Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137342e3235322e302f32322d3232203d3e203432333636.roa
File: 3138352e3137342e3235322e302f32322d3232203d3e203432333636.roa (raw, json)
Hash identifier: fjwkVrJgHYcshi/3Y+QPCp3XnkqBApeRZ/vsoJdrJ7o=
Subject key identifier: 81:DD:FB:39:EB:0C:3C:61:27:59:62:7D:8C:99:48:17:8C:55:E4:11
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 387EFCBBB241E06871A87D35436038AD217B57B2
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137342e3235322e302f32322d3232203d3e203432333636.roa
Signing time: Fri 13 Sep 2024 15:43:59 +0000
ROA not before: Fri 13 Sep 2024 15:38:59 +0000
ROA not after: Fri 12 Sep 2025 15:43:59 +0000
asID: 42366
IP address blocks: 185.174.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:7e:fc:bb:b2:41:e0:68:71:a8:7d:35:43:60:38:ad:21:7b:57:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Sep 13 15:38:59 2024 GMT
Not After : Sep 12 15:43:59 2025 GMT
Subject: CN=81DDFB39EB0C3C612759627D8C9948178C55E411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:71:a1:e3:2f:64:7c:30:75:aa:39:10:43:
9f:0c:8e:7a:7c:67:77:ff:78:72:02:ee:cd:84:5c:
df:01:6d:87:ac:44:17:35:0b:58:70:11:c9:bc:d8:
19:d9:5d:cc:e6:d1:3a:f1:c4:d1:03:21:64:fb:cb:
40:9c:eb:37:04:d5:29:ba:6c:f4:57:dc:e9:7b:1e:
a1:f9:e9:7d:fc:8e:af:14:b2:09:5d:9f:38:4b:a6:
d7:fc:c1:31:f8:26:82:6b:19:72:fb:29:49:6e:90:
c6:c6:65:dc:28:75:01:cd:b1:5d:90:2c:6e:b3:0f:
77:62:a0:3c:81:dd:38:58:6d:fe:ba:8c:6c:0e:b8:
c0:e0:5c:91:bb:9e:9b:11:0a:8b:7a:9b:f2:bc:88:
0d:b4:b9:c2:dc:05:b6:ea:b6:11:58:a8:91:c3:79:
04:78:46:41:d8:a6:74:d4:a5:f4:e4:30:f0:2d:59:
b4:33:62:59:d3:59:3a:41:79:d7:08:7f:30:4e:fe:
5b:e3:e2:21:b0:4a:44:9f:82:57:50:60:dd:6a:4a:
00:48:82:91:6f:02:95:65:18:74:56:81:98:cc:a6:
67:27:af:f6:bd:3a:0e:08:98:f6:5d:17:df:4d:e0:
c8:ad:ff:7b:a8:ef:9b:89:bd:31:4d:4a:13:a3:31:
83:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:DD:FB:39:EB:0C:3C:61:27:59:62:7D:8C:99:48:17:8C:55:E4:11
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3137342e3235322e302f32322d3232203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.252.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:9d:a1:11:92:39:c2:8d:5a:9b:60:66:21:b4:e8:86:24:68:
86:30:02:d7:d7:0d:e3:f8:f3:ec:02:c0:d8:c2:9a:53:32:95:
58:b5:f5:ed:f5:00:fd:b2:c2:33:ed:3f:da:c4:79:f8:88:d0:
29:07:57:a7:0c:51:81:77:08:60:db:bf:14:a9:21:6c:26:3d:
d4:62:81:1c:a6:10:38:fd:ec:be:4d:ce:45:17:f6:06:34:05:
44:ab:88:3c:77:a8:1b:6c:99:4b:ae:a9:53:03:2c:c0:33:7e:
8e:4c:80:a8:70:7e:45:6c:d5:c9:9c:f6:67:ae:a8:0f:9b:e6:
fb:22:e5:39:6c:3a:98:7c:35:76:4a:b0:97:d7:0d:4a:70:cd:
4d:58:b6:dd:b1:4b:e8:54:d8:b1:21:3f:f1:9a:ac:e3:df:9d:
6e:94:5c:c4:15:45:c3:94:39:c5:06:ee:2c:67:af:e5:34:b2:
d0:c8:77:a3:c3:3b:cc:7a:7c:92:0b:0e:b0:98:bb:61:ff:cb:
34:f2:e4:4c:88:09:ab:8e:f4:0d:38:e1:70:40:2e:e7:b4:9e:
3b:27:b5:79:0b:a5:8a:28:bb:12:35:4f:89:be:b5:db:7c:26:
ac:3a:2b:e8:a6:3c:9d:7a:7f:97:1f:3f:8b:da:a3:a7:17:bb:
e9:af:be:74
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUOH78u7JB4GhxqH01Q2A4rSF7V7IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDA5MTMxNTM4NTlaFw0yNTA5MTIxNTQzNTlaMDMxMTAvBgNV
BAMTKDgxRERGQjM5RUIwQzNDNjEyNzU5NjI3RDhDOTk0ODE3OEM1NUU0MTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOLHGh4y9kfDB1qjkQQ58Mjnp8
Z3f/eHIC7s2EXN8BbYesRBc1C1hwEcm82BnZXczm0TrxxNEDIWT7y0Cc6zcE1Sm6
bPRX3Ol7HqH56X38jq8UsgldnzhLptf8wTH4JoJrGXL7KUlukMbGZdwodQHNsV2Q
LG6zD3dioDyB3ThYbf66jGwOuMDgXJG7npsRCot6m/K8iA20ucLcBbbqthFYqJHD
eQR4RkHYpnTUpfTkMPAtWbQzYlnTWTpBedcIfzBO/lvj4iGwSkSfgldQYN1qSgBI
gpFvApVlGHRWgZjMpmcnr/a9Og4ImPZdF99N4Mit/3uo75uJvTFNShOjMYOxAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUgd37OesMPGEnWWJ9jJlIF4xV5BEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzcz
NDJlMzIzNTMyMmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzQzMjMzMzYzNi5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEArmu/DANBgkqhkiG9w0BAQsFAAOCAQEAo52hEZI5wo1am2BmIbTohiRo
hjAC19cN4/jz7ALA2MKaUzKVWLX17fUA/bLCM+0/2sR5+IjQKQdXpwxRgXcIYNu/
FKkhbCY91GKBHKYQOP3svk3ORRf2BjQFRKuIPHeoG2yZS66pUwMswDN+jkyAqHB+
RWzVyZz2Z66oD5vm+yLlOWw6mHw1dkqwl9cNSnDNTVi23bFL6FTYsSE/8Zqs49+d
bpRcxBVFw5Q5xQbuLGev5TSy0Mh3o8M7zHp8kgsOsJi7Yf/LNPLkTIgJq470DTjh
cEAu57SeOye1eQuliii7EjVPib6123wmrDor6KY8nXp/lx8/i9qjpxe76a++dA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org