Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa
File: 3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: JG8HR1Gkjq4Xt8m01HeJcn2KEdZZxiV2UN7snCbxDP0=
Subject key identifier: 2C:28:39:49:7D:08:8E:7B:2B:BB:EE:0D:4C:9C:78:E2:71:BC:53:1C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1BCE9FE672922163B597AEAB5ADBC4B2308D540D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 20 May 2024 11:03:42 +0000
ROA not before: Mon 20 May 2024 10:58:42 +0000
ROA not after: Mon 19 May 2025 11:03:42 +0000
asID: 147049
IP address blocks: 185.172.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:ce:9f:e6:72:92:21:63:b5:97:ae:ab:5a:db:c4:b2:30:8d:54:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: May 20 10:58:42 2024 GMT
Not After : May 19 11:03:42 2025 GMT
Subject: CN=2C2839497D088E7B2BBBEE0D4C9C78E271BC531C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:61:3e:44:a9:90:e3:85:55:81:b3:ef:1c:05:
99:a8:bf:a0:f2:0c:72:98:4d:bb:ae:ec:2e:8d:6b:
24:6a:cb:34:50:d0:af:90:d3:89:3d:82:91:0a:c1:
5e:52:4d:39:a8:d5:2b:ca:57:d0:14:15:74:bc:b4:
e2:26:56:8b:aa:ee:52:2d:16:90:72:36:6b:da:61:
bd:2f:b5:49:91:db:c7:db:60:d1:93:81:08:56:a1:
9c:69:83:57:23:37:16:82:cb:53:ea:ef:f9:fa:d8:
53:ac:70:2b:57:b5:83:4a:49:3a:bb:9b:4a:02:15:
86:20:aa:19:48:b0:94:21:73:af:6a:f9:2b:87:48:
26:fc:b3:5f:64:03:95:e1:e0:7d:f3:be:54:34:75:
9c:95:28:8e:ae:ce:5e:2c:46:fe:85:71:88:c5:b5:
3b:ed:b4:33:bd:d8:5f:07:e1:48:cb:94:dd:27:78:
14:2d:c4:83:4e:2e:2d:06:4b:d4:92:2b:bc:94:f7:
bf:d5:b6:b0:57:eb:99:18:31:42:10:0a:71:1f:1d:
2f:16:f0:95:e3:d9:31:ea:c9:5d:c4:99:b1:b3:87:
e5:e1:17:82:c7:9e:dd:3e:3a:c1:8e:91:ae:94:05:
3e:dd:c5:15:ae:38:40:85:50:d8:8a:b8:ac:eb:61:
f1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:28:39:49:7D:08:8E:7B:2B:BB:EE:0D:4C:9C:78:E2:71:BC:53:1C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35332e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.53.0/24
Signature Algorithm: sha256WithRSAEncryption
96:1a:cb:34:96:24:29:26:55:0e:5b:c2:f8:17:6f:0f:c2:1c:
be:88:84:5a:ba:2d:8c:e6:5e:ff:23:db:68:c0:2a:f3:bc:2c:
31:17:14:3c:dd:2a:01:26:c7:1f:f0:e5:7f:9b:de:ef:c9:30:
66:78:2a:3c:dd:36:c6:cc:dc:04:62:6f:5a:20:b7:97:f6:cd:
66:05:5c:de:04:2f:28:83:72:60:ca:c3:12:9c:93:1e:3f:88:
44:ff:5c:41:d6:25:a0:d3:5d:f0:f6:e0:e6:9a:53:14:7b:40:
f6:ed:ac:24:ae:e6:43:48:87:ac:0e:22:84:b8:a7:b6:ac:f7:
11:40:0b:2e:57:25:bf:44:f8:d2:2f:bf:44:f3:83:55:5d:2f:
20:3a:a0:5c:ad:52:4c:8e:50:4f:64:bb:c8:6e:7d:fd:3c:e0:
e1:3d:5d:0c:9a:14:63:77:a4:3a:d5:cc:c2:5a:7e:f9:09:18:
29:71:bc:09:50:51:79:32:75:08:e3:e9:da:d3:3c:e1:44:bb:
30:67:72:b2:73:8c:c8:f5:cd:d1:31:4c:88:ab:1e:66:c7:53:
b7:d6:a6:1a:cf:03:b2:28:b0:a0:d5:83:55:11:96:70:fa:a7:
70:19:04:b0:a4:52:7d:59:78:1f:19:42:50:d6:e2:09:6a:de:
0c:47:b2:3f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUG86f5nKSIWO1l66rWtvEsjCNVA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA1MjAxMDU4NDJaFw0yNTA1MTkxMTAzNDJaMDMxMTAvBgNV
BAMTKDJDMjgzOTQ5N0QwODhFN0IyQkJCRUUwRDRDOUM3OEUyNzFCQzUzMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYYT5EqZDjhVWBs+8cBZmov6Dy
DHKYTbuu7C6NayRqyzRQ0K+Q04k9gpEKwV5STTmo1SvKV9AUFXS8tOImVouq7lIt
FpByNmvaYb0vtUmR28fbYNGTgQhWoZxpg1cjNxaCy1Pq7/n62FOscCtXtYNKSTq7
m0oCFYYgqhlIsJQhc69q+SuHSCb8s19kA5Xh4H3zvlQ0dZyVKI6uzl4sRv6FcYjF
tTvttDO92F8H4UjLlN0neBQtxINOLi0GS9SSK7yU97/VtrBX65kYMUIQCnEfHS8W
8JXj2THqyV3EmbGzh+XhF4LHnt0+OsGOka6UBT7dxRWuOECFUNiKuKzrYfFhAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQULCg5SX0Ijnsru+4NTJx44nG8UxwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MjJlMzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmsNTANBgkqhkiG9w0BAQsFAAOCAQEAlhrLNJYkKSZVDlvC+BdvD8Ic
voiEWrotjOZe/yPbaMAq87wsMRcUPN0qASbHH/Dlf5ve78kwZngqPN02xszcBGJv
WiC3l/bNZgVc3gQvKINyYMrDEpyTHj+IRP9cQdYloNNd8Pbg5ppTFHtA9u2sJK7m
Q0iHrA4ihLintqz3EUALLlclv0T40i+/RPODVV0vIDqgXK1STI5QT2S7yG59/Tzg
4T1dDJoUY3ekOtXMwlp++QkYKXG8CVBReTJ1COPp2tM84US7MGdysnOMyPXN0TFM
iKseZsdTt9amGs8DsiiwoNWDVRGWcPqncBkEsKRSfVl4HxlCUNbiCWreDEeyPw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org