Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137392e302f32342d3234203d3e20313437303439.roa
File: 3138352e3135332e3137392e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: Lt0cXli6tSoVYi72Gl+C4zNyxSb0YrAPji8ShXZLn9A=
Subject key identifier: B1:C2:EA:EE:86:F6:FB:7D:C2:5C:C6:56:F8:91:EF:55:32:70:08:46
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3FCFB960F28EB18571E579B76683857D36299DBB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137392e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 26 Feb 2024 08:53:43 +0000
ROA not before: Mon 26 Feb 2024 08:48:43 +0000
ROA not after: Mon 24 Feb 2025 08:53:43 +0000
asID: 147049
IP address blocks: 185.153.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:cf:b9:60:f2:8e:b1:85:71:e5:79:b7:66:83:85:7d:36:29:9d:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 26 08:48:43 2024 GMT
Not After : Feb 24 08:53:43 2025 GMT
Subject: CN=B1C2EAEE86F6FB7DC25CC656F891EF5532700846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:79:13:6f:8e:41:20:51:ca:8a:09:b7:51:
c4:d8:92:5c:e0:7c:ed:27:19:43:e5:0f:51:8f:0b:
70:79:c2:e4:d0:e8:03:70:a1:30:8a:bf:30:06:4e:
b7:bd:62:78:67:e6:b7:e7:7d:42:7a:b1:d9:aa:29:
ce:23:23:2c:b6:34:0c:41:b9:00:79:76:c7:16:49:
85:b7:e0:6d:9e:d5:ec:bd:4c:8e:2a:03:69:24:12:
14:a4:a3:96:a1:85:72:d5:22:0f:db:03:a9:b0:36:
cd:fc:80:d0:a9:46:d6:ab:1a:5a:03:38:3c:73:d1:
33:e5:f5:2b:32:8c:8d:ea:91:a6:4d:31:81:88:33:
c6:bf:25:a6:b6:52:e4:c2:2f:98:44:c7:d1:18:f5:
38:ac:f9:0a:72:65:df:a2:73:e4:6a:49:0d:04:38:
c3:03:00:12:e7:2d:49:ee:7c:b9:84:b1:14:37:f1:
8f:c7:17:aa:b2:44:a3:c3:8b:ba:49:6d:79:d7:a9:
8c:87:05:f7:5c:0a:f6:5e:19:41:c7:6d:30:1c:30:
23:55:e3:5c:ed:ee:cc:35:35:a8:f0:6a:56:a0:e6:
35:6f:d4:7f:f8:3d:1d:aa:03:5c:17:24:2c:ab:e6:
f8:d7:81:9b:65:a4:e2:30:28:fc:4c:b7:e9:7e:39:
62:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C2:EA:EE:86:F6:FB:7D:C2:5C:C6:56:F8:91:EF:55:32:70:08:46
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137392e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.179.0/24
Signature Algorithm: sha256WithRSAEncryption
69:66:8e:1d:f9:ad:1f:db:8b:8f:b7:79:15:06:6b:a7:83:9b:
c6:a2:43:0c:c9:42:34:cd:d0:0e:27:a6:43:94:7f:6b:56:f6:
c2:cc:b8:6f:bc:36:87:f5:e8:61:9a:0f:e0:f7:52:c7:bf:9b:
80:ee:6c:22:74:f0:8e:88:f4:c8:49:0d:bd:b6:2e:4c:24:37:
48:3f:8f:39:1d:af:27:20:e7:9b:bb:63:9e:16:36:88:1e:38:
63:86:f3:cb:a4:c6:83:bb:35:f4:7a:b9:28:0c:ca:97:46:1b:
f6:f3:4b:db:98:8c:7d:51:a9:5a:a7:6f:21:a4:9a:89:1c:05:
6f:65:36:f3:60:a4:f6:ad:eb:17:a3:51:74:53:09:a8:a2:63:
01:10:49:f5:cd:e1:9f:25:2b:db:39:28:13:47:c0:3b:2b:43:
de:3a:e5:92:15:65:72:d8:89:fe:44:4d:f3:55:44:0f:fe:80:
89:12:1f:f1:50:bd:13:02:32:84:02:98:fa:b3:32:7e:09:f1:
55:3f:34:73:f5:72:6a:57:c7:dc:cd:9f:d5:db:dc:6e:73:62:
77:93:5f:14:0a:56:2d:d7:24:40:05:7f:c4:0d:5f:2e:36:1d:
42:19:e3:db:67:2e:c1:01:d9:97:12:07:46:ec:d5:f4:4a:ea:
11:bc:e4:6b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUP8+5YPKOsYVx5Xm3ZoOFfTYpnbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAyMjYwODQ4NDNaFw0yNTAyMjQwODUzNDNaMDMxMTAvBgNV
BAMTKEIxQzJFQUVFODZGNkZCN0RDMjVDQzY1NkY4OTFFRjU1MzI3MDA4NDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/cHkTb45BIFHKigm3UcTYklzg
fO0nGUPlD1GPC3B5wuTQ6ANwoTCKvzAGTre9Ynhn5rfnfUJ6sdmqKc4jIyy2NAxB
uQB5dscWSYW34G2e1ey9TI4qA2kkEhSko5ahhXLVIg/bA6mwNs38gNCpRtarGloD
ODxz0TPl9SsyjI3qkaZNMYGIM8a/Jaa2UuTCL5hEx9EY9Tis+QpyZd+ic+RqSQ0E
OMMDABLnLUnufLmEsRQ38Y/HF6qyRKPDi7pJbXnXqYyHBfdcCvZeGUHHbTAcMCNV
41zt7sw1Najwalag5jVv1H/4PR2qA1wXJCyr5vjXgZtlpOIwKPxMt+l+OWK1AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUscLq7ob2+33CXMZW+JHvVTJwCEYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzUz
MzJlMzEzNzM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM3MzAzNDM5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuZmzMA0GCSqGSIb3DQEBCwUAA4IBAQBpZo4d+a0f24uPt3kVBmun
g5vGokMMyUI0zdAOJ6ZDlH9rVvbCzLhvvDaH9ehhmg/g91LHv5uA7mwidPCOiPTI
SQ29ti5MJDdIP485Ha8nIOebu2OeFjaIHjhjhvPLpMaDuzX0erkoDMqXRhv280vb
mIx9Ualap28hpJqJHAVvZTbzYKT2resXo1F0UwmoomMBEEn1zeGfJSvbOSgTR8A7
K0PeOuWSFWVy2In+RE3zVUQP/oCJEh/xUL0TAjKEApj6szJ+CfFVPzRz9XJqV8fc
zZ/V29xuc2J3k18UClYt1yRABX/EDV8uNh1CGePbZy7BAdmXEgdG7NX0SuoRvORr
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org