Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: TrjkLUJRbsP6QWcp843UgZVVU3eh3793PoNuIuiWcO4=
Subject key identifier: DC:14:A5:37:6D:47:30:C9:97:B5:57:6E:AC:F2:D7:86:FA:29:14:D6
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1B456FE1E35DCC86BF12CE6C3C048C0B02148B67
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 21 Nov 2024 14:44:19 +0000
ROA not before: Thu 21 Nov 2024 14:39:19 +0000
ROA not after: Thu 20 Nov 2025 14:44:19 +0000
asID: 136787
IP address blocks: 185.147.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:45:6f:e1:e3:5d:cc:86:bf:12:ce:6c:3c:04:8c:0b:02:14:8b:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 21 14:39:19 2024 GMT
Not After : Nov 20 14:44:19 2025 GMT
Subject: CN=DC14A5376D4730C997B5576EACF2D786FA2914D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3a:24:aa:6f:0b:26:e0:fa:58:59:33:c4:42:
12:77:ca:08:4e:6a:5e:54:e9:d9:73:79:c6:75:24:
58:03:63:7d:08:85:d3:0c:be:79:29:c8:a6:1f:7b:
21:e0:b1:75:45:28:67:96:42:fb:f0:9b:3e:2a:99:
df:4e:93:c3:22:e6:e8:c0:b0:75:6e:89:d5:7f:63:
ea:97:c8:38:01:c5:38:41:1f:a6:f3:19:ae:2f:cc:
d9:d1:52:6f:17:76:76:1c:dd:9f:26:af:8f:52:7a:
de:d7:5a:64:15:b9:d9:94:e4:af:24:d8:83:f3:96:
c2:dc:84:43:b0:00:ad:5c:44:69:7a:e0:ae:64:ec:
40:59:a3:1e:47:2e:f9:f8:37:be:45:85:4d:26:ac:
d1:76:0e:dd:0c:d6:8e:72:f0:23:31:63:e4:d9:e4:
5d:7c:ae:80:b3:de:e7:ce:63:38:0e:66:81:10:ab:
ad:c5:73:58:52:9e:2c:4a:9d:76:d1:35:81:2f:3b:
89:65:a4:1c:f8:d0:a1:3b:08:49:8e:4c:98:a8:b9:
2f:04:91:11:b5:a8:a6:91:f9:00:13:78:d2:c1:2f:
3b:f1:3c:9c:7e:83:07:f6:66:b2:6d:64:de:01:7d:
e1:40:37:59:dc:22:37:a3:0c:da:60:7c:b7:0e:a5:
eb:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:14:A5:37:6D:47:30:C9:97:B5:57:6E:AC:F2:D7:86:FA:29:14:D6
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3134372e35342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.54.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:87:6e:ec:a5:12:e0:2a:50:b5:92:02:a9:30:23:0b:93:d5:
4c:a8:78:d4:d3:19:0f:09:1f:eb:b7:23:34:20:d9:59:ac:44:
11:af:2d:78:21:c4:37:c2:97:d0:ad:58:ce:6d:a3:a0:98:7d:
aa:9d:8a:63:5b:57:d5:ec:50:0f:80:6c:46:b7:31:e3:23:4b:
4d:c1:2b:40:ce:ad:7d:6e:70:86:25:bc:27:22:9c:a3:1a:1b:
6d:9b:a0:7e:a5:25:fa:89:2b:3b:cf:49:5c:d4:37:60:3f:77:
dc:10:3d:c5:ec:3b:88:df:15:89:cd:5f:b4:6c:0d:b1:9e:b4:
3f:73:c2:e4:ae:18:8c:19:ab:5a:36:a6:2a:b8:10:95:4f:b8:
7c:a4:05:ab:aa:b0:5f:a9:41:90:1c:41:fa:dc:93:5f:b3:1a:
7f:fb:0c:34:42:85:43:34:76:05:cb:03:09:ac:69:3e:28:65:
07:fe:22:f0:4a:fd:ee:e0:55:a2:47:16:a6:4d:5e:26:1e:96:
2b:b8:87:43:f9:b0:3e:39:64:c4:36:fb:71:ca:da:5a:31:bf:
bf:8d:dc:92:d3:fd:d5:6c:1b:37:de:7a:b7:9e:c7:30:1c:89:
d6:a8:46:2c:80:4e:ca:c4:da:d8:65:5f:79:86:bf:a2:dd:00:
8c:4c:c4:37
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUG0Vv4eNdzIa/Es5sPASMCwIUi2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDExMjExNDM5MTlaFw0yNTExMjAxNDQ0MTlaMDMxMTAvBgNV
BAMTKERDMTRBNTM3NkQ0NzMwQzk5N0I1NTc2RUFDRjJENzg2RkEyOTE0RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7OiSqbwsm4PpYWTPEQhJ3yghO
al5U6dlzecZ1JFgDY30IhdMMvnkpyKYfeyHgsXVFKGeWQvvwmz4qmd9Ok8Mi5ujA
sHVuidV/Y+qXyDgBxThBH6bzGa4vzNnRUm8XdnYc3Z8mr49Set7XWmQVudmU5K8k
2IPzlsLchEOwAK1cRGl64K5k7EBZox5HLvn4N75FhU0mrNF2Dt0M1o5y8CMxY+TZ
5F18roCz3ufOYzgOZoEQq63Fc1hSnixKnXbRNYEvO4llpBz40KE7CEmOTJiouS8E
kRG1qKaR+QATeNLBLzvxPJx+gwf2ZrJtZN4BfeFAN1ncIjejDNpgfLcOpeu7AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU3BSlN21HMMmXtVdurPLXhvopFNYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzQz
NzJlMzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmTNjANBgkqhkiG9w0BAQsFAAOCAQEApYdu7KUS4CpQtZICqTAjC5PV
TKh41NMZDwkf67cjNCDZWaxEEa8teCHEN8KX0K1Yzm2joJh9qp2KY1tX1exQD4Bs
Rrcx4yNLTcErQM6tfW5whiW8JyKcoxobbZugfqUl+okrO89JXNQ3YD933BA9xew7
iN8Vic1ftGwNsZ60P3PC5K4YjBmrWjamKrgQlU+4fKQFq6qwX6lBkBxB+tyTX7Ma
f/sMNEKFQzR2BcsDCaxpPihlB/4i8Er97uBVokcWpk1eJh6WK7iHQ/mwPjlkxDb7
ccraWjG/v43cktP91WwbN956t57HMByJ1qhGLIBOysTa2GVfeYa/ot0AjEzENw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:01:38 2025 by rpki-client