Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e3235352e302f32342d3332203d3e203632323430.roa
File: 3138352e3136392e3235352e302f32342d3332203d3e203632323430.roa (raw, json)
Hash identifier: oioR69nroTHzyM7s8L+mDvApluLlQCZSBAwTfP8v9DI=
Subject key identifier: 62:95:AE:40:8E:7B:34:4A:08:CE:84:3F:2E:7D:F5:A7:1E:11:E1:88
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 68F8462DD396195023CF9BCC1764D89AB90B7520
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e3235352e302f32342d3332203d3e203632323430.roa
Signing time: Mon 26 Feb 2024 08:53:45 +0000
ROA not before: Mon 26 Feb 2024 08:48:45 +0000
ROA not after: Mon 24 Feb 2025 08:53:45 +0000
asID: 62240
IP address blocks: 185.169.255.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:f8:46:2d:d3:96:19:50:23:cf:9b:cc:17:64:d8:9a:b9:0b:75:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 26 08:48:45 2024 GMT
Not After : Feb 24 08:53:45 2025 GMT
Subject: CN=6295AE408E7B344A08CE843F2E7DF5A71E11E188
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e9:c9:f3:76:90:70:fd:de:46:26:d0:4e:97:
89:dd:0c:e5:fd:59:3e:cd:6b:d4:37:3d:ba:b2:30:
e9:ea:a2:19:7e:41:c8:d1:f3:c7:ac:02:b9:15:b5:
a3:3b:e8:bc:1f:ab:90:61:d6:5d:7f:49:78:e1:df:
af:a5:13:70:df:d1:3d:c7:08:92:1f:3f:91:79:56:
4c:c5:8a:96:f4:42:e8:f3:ed:f1:71:db:ff:e4:0f:
a8:c8:a2:71:8c:50:7f:e2:30:48:54:ce:75:ad:75:
80:46:bf:23:b7:7d:d7:df:34:a8:63:a6:2a:eb:ad:
5c:08:bc:09:bd:5c:e2:aa:74:27:d2:81:73:bc:2a:
d3:24:c5:46:ae:47:a6:c3:6d:dc:ce:ad:e6:00:83:
b2:78:5e:0d:10:e0:4c:19:18:d9:51:d3:1d:98:2d:
74:22:7c:02:4c:2a:b3:3d:75:92:dc:a2:bf:d0:97:
9b:de:f9:f0:51:08:d8:e6:8e:78:b9:0f:da:d0:16:
d8:91:3c:83:59:6e:6d:75:b8:af:06:bc:38:a2:1f:
d4:b3:30:e3:b2:a5:0a:0a:4e:02:ba:93:f2:48:4f:
e3:c5:52:56:fb:72:77:b8:e6:5a:60:86:37:8d:9b:
2b:81:85:71:7f:92:64:af:86:fa:d3:1b:1b:85:dc:
c1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:95:AE:40:8E:7B:34:4A:08:CE:84:3F:2E:7D:F5:A7:1E:11:E1:88
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e3235352e302f32342d3332203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.255.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:9e:8a:53:8c:45:f5:07:22:4c:e1:ef:fc:c2:36:81:94:0b:
1f:5e:95:4e:e6:3f:ae:32:5c:cd:5b:be:55:30:e6:2a:f4:ac:
1b:5e:e9:23:e4:54:9d:77:5b:29:7c:53:9e:24:8d:6a:e5:c3:
b5:46:52:43:cb:db:17:99:83:40:1a:d9:11:b4:7b:d6:10:a3:
8f:e6:17:3e:b5:e5:69:fe:10:9f:6a:51:82:66:56:34:bf:ef:
4d:ff:58:1f:f4:21:76:64:09:81:0e:f2:6a:88:0e:1b:9a:59:
86:45:e7:98:01:4a:18:b0:81:a2:bd:ac:e4:21:53:b5:48:81:
2d:c2:fb:db:3b:13:16:61:95:57:20:20:f0:48:e3:db:f5:a6:
79:38:3e:4f:89:9b:52:3a:14:d9:ca:ce:20:60:05:ea:53:11:
fb:a3:54:5d:6f:a2:7a:4f:5d:73:43:a6:f1:d9:4d:bf:86:18:
fc:04:7f:85:c9:1f:62:95:cc:a9:95:e4:dd:3f:8c:50:bf:c8:
90:22:54:3d:d6:20:66:51:46:77:8b:3e:d0:2c:96:00:c9:75:
1a:52:1e:92:1b:bc:13:c8:fb:75:5e:2c:ca:e8:2b:d7:da:fc:
4d:25:5c:d7:21:71:1a:0f:68:40:55:c5:30:35:98:a2:1d:14:
f8:4d:f4:8f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUaPhGLdOWGVAjz5vMF2TYmrkLdSAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAyMjYwODQ4NDVaFw0yNTAyMjQwODUzNDVaMDMxMTAvBgNV
BAMTKDYyOTVBRTQwOEU3QjM0NEEwOENFODQzRjJFN0RGNUE3MUUxMUUxODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC36cnzdpBw/d5GJtBOl4ndDOX9
WT7Na9Q3PbqyMOnqohl+QcjR88esArkVtaM76Lwfq5Bh1l1/SXjh36+lE3Df0T3H
CJIfP5F5VkzFipb0Qujz7fFx2//kD6jIonGMUH/iMEhUznWtdYBGvyO3fdffNKhj
pirrrVwIvAm9XOKqdCfSgXO8KtMkxUauR6bDbdzOreYAg7J4Xg0Q4EwZGNlR0x2Y
LXQifAJMKrM9dZLcor/Ql5ve+fBRCNjmjni5D9rQFtiRPINZbm11uK8GvDiiH9Sz
MOOypQoKTgK6k/JIT+PFUlb7cne45lpghjeNmyuBhXF/kmSvhvrTGxuF3MGjAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUYpWuQI57NEoIzoQ/Ln31px4R4YgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
OTJlMzIzNTM1MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzYzMjMyMzQzMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmp/zANBgkqhkiG9w0BAQsFAAOCAQEAv56KU4xF9QciTOHv/MI2gZQL
H16VTuY/rjJczVu+VTDmKvSsG17pI+RUnXdbKXxTniSNauXDtUZSQ8vbF5mDQBrZ
EbR71hCjj+YXPrXlaf4Qn2pRgmZWNL/vTf9YH/QhdmQJgQ7yaogOG5pZhkXnmAFK
GLCBor2s5CFTtUiBLcL72zsTFmGVVyAg8Ejj2/WmeTg+T4mbUjoU2crOIGAF6lMR
+6NUXW+iek9dc0Om8dlNv4YY/AR/hckfYpXMqZXk3T+MUL/IkCJUPdYgZlFGd4s+
0CyWAMl1GlIekhu8E8j7dV4syugr19r8TSVc1yFxGg9oQFXFMDWYoh0U+E30jw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:14 2024 by rpki-client on console-fra.rpki-client.org