Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139362e312e302f32342d3234203d3e20313336373837.roa
File: 3138352e3139362e312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 6m2vQ890if4w+5W+fjl/6xz6FdK6gS8av6krDHmvHrU=
Subject key identifier: 2E:31:6E:75:45:E9:E7:2E:13:04:F3:50:0B:9E:CD:CE:E8:FD:3A:51
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 70C8ADDDFAC804968D35BBE1B43D580241BBA475
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139362e312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:23 +0000
ROA not before: Fri 27 Dec 2024 11:42:23 +0000
ROA not after: Fri 26 Dec 2025 11:47:23 +0000
asID: 136787
IP address blocks: 185.196.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:c8:ad:dd:fa:c8:04:96:8d:35:bb:e1:b4:3d:58:02:41:bb:a4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:23 2024 GMT
Not After : Dec 26 11:47:23 2025 GMT
Subject: CN=2E316E7545E9E72E1304F3500B9ECDCEE8FD3A51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:eb:de:63:ff:d2:31:ea:d5:99:fe:e6:d6:19:
01:5e:d4:3a:14:8d:51:7a:32:e7:3f:31:58:bc:34:
ea:36:e4:2a:a5:f1:16:c0:b9:20:d8:48:c4:d2:cd:
f1:12:f3:3f:f9:74:86:95:e3:33:06:96:e6:6c:7b:
7d:e5:c1:a5:1e:d6:f5:52:c1:35:6e:d2:2a:ed:b5:
38:1f:63:e3:13:43:de:7c:d6:b3:7b:88:0e:e3:a4:
fb:51:5c:45:9c:05:8d:f2:04:b3:22:53:c1:60:65:
ed:4e:0f:c2:a5:0a:48:61:6d:f3:27:16:54:fd:30:
65:f6:40:7e:01:32:fc:0b:7e:a7:cb:3f:a4:fc:8c:
67:2d:93:4e:ec:3b:99:d1:e7:e2:a3:e5:a0:6b:30:
45:27:22:cc:64:cc:c3:a1:a6:e1:f0:5f:fe:c0:4d:
97:ea:b7:6f:af:d7:68:33:67:88:ec:0b:9c:48:9d:
c1:b6:a3:7d:76:72:99:8a:09:92:4a:92:31:c4:96:
96:31:2b:7d:f1:2e:e4:aa:51:13:3f:77:12:d4:b1:
48:63:cd:1b:85:3c:50:fd:2a:92:e2:03:e4:dd:6f:
63:a0:87:4f:91:1b:48:8c:75:84:27:95:da:81:19:
9e:96:8c:1d:46:6f:8d:13:f5:8d:28:a1:60:28:26:
92:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:31:6E:75:45:E9:E7:2E:13:04:F3:50:0B:9E:CD:CE:E8:FD:3A:51
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3139362e312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.1.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:7c:0e:4b:d7:ef:c6:41:82:8f:0c:bc:b2:e6:e1:33:19:10:
b7:5b:19:48:a5:9b:02:63:7e:73:ea:c4:97:26:56:ab:d7:0b:
a6:46:88:93:25:85:68:e5:1b:46:10:8f:fa:94:24:05:1e:26:
c8:28:d5:15:bb:0b:22:f8:f1:62:be:1e:d4:1f:c3:8e:ac:5e:
8c:6a:ef:4d:64:75:2c:8a:9c:7b:2b:fb:25:29:24:17:98:36:
3b:f2:1c:45:e1:3d:51:bf:ec:3f:37:93:cc:66:8c:94:bb:cc:
c1:32:42:a7:f7:44:0e:05:37:0c:07:33:25:dd:d2:09:52:d9:
b0:19:cd:68:7b:c1:38:22:6e:8f:b4:68:eb:83:6d:63:6f:53:
0f:b0:9d:74:aa:4f:2b:4d:12:ff:45:84:1a:da:57:b3:70:a2:
ee:db:d1:0c:a2:f2:fa:30:a3:cc:61:20:b5:45:14:f4:b4:00:
0e:f4:fe:fe:18:6f:27:57:bb:5c:00:4e:35:40:c6:41:60:65:
60:ee:b2:c2:c9:81:34:b9:5a:66:45:13:87:0b:cb:7a:21:4b:
5b:9f:42:05:a4:1d:b7:36:2f:91:14:2f:3e:e4:33:bb:d8:7c:
1e:17:9c:ce:cd:b1:8e:fd:4a:b0:d8:24:d5:e4:2c:d0:24:9d:
94:32:f8:3c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUcMit3frIBJaNNbvhtD1YAkG7pHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjNaFw0yNTEyMjYxMTQ3MjNaMDMxMTAvBgNV
BAMTKDJFMzE2RTc1NDVFOUU3MkUxMzA0RjM1MDBCOUVDRENFRThGRDNBNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD8695j/9Ix6tWZ/ubWGQFe1DoU
jVF6Muc/MVi8NOo25Cql8RbAuSDYSMTSzfES8z/5dIaV4zMGluZse33lwaUe1vVS
wTVu0irttTgfY+MTQ9581rN7iA7jpPtRXEWcBY3yBLMiU8FgZe1OD8KlCkhhbfMn
FlT9MGX2QH4BMvwLfqfLP6T8jGctk07sO5nR5+Kj5aBrMEUnIsxkzMOhpuHwX/7A
TZfqt2+v12gzZ4jsC5xIncG2o312cpmKCZJKkjHElpYxK33xLuSqURM/dxLUsUhj
zRuFPFD9KpLiA+Tdb2Ogh0+RG0iMdYQnldqBGZ6WjB1Gb40T9Y0ooWAoJpK3AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQULjFudUXp5y4TBPNQC57Nzuj9OlEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzkz
NjJlMzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAC5xAEwDQYJKoZIhvcNAQELBQADggEBAEp8DkvX78ZBgo8MvLLm4TMZELdb
GUilmwJjfnPqxJcmVqvXC6ZGiJMlhWjlG0YQj/qUJAUeJsgo1RW7CyL48WK+HtQf
w46sXoxq701kdSyKnHsr+yUpJBeYNjvyHEXhPVG/7D83k8xmjJS7zMEyQqf3RA4F
NwwHMyXd0glS2bAZzWh7wTgibo+0aOuDbWNvUw+wnXSqTytNEv9FhBraV7Nwou7b
0Qyi8vowo8xhILVFFPS0AA70/v4YbydXu1wATjVAxkFgZWDussLJgTS5WmZFE4cL
y3ohS1ufQgWkHbc2L5EULz7kM7vYfB4XnM7NsY79SrDYJNXkLNAknZQy+Dw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:01:28 2025 by rpki-client