Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137382e3231322e33322e302f32342d3234203d3e203632323430.roa
File: 3137382e3231322e33322e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: 8+rFxk4IEbDdy68PvZjq+NAeyUnwKu36VUqfBqZEf4U=
Subject key identifier: 11:D5:CC:94:D5:4E:38:6A:31:40:A8:20:11:E0:07:1F:8D:48:9C:B4
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0CF028D4A691E5624F724C30B8A8A16530666567
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137382e3231322e33322e302f32342d3234203d3e203632323430.roa
Signing time: Fri 20 Dec 2024 15:23:39 +0000
ROA not before: Fri 20 Dec 2024 15:18:39 +0000
ROA not after: Fri 19 Dec 2025 15:23:39 +0000
asID: 62240
IP address blocks: 178.212.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 08:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:f0:28:d4:a6:91:e5:62:4f:72:4c:30:b8:a8:a1:65:30:66:65:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:39 2024 GMT
Not After : Dec 19 15:23:39 2025 GMT
Subject: CN=11D5CC94D54E386A3140A82011E0071F8D489CB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ca:b4:c0:52:f2:49:f9:7f:c5:7b:57:e6:7c:
af:17:f2:1c:78:d1:11:69:1d:83:13:12:7a:51:f6:
1e:60:32:ae:bc:08:17:f3:74:dd:49:c7:b1:5e:d1:
7a:cc:46:b3:6c:f0:e8:3b:30:1c:b4:bd:a3:5a:b7:
4e:5b:0f:e7:3a:c4:21:e5:5c:87:57:a6:b2:df:19:
69:45:06:87:ee:40:10:b7:7e:32:88:b6:f6:48:92:
8b:70:22:a9:83:74:8e:d0:9c:76:1a:e3:93:44:26:
80:01:3e:0a:42:a2:10:3d:fe:49:c2:67:d0:c3:aa:
13:b3:3f:45:fe:4e:8d:c8:f0:51:69:fd:c3:b2:39:
7c:7b:eb:19:d0:96:c8:88:ab:7a:a8:7c:a8:8c:41:
b6:db:64:62:48:9b:7a:d5:3b:06:c9:60:29:12:9a:
9a:07:88:e2:01:37:53:5b:2f:d0:20:9e:95:37:bb:
28:d1:f9:73:72:db:da:9c:90:64:19:ca:b3:03:4e:
15:91:45:b1:80:d0:92:a8:a5:db:ff:6b:ef:a5:a8:
04:d1:a2:22:79:44:0e:9d:25:b4:4e:74:19:d8:26:
bf:c8:86:45:76:72:ab:75:cf:48:0f:01:76:0b:e6:
91:88:06:f0:8f:63:f5:9c:9b:cd:03:f6:c9:0f:ff:
23:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D5:CC:94:D5:4E:38:6A:31:40:A8:20:11:E0:07:1F:8D:48:9C:B4
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137382e3231322e33322e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.32.0/24
Signature Algorithm: sha256WithRSAEncryption
70:25:fc:42:33:ea:5f:32:9a:c6:8c:15:ca:5c:6c:d1:dc:77:
12:5d:57:88:6a:ec:20:5f:49:73:d8:7b:97:5f:4a:24:16:4c:
ee:e9:16:7f:0e:07:0a:9b:18:d6:fe:48:96:45:24:71:33:8d:
79:e7:f7:53:ec:6f:a5:87:bf:88:bd:28:bf:19:de:ec:2e:cc:
5f:bb:82:16:88:c9:4b:7f:f1:a8:26:d1:9e:17:e1:6f:6f:be:
ed:68:7e:fb:92:0d:94:ee:c3:00:10:93:e2:33:41:fc:92:1c:
5b:f2:b3:5e:b2:30:45:3f:21:1e:fa:15:b4:ea:9d:e8:2c:40:
71:a1:58:10:19:88:a9:65:7b:28:ab:64:71:96:57:1d:a5:95:
c4:60:ac:8f:3c:2b:0e:2e:6e:c6:10:92:58:6b:23:16:33:3e:
47:8c:30:9a:b4:3a:36:e1:4f:32:aa:a7:68:f2:51:57:e6:7a:
5a:f5:00:01:03:31:fb:5e:99:f3:03:b1:af:51:06:ae:64:a6:
a9:7d:c7:0c:a6:f8:7a:20:3f:e7:93:fb:ff:4a:79:3b:7c:18:
02:48:1b:ad:e5:b1:ae:2a:79:74:1e:2a:d7:cb:ec:63:03:94:
b6:98:76:17:24:e6:59:b0:1e:ee:06:38:5b:c7:72:4b:3d:ef:
f3:3a:97:cf
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUDPAo1KaR5WJPckwwuKihZTBmZWcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzlaFw0yNTEyMTkxNTIzMzlaMDMxMTAvBgNV
BAMTKDExRDVDQzk0RDU0RTM4NkEzMTQwQTgyMDExRTAwNzFGOEQ0ODlDQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyyrTAUvJJ+X/Fe1fmfK8X8hx4
0RFpHYMTEnpR9h5gMq68CBfzdN1Jx7Fe0XrMRrNs8Og7MBy0vaNat05bD+c6xCHl
XIdXprLfGWlFBofuQBC3fjKItvZIkotwIqmDdI7QnHYa45NEJoABPgpCohA9/knC
Z9DDqhOzP0X+To3I8FFp/cOyOXx76xnQlsiIq3qofKiMQbbbZGJIm3rVOwbJYCkS
mpoHiOIBN1NbL9AgnpU3uyjR+XNy29qckGQZyrMDThWRRbGA0JKopdv/a++lqATR
oiJ5RA6dJbROdBnYJr/IhkV2cqt1z0gPAXYL5pGIBvCPY/Wcm80D9skP/yMXAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUEdXMlNVOOGoxQKggEeAHH41InLQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzgyZTMyMzEz
MjJlMzMzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMjM0MzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACy1CAwDQYJKoZIhvcNAQELBQADggEBAHAl/EIz6l8ymsaMFcpcbNHcdxJd
V4hq7CBfSXPYe5dfSiQWTO7pFn8OBwqbGNb+SJZFJHEzjXnn91Psb6WHv4i9KL8Z
3uwuzF+7ghaIyUt/8agm0Z4X4W9vvu1ofvuSDZTuwwAQk+IzQfySHFvys16yMEU/
IR76FbTqnegsQHGhWBAZiKlleyirZHGWVx2llcRgrI88Kw4ubsYQklhrIxYzPkeM
MJq0OjbhTzKqp2jyUVfmelr1AAEDMftemfMDsa9RBq5kpql9xwym+HogP+eT+/9K
eTt8GAJIG63lsa4qeXQeKtfL7GMDlLaYdhck5lmwHu4GOFvHcks97/M6l88=
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:20:17 2025 by rpki-client