Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa
File: 3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: Z7J6ZOOk99basiGnBfqX4FgYCq8zEJygv8C8QAyT2QU=
Subject key identifier: 48:07:11:8F:39:7F:C5:4E:D0:B0:CD:FA:12:11:CF:22:ED:F9:C8:1B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2AD5E8EDA04E2DDF6325521AA137359F700E2FB2
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa
Signing time: Thu 13 Jun 2024 10:41:21 +0000
ROA not before: Thu 13 Jun 2024 10:36:21 +0000
ROA not after: Thu 12 Jun 2025 10:41:21 +0000
asID: 47583
IP address blocks: 185.164.108.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:d5:e8:ed:a0:4e:2d:df:63:25:52:1a:a1:37:35:9f:70:0e:2f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jun 13 10:36:21 2024 GMT
Not After : Jun 12 10:41:21 2025 GMT
Subject: CN=4807118F397FC54ED0B0CDFA1211CF22EDF9C81B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:69:f6:84:af:e0:13:dd:25:69:c7:c8:b2:56:
51:98:6c:07:41:b3:54:82:49:51:88:25:6b:73:ff:
d9:29:c9:f3:20:49:c3:a9:66:80:71:92:dd:cd:88:
df:f8:37:01:5b:51:0e:e4:57:ca:ab:b8:45:54:f2:
c2:7c:7c:38:cf:a2:d7:7c:76:26:25:bf:32:51:4f:
f1:9e:59:81:e9:f7:6e:1d:3f:5d:93:f7:14:92:b2:
31:72:8c:60:65:af:1f:a4:63:de:0b:cb:e8:b4:9d:
41:39:b3:fa:67:cf:9e:27:89:6f:9a:19:83:fc:1d:
cf:c2:ab:0b:9e:2c:06:1c:a8:a6:3c:4e:11:01:3b:
03:11:3c:5c:5f:3f:28:8a:7b:b2:c9:8e:aa:00:6c:
3c:78:74:94:90:b6:e9:c5:b3:b1:f1:f2:17:5b:cd:
e4:9c:94:8d:5d:49:db:22:f4:6e:5e:75:02:3e:bb:
78:22:b4:3f:80:51:e1:8f:83:2f:b7:9f:ce:82:03:
ef:ed:8a:09:5d:35:1c:bd:bd:07:68:ee:c9:05:52:
eb:1e:ab:bd:4a:8b:d8:e1:8a:f7:0d:a7:84:99:39:
0f:78:24:4e:6e:ee:e9:ab:cd:da:ae:e0:99:c4:ba:
99:22:d8:33:19:ce:6a:52:b8:87:06:88:21:83:70:
b6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:07:11:8F:39:7F:C5:4E:D0:B0:CD:FA:12:11:CF:22:ED:F9:C8:1B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136342e3130382e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.108.0/23
Signature Algorithm: sha256WithRSAEncryption
09:4a:d2:f0:c8:de:d1:db:d5:92:cf:6a:87:a6:1c:0f:80:ab:
90:de:59:8f:25:be:11:39:01:f2:a7:9f:0b:28:02:04:7d:ef:
1e:28:9a:cd:df:f8:ea:07:c7:22:04:22:4e:5f:b5:60:a3:c6:
14:64:73:a7:20:34:96:d0:f3:4f:42:50:d3:fa:46:5e:25:13:
30:b1:03:55:b3:be:2c:2d:9e:c7:0d:c9:ad:f2:da:5d:6f:c9:
9d:de:86:73:a8:eb:9e:fb:d0:cc:41:ff:98:34:54:49:3b:1a:
15:7e:7a:da:b9:9a:c2:22:d6:24:42:d8:02:b9:55:9b:8d:2a:
69:f4:ae:21:b1:86:6f:c8:71:f3:ef:a0:d3:a9:c0:ba:13:ad:
1c:c6:ae:91:42:e1:89:2c:e3:73:41:e8:2a:fb:52:1c:33:5c:
4a:de:18:a4:a9:5f:39:ea:7e:95:b2:14:5a:4b:80:e0:20:21:
94:17:c5:e8:72:53:fb:6b:47:be:20:5b:4b:1d:09:79:50:c3:
f4:06:cd:b5:ab:3e:85:69:be:d6:20:8d:62:21:36:4a:24:b0:
fa:c3:05:cb:a1:f8:8f:77:06:50:d4:63:78:aa:1d:24:84:d7:
c5:e5:24:9e:35:db:bb:70:65:84:8e:25:33:75:fa:a7:bb:0d:
2d:63:ec:3d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUKtXo7aBOLd9jJVIaoTc1n3AOL7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA2MTMxMDM2MjFaFw0yNTA2MTIxMDQxMjFaMDMxMTAvBgNV
BAMTKDQ4MDcxMThGMzk3RkM1NEVEMEIwQ0RGQTEyMTFDRjIyRURGOUM4MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3afaEr+AT3SVpx8iyVlGYbAdB
s1SCSVGIJWtz/9kpyfMgScOpZoBxkt3NiN/4NwFbUQ7kV8qruEVU8sJ8fDjPotd8
diYlvzJRT/GeWYHp924dP12T9xSSsjFyjGBlrx+kY94Ly+i0nUE5s/pnz54niW+a
GYP8Hc/CqwueLAYcqKY8ThEBOwMRPFxfPyiKe7LJjqoAbDx4dJSQtunFs7Hx8hdb
zeSclI1dSdsi9G5edQI+u3gitD+AUeGPgy+3n86CA+/tigldNRy9vQdo7skFUuse
q71Ki9jhivcNp4SZOQ94JE5u7umrzdqu4JnEupki2DMZzmpSuIcGiCGDcLYBAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUSAcRjzl/xU7QsM36EhHPIu35yBswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NDJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAbmkbDANBgkqhkiG9w0BAQsFAAOCAQEACUrS8Mje0dvVks9qh6YcD4Cr
kN5ZjyW+ETkB8qefCygCBH3vHiiazd/46gfHIgQiTl+1YKPGFGRzpyA0ltDzT0JQ
0/pGXiUTMLEDVbO+LC2exw3JrfLaXW/Jnd6Gc6jrnvvQzEH/mDRUSTsaFX562rma
wiLWJELYArlVm40qafSuIbGGb8hx8++g06nAuhOtHMaukULhiSzjc0HoKvtSHDNc
St4YpKlfOep+lbIUWkuA4CAhlBfF6HJT+2tHviBbSx0JeVDD9AbNtas+hWm+1iCN
YiE2SiSw+sMFy6H4j3cGUNRjeKodJITXxeUknjXbu3BlhI4lM3X6p7sNLWPsPQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org