Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137362e302f32342d3234203d3e20323132323338.roa
File: 3138352e3135332e3137362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 5so44R7GOj7qeVDdtiy/qqYwCospV4qnbN/H/qIRPFw=
Subject key identifier: F5:38:F7:EF:3A:9D:44:76:93:1D:D7:AC:31:CD:8B:28:13:25:3D:69
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 46B3BD66EF85B40B5F88EE2749EAA7E033F565C6
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137362e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 26 Feb 2024 08:53:43 +0000
ROA not before: Mon 26 Feb 2024 08:48:43 +0000
ROA not after: Mon 24 Feb 2025 08:53:43 +0000
asID: 212238
IP address blocks: 185.153.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 03:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:b3:bd:66:ef:85:b4:0b:5f:88:ee:27:49:ea:a7:e0:33:f5:65:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 26 08:48:43 2024 GMT
Not After : Feb 24 08:53:43 2025 GMT
Subject: CN=F538F7EF3A9D4476931DD7AC31CD8B2813253D69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:af:46:1e:39:5c:b1:ea:8a:cf:48:6f:dd:fe:
d0:e5:d0:94:b9:b6:11:3e:73:29:a1:00:85:31:8c:
7a:80:f7:cd:86:8d:0f:c1:28:00:ac:8b:ab:ba:a0:
56:6d:eb:ce:d5:73:a7:11:c6:8e:ca:4a:ea:25:ec:
90:5e:7f:a1:b8:78:50:04:c3:58:3f:f3:8f:b9:1d:
0f:d7:c2:1a:e8:27:58:c2:37:14:d3:fe:f2:72:a2:
33:7e:be:24:5f:50:64:f6:73:c3:17:28:cc:55:de:
97:0f:42:6f:2b:e1:22:65:66:b5:c9:fa:be:56:99:
26:e8:5f:aa:72:3e:84:73:82:44:a8:48:65:2f:5c:
35:59:23:f0:c2:4c:97:72:dc:10:12:bd:a6:f1:e6:
5c:24:31:36:fc:1d:c6:88:1b:5e:94:7a:0d:aa:2a:
34:52:0d:07:e7:3e:51:ee:e9:f3:1b:c0:72:21:b7:
37:41:02:40:e8:93:aa:30:c3:6b:8b:e7:1f:f6:d9:
54:30:16:81:0e:36:db:e9:6c:db:be:2e:39:d8:d3:
21:05:b9:c9:18:ce:79:20:cc:83:b1:cf:a8:92:a1:
ea:d1:02:d7:99:48:4e:1d:b8:23:3a:bb:cd:e8:9e:
f8:0e:e2:e6:e2:ed:58:97:76:8e:ee:4a:82:b7:13:
e3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:38:F7:EF:3A:9D:44:76:93:1D:D7:AC:31:CD:8B:28:13:25:3D:69
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.176.0/24
Signature Algorithm: sha256WithRSAEncryption
21:fb:db:11:73:1a:54:63:13:4a:3d:ff:7a:bf:78:69:e9:39:
ae:5b:03:0f:ce:90:bd:6c:69:63:9a:ed:51:37:60:67:a1:f5:
c5:db:56:d0:44:b0:64:78:41:56:ef:a8:ab:0f:c1:81:db:30:
90:98:ee:a0:4f:84:35:14:ad:39:98:00:a9:6f:c8:03:4f:a7:
98:f1:36:20:ec:0e:90:a1:7f:51:68:af:c8:d0:45:7b:c0:05:
d9:0a:7b:bc:cf:0b:30:6c:ce:5f:6b:19:74:5b:e1:b6:29:ca:
b0:b6:15:74:3c:a8:b0:fb:2c:f1:5f:c8:c1:6f:59:82:ee:b5:
67:e0:c3:63:e9:32:9d:82:6c:69:a8:e5:68:76:ec:1d:0d:8b:
2a:8c:fd:1f:a0:6f:79:a0:35:6d:62:a9:5b:33:77:a3:44:be:
19:bb:d6:9d:5c:c2:2f:4e:77:12:0b:29:72:1a:e6:29:89:b2:
bb:a1:4c:ab:2f:de:d8:69:0a:1b:2c:a2:aa:e8:d8:4f:fb:db:
e7:86:92:d3:e2:af:7c:76:20:c3:c8:b4:28:2b:d2:0a:b4:7b:
a3:94:74:a6:cd:4d:40:c6:c7:7d:b3:82:e0:f6:a8:43:1d:57:
90:28:2f:42:7d:7d:f9:b5:fd:db:29:de:d2:6a:84:65:fe:84:
5b:b5:94:3e
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIURrO9Zu+FtAtfiO4nSeqn4DP1ZcYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAyMjYwODQ4NDNaFw0yNTAyMjQwODUzNDNaMDMxMTAvBgNV
BAMTKEY1MzhGN0VGM0E5RDQ0NzY5MzFERDdBQzMxQ0Q4QjI4MTMyNTNENjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClr0YeOVyx6orPSG/d/tDl0JS5
thE+cymhAIUxjHqA982GjQ/BKACsi6u6oFZt687Vc6cRxo7KSuol7JBef6G4eFAE
w1g/84+5HQ/XwhroJ1jCNxTT/vJyojN+viRfUGT2c8MXKMxV3pcPQm8r4SJlZrXJ
+r5WmSboX6pyPoRzgkSoSGUvXDVZI/DCTJdy3BASvabx5lwkMTb8HcaIG16Ueg2q
KjRSDQfnPlHu6fMbwHIhtzdBAkDok6oww2uL5x/22VQwFoEONtvpbNu+LjnY0yEF
uckYznkgzIOxz6iSoerRAteZSE4duCM6u83onvgO4ubi7ViXdo7uSoK3E+NLAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU9Tj37zqdRHaTHdesMc2LKBMlPWkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzUz
MzJlMzEzNzM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuZmwMA0GCSqGSIb3DQEBCwUAA4IBAQAh+9sRcxpUYxNKPf96v3hp
6TmuWwMPzpC9bGljmu1RN2BnofXF21bQRLBkeEFW76irD8GB2zCQmO6gT4Q1FK05
mACpb8gDT6eY8TYg7A6QoX9RaK/I0EV7wAXZCnu8zwswbM5faxl0W+G2KcqwthV0
PKiw+yzxX8jBb1mC7rVn4MNj6TKdgmxpqOVoduwdDYsqjP0foG95oDVtYqlbM3ej
RL4Zu9adXMIvTncSCylyGuYpibK7oUyrL97YaQobLKKq6NhP+9vnhpLT4q98diDD
yLQoK9IKtHujlHSmzU1Axsd9s4Lg9qhDHVeQKC9CfX35tf3bKd7SaoRl/oRbtZQ+
-----END CERTIFICATE-----
Generated at Sun Apr 28 18:14:32 2024 by rpki-client on console-fra.rpki-client.org