Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Cg4jwqi9HB1vx+TAnwlxtgkzkKbCNxe5LLyLwPGIcjo=
Subject key identifier: 76:E7:81:1F:6E:E1:8A:FA:A3:D2:6A:D8:60:56:BC:06:83:AB:32:37
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4D54D438FB277010EC8827C30F01A31A119177CA
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 21 Dec 2023 14:10:26 +0000
ROA not before: Thu 21 Dec 2023 14:05:26 +0000
ROA not after: Thu 19 Dec 2024 14:10:26 +0000
asID: 136787
IP address blocks: 185.147.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:54:d4:38:fb:27:70:10:ec:88:27:c3:0f:01:a3:1a:11:91:77:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 21 14:05:26 2023 GMT
Not After : Dec 19 14:10:26 2024 GMT
Subject: CN=76E7811F6EE18AFAA3D26AD86056BC0683AB3237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:74:bc:54:af:7b:ef:76:b1:3f:a3:25:57:eb:
48:fb:fc:77:19:05:c9:32:f2:02:01:79:aa:8c:91:
c8:34:62:45:7a:28:cc:30:22:e6:5a:df:8e:a1:1c:
aa:3e:8b:ae:11:95:74:1d:b5:0d:ca:6e:a0:f0:54:
6e:b0:de:c9:ef:e3:cb:89:f8:d1:7a:1d:86:e1:eb:
af:a0:5d:e2:95:af:99:7d:ee:4b:51:05:a7:5d:b1:
c9:0d:85:5c:6f:aa:1e:a1:45:e4:d0:48:e3:93:5c:
a1:96:76:7b:5d:7e:92:ca:53:cb:1a:a6:85:52:2b:
b1:83:04:cf:44:4d:ea:3d:6d:e9:ed:4b:54:12:e5:
7e:e3:dc:fd:33:2e:9a:ce:18:a1:d5:ab:07:4c:8b:
86:7f:0e:b8:d4:94:54:e7:b3:53:24:a6:aa:13:20:
87:e4:33:e2:f1:d0:42:2b:db:c0:e0:04:0e:a8:76:
73:9f:26:5d:2d:7d:d4:8a:7b:43:d6:06:a3:7d:69:
cb:48:5d:5c:17:51:8d:7f:32:3c:5a:47:78:84:3f:
1f:3f:f6:9c:53:4a:11:24:27:c5:df:c4:ee:4d:ee:
f3:82:7e:ac:bc:ef:4b:d8:b6:26:c3:80:64:42:a2:
59:e8:0f:a7:28:f5:56:46:99:3c:bf:a5:0e:6b:2d:
73:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E7:81:1F:6E:E1:8A:FA:A3:D2:6A:D8:60:56:BC:06:83:AB:32:37
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.54.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:a8:ef:a5:78:37:f4:43:ab:05:7b:81:84:00:85:9c:e9:e6:
92:f9:df:38:f4:0e:fb:c6:51:91:3e:4a:03:10:ea:09:45:6a:
df:05:50:dc:0d:53:81:56:02:10:a3:6f:29:7e:10:e0:b2:6a:
76:22:8b:26:66:df:21:5a:0e:2c:87:93:3f:29:0f:f0:c7:46:
fa:0d:84:d9:cf:65:4c:46:c3:13:1f:93:ab:7f:74:61:1a:93:
a1:d6:2e:7e:1f:6b:93:53:cb:48:ed:2d:62:6b:76:c5:e0:20:
df:17:e3:d1:cf:b1:cf:6e:c6:cb:a9:89:62:64:b3:5e:86:c2:
29:a9:0a:83:ce:b1:a7:f7:02:31:4f:cf:73:b0:67:0a:69:21:
31:05:72:dc:a5:f5:4c:6e:20:5a:a4:ad:92:8c:ef:8c:df:3d:
3e:86:ce:b1:41:cd:7e:96:13:e2:ca:cd:bd:14:4e:cb:07:4e:
c4:af:8e:f0:48:b5:64:a3:3e:d0:be:1c:d2:17:8e:2f:7b:2a:
30:22:87:68:65:f6:4b:63:70:f1:f0:1a:5a:e6:88:64:f3:11:
93:85:22:2c:85:53:00:ca:e8:90:31:40:48:85:99:83:71:4a:
ba:b1:27:74:39:28:3b:55:cd:ef:52:91:6c:9f:68:4f:0c:ec:
d2:1e:d2:57
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUTVTUOPsncBDsiCfDDwGjGhGRd8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yMzEyMjExNDA1MjZaFw0yNDEyMTkxNDEwMjZaMDMxMTAvBgNV
BAMTKDc2RTc4MTFGNkVFMThBRkFBM0QyNkFEODYwNTZCQzA2ODNBQjMyMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXdLxUr3vvdrE/oyVX60j7/HcZ
Bcky8gIBeaqMkcg0YkV6KMwwIuZa346hHKo+i64RlXQdtQ3KbqDwVG6w3snv48uJ
+NF6HYbh66+gXeKVr5l97ktRBaddsckNhVxvqh6hReTQSOOTXKGWdntdfpLKU8sa
poVSK7GDBM9ETeo9bentS1QS5X7j3P0zLprOGKHVqwdMi4Z/DrjUlFTns1MkpqoT
IIfkM+Lx0EIr28DgBA6odnOfJl0tfdSKe0PWBqN9actIXVwXUY1/MjxaR3iEPx8/
9pxTShEkJ8XfxO5N7vOCfqy870vYtibDgGRColnoD6co9VZGmTy/pQ5rLXMxAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUdueBH27hivqj0mrYYFa8BoOrMjcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzQz
NzJlMzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmTNjANBgkqhkiG9w0BAQsFAAOCAQEAuajvpXg39EOrBXuBhACFnOnm
kvnfOPQO+8ZRkT5KAxDqCUVq3wVQ3A1TgVYCEKNvKX4Q4LJqdiKLJmbfIVoOLIeT
PykP8MdG+g2E2c9lTEbDEx+Tq390YRqTodYufh9rk1PLSO0tYmt2xeAg3xfj0c+x
z27Gy6mJYmSzXobCKakKg86xp/cCMU/Pc7BnCmkhMQVy3KX1TG4gWqStkozvjN89
PobOsUHNfpYT4srNvRROywdOxK+O8Ei1ZKM+0L4c0heOL3sqMCKHaGX2S2Nw8fAa
WuaIZPMRk4UiLIVTAMrokDFASIWZg3FKurEndDkoO1XN71KRbJ9oTwzs0h7SVw==
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org