxMTAvBgNV
BAMTKEIyOEZBRjIwNEQ1Mjk2RTIxREE0MjQzNkU5RTk0MEE1QzEwNDVGRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjNclu4V2hQRMAKd84izZzXIwr
gcalKTgHJrBbFGAF0ywug+4ab4TarYywN4JuwXMDl+gPK8cXxh3/1/+I0Kleo+Ab
tWczaPcV10vcjuAfKrkGsibLChj5PWCga+Yb9FkTHLQlrQdh/X9sQlLy3WG6Ffur
vAkFywPDlrixrcvvSg4liqlCt4/FY52yZ0Fy4TG3z4AjCY6SrrSmkXDUhgxnLXat
tKnWaCsDm2oDjaqaVKVNULt81Cz7toHa4zciALKl9VtiYpgdoRIfhBHEYw6dmmBk
T4Qb698NGqlUSPUJXn5JfDLzpCdXyAJ4NPiLY1nzkFVWlQ+K6Hq/QGLU5UJdAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUso+vIE1SluIdpCQ26elApcEEX/MwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzYyZTM5Mzcy
ZTMyMzAzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALBh0TANBgkqhkiG9w0BAQsFAAOCAQEA419OGw7unJn9CH+utwjX6M1x
c5tiVTrG4g6EmdYISdYxeSTedXN/Zw2KBn5TbxG9QLmOg/aNo9wJQ4tEYEIG8hj+
ktz1IRWhGdS0TuaPX7U/DE1OMpSyJTJauyQT7qm4G9VhcJXvO5iUW55xvTLjO1uW
vw1pAzamckDkQNO4uPZLj9xA7x3a9mBduiIoez/emoyyffMWxZ2C/a2MNYHwXKjG
f3JPPWhF57m8TSDDdeGSck/SFPA3Ly37B/xNCyyVB0sLQ+cAxfVpQOMunei4codx
iKYkWD5ISis6DmcxvNmBgiHetwNgQbJLvkimxFVKGtS2+mDnarcm6ZOdVvoJqQ==
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org