Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34352e302f32342d3234203d3e20323031333431.roa
File: 3138352e3136322e34352e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: auJQmPwtzsiDqzP4ycUgN4ElSEUNtfOg/xVR1IsZ7bU=
Subject key identifier: D0:6C:1A:0F:6F:6A:10:65:A4:4A:0E:EC:25:45:D6:46:F8:54:E2:B9
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5B3CDDF1C0A19984F3C9A7DF5634C06FB16FBC8D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34352e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:45 +0000
ROA not before: Mon 26 Feb 2024 08:48:45 +0000
ROA not after: Mon 24 Feb 2025 08:53:45 +0000
asID: 201341
IP address blocks: 185.162.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:3c:dd:f1:c0:a1:99:84:f3:c9:a7:df:56:34:c0:6f:b1:6f:bc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 26 08:48:45 2024 GMT
Not After : Feb 24 08:53:45 2025 GMT
Subject: CN=D06C1A0F6F6A1065A44A0EEC2545D646F854E2B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e6:48:60:3a:a5:e9:5b:56:6f:e8:c0:65:27:
01:73:41:c9:3f:2b:31:66:f7:ad:61:cb:b1:b7:e8:
e1:3e:2f:73:a2:77:80:1a:1e:7d:7a:60:33:77:fd:
af:98:ae:63:5c:6e:7d:7b:d6:3b:48:77:e3:10:47:
88:70:ea:59:7d:d1:db:1a:de:d6:a8:98:1c:ce:ba:
3e:b4:f0:df:ca:fd:d8:d6:39:35:9b:d1:80:23:3e:
48:7e:0f:f8:47:ab:ff:91:b1:8e:46:47:c8:0c:e3:
ff:46:72:09:cf:b9:d1:60:5b:78:be:48:18:11:86:
f6:28:f4:99:b2:d2:2e:9e:3f:de:fc:4c:56:2a:d3:
62:5f:43:d9:16:4e:7f:bc:4f:e8:87:5d:08:c8:6d:
14:b8:f1:96:93:c6:24:c1:3e:44:07:6c:a8:e8:22:
e7:76:8c:7d:ac:77:c2:73:c2:f9:65:5c:7d:8f:08:
f6:a7:6e:72:39:1a:5b:ce:82:d5:84:b9:16:62:8e:
4f:d5:22:5d:d7:76:62:21:10:01:20:69:39:d2:56:
a9:85:3f:8e:41:6c:81:cd:ad:ed:74:24:df:35:58:
f8:99:be:a4:5f:ca:d3:69:a7:24:f7:de:dc:93:07:
c9:75:ad:07:25:ad:3a:40:d4:52:0c:45:ff:80:3c:
4a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6C:1A:0F:6F:6A:10:65:A4:4A:0E:EC:25:45:D6:46:F8:54:E2:B9
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136322e34352e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.45.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:72:c0:2d:60:c5:a9:af:81:c7:1d:d4:70:d9:2d:ee:5e:b7:
46:4a:59:d4:4a:e4:d4:8a:55:6b:53:ee:9c:c9:b9:ee:eb:fd:
6d:07:87:f4:e4:c6:21:32:e7:e8:ee:11:5a:c8:3d:a0:5c:39:
2c:b8:a0:14:39:63:9e:91:ec:68:8d:58:66:32:28:05:45:d4:
7a:b6:1d:23:4e:5e:af:29:75:4e:28:9a:72:12:b0:1d:29:5e:
63:14:51:d5:3f:b6:32:d7:be:53:69:8b:d1:64:66:cc:da:3a:
2a:4c:8d:60:df:44:8e:b8:9f:c8:e4:58:74:4c:37:10:7b:c9:
2b:02:2d:77:e3:51:5b:4e:4b:83:0a:99:1a:f0:98:58:46:b3:
b7:91:cb:60:e2:05:8f:b6:7c:b2:37:a9:31:dc:7b:c5:4f:a4:
79:b0:69:35:e2:c7:7e:2e:30:00:53:10:db:db:11:ab:71:92:
ea:c9:91:d6:b8:16:77:04:82:4c:3d:50:b6:0d:be:b0:ab:26:
58:a8:ee:3a:ea:f9:9f:0e:fe:32:74:fe:9d:bb:a8:fe:2e:64:
21:e4:80:ab:e3:2b:69:ec:66:0f:65:34:5c:88:83:3b:35:b1:
f4:d6:80:35:4c:f1:78:1b:41:5b:07:05:9f:b7:d3:03:9a:de:
2a:1a:c1:61
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWzzd8cChmYTzyaffVjTAb7FvvI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAyMjYwODQ4NDVaFw0yNTAyMjQwODUzNDVaMDMxMTAvBgNV
BAMTKEQwNkMxQTBGNkY2QTEwNjVBNDRBMEVFQzI1NDVENjQ2Rjg1NEUyQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp5khgOqXpW1Zv6MBlJwFzQck/
KzFm961hy7G36OE+L3Oid4AaHn16YDN3/a+YrmNcbn171jtId+MQR4hw6ll90dsa
3taomBzOuj608N/K/djWOTWb0YAjPkh+D/hHq/+RsY5GR8gM4/9GcgnPudFgW3i+
SBgRhvYo9Jmy0i6eP978TFYq02JfQ9kWTn+8T+iHXQjIbRS48ZaTxiTBPkQHbKjo
Iud2jH2sd8JzwvllXH2PCPanbnI5GlvOgtWEuRZijk/VIl3XdmIhEAEgaTnSVqmF
P45BbIHNre10JN81WPiZvqRfytNppyT33tyTB8l1rQclrTpA1FIMRf+APEqhAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU0GwaD29qEGWkSg7sJUXWRvhU4rkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
MjJlMzQzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmiLTANBgkqhkiG9w0BAQsFAAOCAQEAT3LALWDFqa+Bxx3UcNkt7l63
RkpZ1Erk1IpVa1PunMm57uv9bQeH9OTGITLn6O4RWsg9oFw5LLigFDljnpHsaI1Y
ZjIoBUXUerYdI05eryl1TiiachKwHSleYxRR1T+2Mte+U2mL0WRmzNo6KkyNYN9E
jrifyORYdEw3EHvJKwItd+NRW05LgwqZGvCYWEazt5HLYOIFj7Z8sjepMdx7xU+k
ebBpNeLHfi4wAFMQ29sRq3GS6smR1rgWdwSCTD1Qtg2+sKsmWKjuOur5nw7+MnT+
nbuo/i5kIeSAq+MraexmD2U0XIiDOzWx9NaANUzxeBtBWwcFn7fTA5reKhrBYQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:21 2024 by rpki-client on console-ams.rpki-client.org