Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137382e3231322e33332e302f32342d3332203d3e20313431393935.roa
File: 3137382e3231322e33332e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: d/A1qNf5vVyz6x0v5xrRju+A+U5f4lDQO9xts5cKj+0=
Subject key identifier: B2:64:8D:65:AA:5B:E6:65:A6:61:38:79:AD:0A:8E:D5:E9:DC:54:47
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 45938B40B52B63B872769F78433F2607C79C68AB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137382e3231322e33332e302f32342d3332203d3e20313431393935.roa
Signing time: Fri 20 Dec 2024 15:23:34 +0000
ROA not before: Fri 20 Dec 2024 15:18:34 +0000
ROA not after: Fri 19 Dec 2025 15:23:34 +0000
asID: 141995
IP address blocks: 178.212.33.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 13:42:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:93:8b:40:b5:2b:63:b8:72:76:9f:78:43:3f:26:07:c7:9c:68:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:34 2024 GMT
Not After : Dec 19 15:23:34 2025 GMT
Subject: CN=B2648D65AA5BE665A6613879AD0A8ED5E9DC5447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:13:79:96:87:46:1a:f4:8e:09:94:e1:93:56:
64:05:d9:29:57:a0:30:f1:dc:1c:81:c4:b6:07:6b:
c4:e2:9b:69:05:9e:b8:2b:f0:99:24:5d:28:6c:a8:
68:0f:05:6b:ca:3d:30:7f:fc:5f:e8:84:7b:34:90:
45:43:d5:74:68:af:08:a2:28:4e:30:ef:de:eb:3b:
d1:dc:d9:5f:3c:a0:69:d8:e3:dd:c3:9e:42:9d:bf:
2a:dc:fb:a1:21:ab:e6:73:da:23:b3:5c:3e:36:76:
08:2b:ee:36:60:61:8b:d0:a5:22:22:5b:b6:b2:3e:
5f:0f:df:77:55:f9:bb:27:39:55:37:84:2f:9f:63:
4a:89:ef:9c:41:0e:15:eb:af:84:00:9f:6d:ec:b9:
33:8d:fc:73:cd:80:97:0f:95:b5:26:c2:73:1c:fd:
a1:46:c5:d1:bc:e4:23:81:d8:ff:96:ce:7c:2b:2b:
a7:9a:fd:fd:7a:07:cf:49:d1:56:36:93:e5:e7:4d:
2c:9a:85:70:20:d4:07:b8:06:ef:50:ca:91:60:90:
94:55:6f:86:42:9a:ed:c2:cd:1b:09:28:f7:a8:06:
1e:a6:29:03:f7:cd:93:56:df:da:44:c5:d9:5f:2c:
74:76:d8:98:a5:0c:f3:f2:ab:3c:26:68:c8:db:ac:
25:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:64:8D:65:AA:5B:E6:65:A6:61:38:79:AD:0A:8E:D5:E9:DC:54:47
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137382e3231322e33332e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.33.0/24
Signature Algorithm: sha256WithRSAEncryption
31:a1:0d:1a:1f:e6:08:b0:7e:96:17:c9:89:4d:e4:ec:13:99:
a4:9d:16:0b:cc:85:e2:21:de:9b:27:fc:03:61:fb:a1:c2:e1:
44:6c:9e:d0:e8:94:42:8d:29:46:67:7b:33:0a:11:09:12:ab:
8d:11:5d:c6:29:a1:20:e2:85:2c:99:a5:ea:0f:67:8a:e2:02:
17:ca:69:79:a0:ef:b6:ff:04:9f:7f:f6:1d:14:91:1e:15:33:
c7:0a:92:b8:5c:b0:4f:5d:12:ac:c5:54:cd:f5:f9:39:92:b9:
46:1f:40:9e:9a:23:da:df:de:dc:63:a2:9e:ea:56:a5:74:a1:
66:5d:81:38:66:09:4a:fe:5a:7a:bd:5d:96:ac:cc:f7:c0:ce:
cc:8a:63:67:ce:ea:12:f6:f5:2c:79:8e:0f:ca:bb:81:86:63:
86:0f:16:a3:10:b4:b7:c4:66:72:49:32:79:94:ea:c5:04:98:
dd:b7:05:79:35:78:31:87:5c:c6:a0:b4:a4:88:70:47:de:b3:
24:5a:75:ff:ec:9f:ee:fc:28:3a:a2:e8:bf:a9:dd:cc:a9:9b:
1f:10:43:c3:4c:3d:0d:93:5f:f8:38:28:4f:05:b5:d0:26:08:
b7:ca:8c:b3:84:12:7e:ac:49:cc:91:e6:97:de:29:85:ab:04:
a6:ed:7f:36
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIURZOLQLUrY7hydp94Qz8mB8ecaKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzRaFw0yNTEyMTkxNTIzMzRaMDMxMTAvBgNV
BAMTKEIyNjQ4RDY1QUE1QkU2NjVBNjYxMzg3OUFEMEE4RUQ1RTlEQzU0NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjE3mWh0Ya9I4JlOGTVmQF2SlX
oDDx3ByBxLYHa8Tim2kFnrgr8JkkXShsqGgPBWvKPTB//F/ohHs0kEVD1XRorwii
KE4w797rO9Hc2V88oGnY493DnkKdvyrc+6Ehq+Zz2iOzXD42dggr7jZgYYvQpSIi
W7ayPl8P33dV+bsnOVU3hC+fY0qJ75xBDhXrr4QAn23suTON/HPNgJcPlbUmwnMc
/aFGxdG85COB2P+WznwrK6ea/f16B89J0VY2k+XnTSyahXAg1Ae4Bu9QypFgkJRV
b4ZCmu3CzRsJKPeoBh6mKQP3zZNW39pExdlfLHR22JilDPPyqzwmaMjbrCX1AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUsmSNZapb5mWmYTh5rQqO1encVEcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzgyZTMyMzEz
MjJlMzMzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzQzMTM5MzkzNS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALLUITANBgkqhkiG9w0BAQsFAAOCAQEAMaENGh/mCLB+lhfJiU3k7BOZ
pJ0WC8yF4iHemyf8A2H7ocLhRGye0OiUQo0pRmd7MwoRCRKrjRFdximhIOKFLJml
6g9niuICF8ppeaDvtv8En3/2HRSRHhUzxwqSuFywT10SrMVUzfX5OZK5Rh9Anpoj
2t/e3GOinupWpXShZl2BOGYJSv5aer1dlqzM98DOzIpjZ87qEvb1LHmOD8q7gYZj
hg8WoxC0t8RmckkyeZTqxQSY3bcFeTV4MYdcxqC0pIhwR96zJFp1/+yf7vwoOqLo
v6ndzKmbHxBDw0w9DZNf+DgoTwW10CYIt8qMs4QSfqxJzJHml94phasEpu1/Ng==
-----END CERTIFICATE-----
Generated at Sun Mar 9 02:48:54 2025 by rpki-client