Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137382e3231322e33352e302f32342d3332203d3e20313431393935.roa
File: 3137382e3231322e33352e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: LhrmyZc4UwUAG/C+XSrWH+4eLyT311T9W1+sfOEn/3c=
Subject key identifier: E3:8F:E9:62:CF:79:5A:1A:5B:0B:C1:BB:C2:0B:70:C5:A3:72:CE:08
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1CD03CBC201CC1358EC1FFAD9C0687A44C85A989
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137382e3231322e33352e302f32342d3332203d3e20313431393935.roa
Signing time: Fri 20 Dec 2024 15:23:41 +0000
ROA not before: Fri 20 Dec 2024 15:18:41 +0000
ROA not after: Fri 19 Dec 2025 15:23:41 +0000
asID: 141995
IP address blocks: 178.212.35.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 13:42:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:d0:3c:bc:20:1c:c1:35:8e:c1:ff:ad:9c:06:87:a4:4c:85:a9:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:41 2024 GMT
Not After : Dec 19 15:23:41 2025 GMT
Subject: CN=E38FE962CF795A1A5B0BC1BBC20B70C5A372CE08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1e:2b:bf:d1:e8:3b:00:0b:0e:22:5a:ef:3b:
bf:d3:c5:0f:55:5b:24:9c:54:e0:28:04:1f:fa:70:
71:bc:3c:bd:3d:ed:25:36:a8:e1:56:b8:4a:70:64:
58:8a:19:af:09:88:13:fc:f4:2e:05:cd:69:93:54:
66:95:b8:26:e8:a3:c0:77:6e:9e:9e:5d:7a:a5:4b:
03:92:7c:1f:a3:8c:28:c4:ca:48:9b:c3:cd:2d:f4:
4e:2d:d9:02:f3:61:5d:bf:76:90:c3:e7:37:d1:b2:
f9:22:44:e7:27:cf:bc:4c:a1:4e:7a:ee:75:ba:a3:
be:83:c0:56:78:e0:ee:67:86:f7:4b:91:ce:5c:9c:
3d:4b:aa:4c:21:b7:73:cb:0b:09:87:bc:0f:e3:1c:
0d:6d:c4:ba:37:49:ac:ca:cf:89:73:52:1d:ec:49:
f5:fe:41:d4:f5:f7:ad:2d:2a:a0:6e:02:36:61:56:
24:95:76:47:b2:dd:1d:42:ae:69:cf:c3:b6:dc:e9:
00:63:ca:4e:8f:9f:d4:64:9f:b5:f6:23:11:19:48:
5e:7d:c5:f7:8f:71:88:c9:ea:c2:55:56:80:f3:d6:
c8:77:63:d6:39:3d:9b:f0:ab:95:cb:92:ab:7d:d7:
70:c1:ae:60:72:6e:44:9e:22:c7:fe:1c:20:c2:1c:
99:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:8F:E9:62:CF:79:5A:1A:5B:0B:C1:BB:C2:0B:70:C5:A3:72:CE:08
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137382e3231322e33352e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.35.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:bf:4e:0c:b8:88:8d:f3:75:55:70:b3:c6:ef:55:26:cb:97:
c8:f5:5e:e7:fb:d1:af:ca:6e:10:9a:4d:7c:da:ff:2c:bf:8a:
38:92:9a:7f:0d:12:86:72:f2:7e:6a:1e:4b:0f:9e:48:f8:6d:
6b:a2:43:ba:42:d7:97:2e:d1:7d:ce:31:4b:bc:d6:a1:60:d3:
d6:75:7d:96:d2:d1:38:4c:b3:ee:84:f4:b5:03:e3:09:bc:73:
63:60:e3:87:0a:68:f5:f8:3c:0c:7b:77:98:01:56:b7:cb:35:
47:90:3f:d5:a1:63:46:c1:3b:6e:5f:04:8a:f0:c4:91:e8:0e:
d7:6d:1d:97:c2:35:60:eb:16:8f:ec:1f:78:86:aa:21:84:f9:
e6:8b:e2:b7:d9:d3:53:21:f2:04:fb:06:c7:4f:dd:38:13:c2:
4a:95:9c:55:34:9b:15:34:42:d9:5f:46:88:5d:be:1e:27:00:
f4:39:e6:ac:fc:26:3c:8e:f7:d3:30:2c:5e:d2:98:12:d4:1c:
0f:81:d0:b3:7b:20:e2:9e:91:08:fc:4c:6f:95:67:2c:59:6b:
24:7b:c0:b3:c2:00:34:36:30:7d:f8:c7:29:b8:a4:f0:bb:15:
61:2e:1e:fb:3c:64:09:31:1d:79:9a:fd:92:09:c5:e0:4e:5e:
76:2a:92:aa
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUHNA8vCAcwTWOwf+tnAaHpEyFqYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4NDFaFw0yNTEyMTkxNTIzNDFaMDMxMTAvBgNV
BAMTKEUzOEZFOTYyQ0Y3OTVBMUE1QjBCQzFCQkMyMEI3MEM1QTM3MkNFMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTHiu/0eg7AAsOIlrvO7/TxQ9V
WyScVOAoBB/6cHG8PL097SU2qOFWuEpwZFiKGa8JiBP89C4FzWmTVGaVuCboo8B3
bp6eXXqlSwOSfB+jjCjEykibw80t9E4t2QLzYV2/dpDD5zfRsvkiROcnz7xMoU56
7nW6o76DwFZ44O5nhvdLkc5cnD1Lqkwht3PLCwmHvA/jHA1txLo3SazKz4lzUh3s
SfX+QdT1960tKqBuAjZhViSVdkey3R1CrmnPw7bc6QBjyk6Pn9Rkn7X2IxEZSF59
xfePcYjJ6sJVVoDz1sh3Y9Y5PZvwq5XLkqt913DBrmBybkSeIsf+HCDCHJnbAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU44/pYs95WhpbC8G7wgtwxaNyzggwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzgyZTMyMzEz
MjJlMzMzNTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzQzMTM5MzkzNS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALLUIzANBgkqhkiG9w0BAQsFAAOCAQEATb9ODLiIjfN1VXCzxu9VJsuX
yPVe5/vRr8puEJpNfNr/LL+KOJKafw0ShnLyfmoeSw+eSPhta6JDukLXly7Rfc4x
S7zWoWDT1nV9ltLROEyz7oT0tQPjCbxzY2Djhwpo9fg8DHt3mAFWt8s1R5A/1aFj
RsE7bl8EivDEkegO120dl8I1YOsWj+wfeIaqIYT55ovit9nTUyHyBPsGx0/dOBPC
SpWcVTSbFTRC2V9GiF2+HicA9DnmrPwmPI730zAsXtKYEtQcD4HQs3sg4p6RCPxM
b5VnLFlrJHvAs8IANDYwffjHKbik8LsVYS4e+zxkCTEdeZr9kgnF4E5ediqSqg==
-----END CERTIFICATE-----
Generated at Sun Mar 9 02:37:32 2025 by rpki-client