Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139332e31362e302f32342d3234203d3e203230343733.roa
File: 3138352e3139332e31362e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: TnGiO6IldY7ddfG2f6Jg4X34lxW8ePQmrBE7vS814oA=
Subject key identifier: 1B:45:61:9D:13:03:D3:2C:AF:51:2B:8E:75:F8:14:DA:77:02:E6:B8
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2E5C70B10BA21FF39C0DA26C92EEAF3E4B50D5A5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139332e31362e302f32342d3234203d3e203230343733.roa
Signing time: Fri 20 Dec 2024 15:23:38 +0000
ROA not before: Fri 20 Dec 2024 15:18:38 +0000
ROA not after: Fri 19 Dec 2025 15:23:38 +0000
asID: 20473
IP address blocks: 185.193.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:5c:70:b1:0b:a2:1f:f3:9c:0d:a2:6c:92:ee:af:3e:4b:50:d5:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:38 2024 GMT
Not After : Dec 19 15:23:38 2025 GMT
Subject: CN=1B45619D1303D32CAF512B8E75F814DA7702E6B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:81:17:3b:75:05:dd:36:cf:5e:8d:a2:72:a2:
9e:06:86:15:2b:ab:33:bd:4f:9d:39:ff:b9:74:05:
84:a1:53:8b:44:27:f2:70:05:b8:da:e7:3d:df:4f:
c3:c1:87:7a:19:e6:59:c2:9c:11:54:1b:5e:8a:99:
45:0f:58:e4:55:a2:aa:2b:2e:9d:ff:08:be:44:e2:
0f:90:1f:8d:a5:fe:70:53:d7:cf:e3:fa:62:dd:89:
de:9e:e3:31:65:74:fb:f5:d7:ad:7c:84:35:d2:91:
76:85:0d:d8:d5:59:7e:96:cc:92:0b:5b:2a:c4:ca:
0c:3e:49:e8:89:e9:73:42:60:61:c2:28:e1:0a:7c:
ba:b6:8f:1b:13:a3:20:b0:c0:c5:d8:d1:aa:db:a2:
be:39:23:a3:d3:f6:fe:42:db:fc:f6:2b:45:5e:54:
b0:a8:e7:72:24:23:ae:09:9f:dd:46:7e:0a:c8:4d:
19:a4:f6:9f:43:da:42:5a:f1:d5:ff:f0:d8:d3:1b:
06:df:df:e2:e8:ae:bb:91:13:f1:ca:c3:3e:ce:09:
08:c1:82:d3:4c:03:90:75:b8:86:1d:eb:4c:27:3e:
e1:ab:0b:63:75:f7:10:35:6e:49:37:0a:48:11:b5:
79:9f:1b:32:35:fc:62:5b:5f:1f:5b:58:6e:cb:49:
5b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:45:61:9D:13:03:D3:2C:AF:51:2B:8E:75:F8:14:DA:77:02:E6:B8
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139332e31362e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.16.0/24
Signature Algorithm: sha256WithRSAEncryption
54:f5:78:4b:68:20:68:f4:24:9b:6d:87:f0:e8:9b:45:4e:50:
a6:b3:24:5d:d9:ab:85:48:72:16:a7:24:bb:66:77:02:78:cf:
55:b9:b4:94:1f:7a:9d:7e:73:4a:56:05:f2:89:94:0e:e7:e6:
81:ad:eb:28:e7:b9:d5:56:6c:6e:fb:44:2b:9e:25:cf:d7:c8:
08:de:31:53:3d:95:48:83:ff:9d:e2:12:1a:92:a9:c7:6c:5a:
f0:32:87:32:1a:cc:7b:cb:9d:24:af:06:9f:1a:9e:ad:9d:4e:
6e:99:4e:53:cd:4a:99:a3:4e:dc:ab:57:0c:0b:a0:b5:da:52:
a6:04:21:db:56:61:32:ab:85:44:fc:ac:b8:51:d0:10:ab:8e:
dd:fd:b9:2e:3d:c9:0c:b6:3f:a9:3b:78:89:8d:9f:25:01:cc:
12:90:ab:da:72:ad:b9:db:cc:76:0c:11:7b:a3:32:d0:14:59:
60:db:69:be:c3:27:cd:fe:6e:48:2f:41:03:11:2f:11:ca:87:
ef:02:1d:c8:61:30:8e:d8:3a:f1:30:85:9a:f8:0b:d7:a8:5b:
15:ac:df:55:6b:4f:88:4e:52:77:be:32:a7:a3:3c:72:5b:79:
32:b5:ef:ab:3a:f5:40:03:c4:0a:b8:38:f5:95:bb:ef:0a:e8:
25:f0:ea:a2
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIULlxwsQuiH/OcDaJsku6vPktQ1aUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzhaFw0yNTEyMTkxNTIzMzhaMDMxMTAvBgNV
BAMTKDFCNDU2MTlEMTMwM0QzMkNBRjUxMkI4RTc1RjgxNERBNzcwMkU2QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKgRc7dQXdNs9ejaJyop4GhhUr
qzO9T505/7l0BYShU4tEJ/JwBbja5z3fT8PBh3oZ5lnCnBFUG16KmUUPWORVoqor
Lp3/CL5E4g+QH42l/nBT18/j+mLdid6e4zFldPv11618hDXSkXaFDdjVWX6WzJIL
WyrEygw+SeiJ6XNCYGHCKOEKfLq2jxsToyCwwMXY0arbor45I6PT9v5C2/z2K0Ve
VLCo53IkI64Jn91GfgrITRmk9p9D2kJa8dX/8NjTGwbf3+LorruRE/HKwz7OCQjB
gtNMA5B1uIYd60wnPuGrC2N19xA1bkk3CkgRtXmfGzI1/GJbXx9bWG7LSVu9AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUG0VhnRMD0yyvUSuOdfgU2ncC5rgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzkz
MzJlMzEzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDM3MzMucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAC5wRAwDQYJKoZIhvcNAQELBQADggEBAFT1eEtoIGj0JJtth/Dom0VOUKaz
JF3Zq4VIchanJLtmdwJ4z1W5tJQfep1+c0pWBfKJlA7n5oGt6yjnudVWbG77RCue
Jc/XyAjeMVM9lUiD/53iEhqSqcdsWvAyhzIazHvLnSSvBp8anq2dTm6ZTlPNSpmj
TtyrVwwLoLXaUqYEIdtWYTKrhUT8rLhR0BCrjt39uS49yQy2P6k7eImNnyUBzBKQ
q9pyrbnbzHYMEXujMtAUWWDbab7DJ83+bkgvQQMRLxHKh+8CHchhMI7YOvEwhZr4
C9eoWxWs31VrT4hOUne+MqejPHJbeTK176s69UADxAq4OPWVu+8K6CXw6qI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:34:00 2025 by rpki-client