Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3137322e35342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: hgvIVmpSAS5fLH7ux7eHXrw66BF9K0mkB25JrkxbJNY=
Subject key identifier: 89:02:D9:DE:A3:95:C2:6F:85:5A:75:4F:63:4E:5D:0A:08:1A:CE:F8
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0F6342489026A570B459AE170D84A5AE6ADB8EC3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35342e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:31 +0000
ROA not before: Sat 02 Mar 2024 21:49:31 +0000
ROA not after: Sat 01 Mar 2025 21:54:31 +0000
asID: 136787
IP address blocks: 185.172.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:63:42:48:90:26:a5:70:b4:59:ae:17:0d:84:a5:ae:6a:db:8e:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 2 21:49:31 2024 GMT
Not After : Mar 1 21:54:31 2025 GMT
Subject: CN=8902D9DEA395C26F855A754F634E5D0A081ACEF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c8:44:18:ee:ae:34:8e:06:3f:93:d0:75:f2:
1a:43:e8:06:4d:66:da:29:7f:b6:9e:2d:47:78:bc:
54:8a:7a:ef:07:ee:43:be:c8:19:57:ae:d6:a7:7a:
bc:cc:ad:ed:e0:b5:a0:09:bc:aa:41:2a:09:f4:6b:
60:3e:c1:50:c9:dd:4f:b1:31:14:9b:9a:57:b4:ab:
03:10:31:12:aa:54:e0:38:f2:9c:d0:4c:c0:9b:21:
70:2a:f7:69:37:59:ec:ac:13:8b:60:15:fb:4f:88:
22:54:6e:7b:3e:62:bc:4e:0a:e0:fc:5c:44:86:8c:
50:cc:a4:b7:74:19:bf:95:59:54:7c:2a:76:62:99:
a5:37:a0:bc:2d:ef:31:54:9c:60:df:c4:01:86:37:
f8:d7:a5:02:65:a9:b8:0e:b4:7d:46:36:3f:c4:8e:
df:21:ed:cd:04:f1:d1:0b:77:4d:22:e8:c4:46:22:
46:fc:ec:7d:93:ec:df:7c:0f:5b:74:d8:40:dc:23:
1b:ba:3f:a8:f0:03:c5:f4:f6:4b:8f:5b:00:9e:14:
f7:96:e7:78:28:40:5a:f6:b8:8a:2f:d8:4f:66:4b:
9a:02:f8:a8:67:52:99:a7:a7:c0:19:70:f2:61:78:
75:66:ca:41:a9:7b:b7:be:2c:cf:83:71:63:cf:dc:
12:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:02:D9:DE:A3:95:C2:6F:85:5A:75:4F:63:4E:5D:0A:08:1A:CE:F8
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137322e35342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.54.0/24
Signature Algorithm: sha256WithRSAEncryption
87:24:a3:2e:20:40:53:d9:20:d1:d8:52:8c:2b:b2:a7:a9:9b:
79:4f:db:e6:31:4f:25:79:1f:e7:47:a6:d2:8a:90:32:b0:99:
36:71:5e:aa:b1:b0:d3:c9:58:f5:74:be:ac:b8:e9:b9:e4:38:
51:52:e5:6e:32:f5:32:f0:28:92:c1:ff:79:ca:31:cf:ff:7b:
76:8e:76:da:4d:0c:48:16:6f:fd:99:b1:51:3f:20:f1:e1:bb:
82:20:01:46:cd:cf:9b:47:ca:fb:05:c1:e7:79:ba:2f:a9:91:
44:2e:b1:e5:1b:f1:be:d6:c5:89:19:96:a3:97:f8:fc:8b:b1:
43:17:65:46:93:43:92:6f:9d:7f:82:9e:95:b3:80:83:7a:16:
29:1b:93:06:93:d2:e4:ca:92:e9:c2:45:5d:af:6c:82:60:65:
5a:ef:30:ca:75:fb:c8:a7:87:86:df:49:cb:c6:40:5f:e2:08:
13:55:67:20:32:6f:35:67:46:2b:ab:1b:59:a2:ee:c0:84:88:
16:5e:d8:62:e4:20:43:49:cc:22:64:be:19:1b:0d:8e:b8:ff:
9c:3e:7f:15:17:b4:1d:8a:37:de:05:76:7b:c6:41:d1:65:3d:
36:d6:9b:33:a5:36:c6:47:a2:27:fe:0e:54:54:54:d7:3d:32:
db:ee:4c:fe
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUD2NCSJAmpXC0Wa4XDYSlrmrbjsMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAzMDIyMTQ5MzFaFw0yNTAzMDEyMTU0MzFaMDMxMTAvBgNV
BAMTKDg5MDJEOURFQTM5NUMyNkY4NTVBNzU0RjYzNEU1RDBBMDgxQUNFRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnyEQY7q40jgY/k9B18hpD6AZN
Ztopf7aeLUd4vFSKeu8H7kO+yBlXrtanerzMre3gtaAJvKpBKgn0a2A+wVDJ3U+x
MRSbmle0qwMQMRKqVOA48pzQTMCbIXAq92k3WeysE4tgFftPiCJUbns+YrxOCuD8
XESGjFDMpLd0Gb+VWVR8KnZimaU3oLwt7zFUnGDfxAGGN/jXpQJlqbgOtH1GNj/E
jt8h7c0E8dELd00i6MRGIkb87H2T7N98D1t02EDcIxu6P6jwA8X09kuPWwCeFPeW
53goQFr2uIov2E9mS5oC+KhnUpmnp8AZcPJheHVmykGpe7e+LM+DcWPP3BJNAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUiQLZ3qOVwm+FWnVPY05dCggazvgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
MjJlMzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmsNjANBgkqhkiG9w0BAQsFAAOCAQEAhySjLiBAU9kg0dhSjCuyp6mb
eU/b5jFPJXkf50em0oqQMrCZNnFeqrGw08lY9XS+rLjpueQ4UVLlbjL1MvAoksH/
ecoxz/97do522k0MSBZv/ZmxUT8g8eG7giABRs3Pm0fK+wXB53m6L6mRRC6x5Rvx
vtbFiRmWo5f4/IuxQxdlRpNDkm+df4KelbOAg3oWKRuTBpPS5MqS6cJFXa9sgmBl
Wu8wynX7yKeHht9Jy8ZAX+IIE1VnIDJvNWdGK6sbWaLuwISIFl7YYuQgQ0nMImS+
GRsNjrj/nD5/FRe0HYo33gV2e8ZB0WU9NtabM6U2xkeiJ/4OVFRU1z0y2+5M/g==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:44:10 2024 by rpki-client on console-fra.rpki-client.org