Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139332e31372e302f32342d3332203d3e203531313637.roa
File: 3138352e3139332e31372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: Y99YCvtV0eXvGoNJANelpnS0BAaeiVnZRkDrpMIx7Qs=
Subject key identifier: 4C:89:54:35:69:B3:15:19:93:23:A6:63:4D:2E:38:63:90:AE:AE:79
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6E2994330C098F13632439EDE166268358709957
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139332e31372e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Dec 2024 15:23:37 +0000
ROA not before: Fri 20 Dec 2024 15:18:37 +0000
ROA not after: Fri 19 Dec 2025 15:23:37 +0000
asID: 51167
IP address blocks: 185.193.17.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:29:94:33:0c:09:8f:13:63:24:39:ed:e1:66:26:83:58:70:99:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:37 2024 GMT
Not After : Dec 19 15:23:37 2025 GMT
Subject: CN=4C89543569B315199323A6634D2E386390AEAE79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:38:fb:39:c7:a0:5e:d7:38:bc:83:40:ba:44:
73:eb:1b:16:76:89:23:f9:38:49:49:ab:17:bb:a1:
8c:33:0b:df:60:84:a8:fb:35:2d:9a:75:8b:e6:02:
09:79:42:13:ca:09:77:12:75:08:17:c3:a0:ce:fe:
ef:fb:0f:34:25:60:9d:99:74:5b:f4:0f:39:6b:a4:
4e:4b:28:87:0d:08:a8:0f:28:56:ec:20:58:c6:04:
21:dd:63:43:48:68:8d:62:0f:08:a8:90:55:6f:0c:
01:70:fb:e3:9d:5c:28:af:5e:14:59:03:e9:6b:f4:
98:f1:1d:c1:92:34:53:4f:3f:2c:dd:5b:d7:47:ab:
13:13:3f:48:70:f1:ba:64:ce:35:8e:e0:32:fd:7f:
d3:7f:0b:6b:12:dc:04:43:90:06:59:bf:0a:d0:df:
ef:58:51:b3:6b:59:01:6b:df:cb:b4:94:d1:47:c4:
fd:8b:35:db:24:94:81:b8:fc:ae:78:02:de:5c:a3:
41:08:cf:cf:9b:ed:80:97:e6:09:da:61:38:7d:75:
be:f7:a4:0d:5c:9f:88:b7:b1:53:f3:16:ef:80:b2:
40:62:09:2f:3e:d2:45:47:f0:4f:bb:ea:1c:00:6f:
5a:85:5b:70:84:39:63:9d:d3:be:4a:08:f0:22:d9:
3f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:89:54:35:69:B3:15:19:93:23:A6:63:4D:2E:38:63:90:AE:AE:79
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139332e31372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.17.0/24
Signature Algorithm: sha256WithRSAEncryption
31:42:ae:b1:de:3f:8e:72:e3:90:ad:74:f4:4f:02:72:da:76:
2c:bb:77:ea:7c:fb:01:ed:01:87:34:03:f3:d6:39:fa:c2:aa:
0f:26:b3:0e:89:e4:e2:d5:8b:d5:fb:a6:ec:b8:e4:4c:bd:e7:
70:41:f4:9a:35:c6:51:2d:d9:95:81:2a:29:75:b6:f5:cb:32:
39:04:2f:2a:fe:b3:b6:c6:d7:6f:66:2d:e0:bb:47:81:7a:23:
d9:cb:2e:a4:67:aa:2a:49:fd:e8:d0:ba:a5:a3:71:05:1e:2a:
6d:6b:90:66:d8:45:1b:81:53:70:92:c0:1d:27:8b:69:48:1c:
90:4c:9e:23:2f:92:03:79:2b:8a:61:c6:0d:cb:a9:31:36:b0:
8b:c9:b6:52:6c:ef:2b:cb:ec:bf:56:ed:71:b9:aa:50:07:51:
a6:4d:77:07:6b:7e:69:59:29:ee:e9:99:6a:f3:14:a7:62:b8:
89:1a:bd:97:a4:dc:ff:37:84:0b:0c:41:00:dd:fc:88:ba:4a:
84:bc:40:b6:9b:fd:a6:6e:5c:2b:b4:0d:91:5e:10:5e:11:28:
49:25:ae:9e:92:b6:f1:1b:53:c9:68:76:b8:e5:67:c2:0d:f5:
5e:52:85:97:b5:af:b4:18:47:69:6e:72:04:70:db:72:b2:2b:
b0:84:be:67
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUbimUMwwJjxNjJDnt4WYmg1hwmVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzdaFw0yNTEyMTkxNTIzMzdaMDMxMTAvBgNV
BAMTKDRDODk1NDM1NjlCMzE1MTk5MzIzQTY2MzREMkUzODYzOTBBRUFFNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiOPs5x6Be1zi8g0C6RHPrGxZ2
iSP5OElJqxe7oYwzC99ghKj7NS2adYvmAgl5QhPKCXcSdQgXw6DO/u/7DzQlYJ2Z
dFv0DzlrpE5LKIcNCKgPKFbsIFjGBCHdY0NIaI1iDwiokFVvDAFw++OdXCivXhRZ
A+lr9JjxHcGSNFNPPyzdW9dHqxMTP0hw8bpkzjWO4DL9f9N/C2sS3ARDkAZZvwrQ
3+9YUbNrWQFr38u0lNFHxP2LNdsklIG4/K54At5co0EIz8+b7YCX5gnaYTh9db73
pA1cn4i3sVPzFu+AskBiCS8+0kVH8E+76hwAb1qFW3CEOWOd075KCPAi2T/dAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUTIlUNWmzFRmTI6ZjTS44Y5CurnkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzkz
MzJlMzEzNzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAC5wREwDQYJKoZIhvcNAQELBQADggEBADFCrrHeP45y45CtdPRPAnLadiy7
d+p8+wHtAYc0A/PWOfrCqg8msw6J5OLVi9X7puy45Ey953BB9Jo1xlEt2ZWBKil1
tvXLMjkELyr+s7bG129mLeC7R4F6I9nLLqRnqipJ/ejQuqWjcQUeKm1rkGbYRRuB
U3CSwB0ni2lIHJBMniMvkgN5K4phxg3LqTE2sIvJtlJs7yvL7L9W7XG5qlAHUaZN
dwdrfmlZKe7pmWrzFKdiuIkavZek3P83hAsMQQDd/Ii6SoS8QLab/aZuXCu0DZFe
EF4RKEklrp6StvEbU8lodrjlZ8IN9V5ShZe1r7QYR2lucgRw23KyK7CEvmc=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:16:30 2025 by rpki-client