Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234302e3234362e302f32342d3234203d3e20313336373837.roa
File: 3138352e3234302e3234362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: b9yQ1Vvtkv3RN1DMonXXAGLCNHE9sYC7rcMpeI6iox8=
Subject key identifier: FA:C7:60:10:61:33:BB:98:1F:FA:CE:16:E7:11:9B:B1:39:AC:95:C1
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4FD86CAA48EB7B714084AE4430DC462554F477CF
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234302e3234362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:40 +0000
ROA not before: Fri 27 Dec 2024 11:42:40 +0000
ROA not after: Fri 26 Dec 2025 11:47:40 +0000
asID: 136787
IP address blocks: 185.240.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:d8:6c:aa:48:eb:7b:71:40:84:ae:44:30:dc:46:25:54:f4:77:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:40 2024 GMT
Not After : Dec 26 11:47:40 2025 GMT
Subject: CN=FAC760106133BB981FFACE16E7119BB139AC95C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:01:e7:8f:c4:85:f9:d0:d6:45:2f:16:1c:88:
fd:ad:c1:18:e0:44:f2:57:4c:a1:fd:6b:f1:b4:27:
f8:2e:80:40:b0:72:47:11:22:bf:dd:22:3f:d5:b7:
54:1d:16:6b:d0:26:ca:7e:1c:d5:c6:90:93:01:30:
1e:20:6b:37:bd:28:2d:89:51:7c:4e:67:f6:11:9a:
1c:ad:b7:55:7d:f2:c2:f5:88:aa:a1:a2:c2:4a:9f:
f2:63:84:e2:14:cd:8c:97:71:b8:1e:7b:97:9f:6b:
5c:c3:a9:d0:fc:05:a3:21:ac:62:ef:8d:6a:ed:27:
6b:c3:06:a8:06:7d:dd:44:05:17:da:2b:9f:21:9c:
c9:ea:a0:e5:1e:78:56:8e:de:1d:b3:10:21:f8:8e:
8f:9b:03:54:12:90:e8:d7:43:31:68:8b:e4:18:9f:
29:14:ca:31:21:87:aa:e1:30:02:13:ba:d4:15:df:
c2:b8:0a:19:fb:d1:19:9f:57:b9:33:ad:6a:27:61:
39:30:08:fe:97:f4:4b:30:f9:99:01:5f:3f:d8:9d:
6d:be:3f:e8:5b:3e:da:49:3b:bc:3b:12:16:cf:12:
12:28:c6:ed:4d:8e:8c:03:0e:60:8b:6e:b6:1c:26:
b5:cd:eb:c5:2b:26:64:2a:f8:41:37:a8:5c:97:77:
6f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C7:60:10:61:33:BB:98:1F:FA:CE:16:E7:11:9B:B1:39:AC:95:C1
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234302e3234362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.246.0/24
Signature Algorithm: sha256WithRSAEncryption
39:15:23:b5:88:f9:f9:d7:25:29:7d:d6:45:e3:24:a7:d6:9e:
09:95:c0:6b:4f:67:11:4e:98:dd:34:88:2c:7d:cb:be:5a:45:
1e:f4:3e:09:31:e3:7e:86:3a:d8:51:dc:1d:ba:aa:93:80:dc:
99:1f:1a:11:2b:6f:6f:99:b9:34:09:c7:dd:1d:5e:19:69:14:
8c:c5:7e:88:3e:e9:ee:19:d3:79:41:51:2d:3f:52:0f:5e:85:
f2:06:af:74:0a:2e:2f:71:48:e4:f5:95:a2:d9:f5:55:85:93:
02:f2:06:c2:d5:ac:f4:dd:74:1f:11:76:e2:dd:51:68:19:8a:
ca:4f:a8:0a:12:d4:14:e1:c6:9a:f4:b5:25:5e:f1:84:ca:42:
d4:45:dd:b5:ba:fe:f9:86:cc:e5:9d:c4:36:d8:2c:83:d0:1d:
53:d0:b3:d5:e3:4d:fb:12:4a:fb:3c:9d:a8:00:bd:b9:3e:fb:
e3:ea:c7:d7:6f:25:b3:00:59:88:d3:df:f0:f3:f6:b4:5b:3d:
d2:fb:40:26:b9:9d:6f:27:e7:ff:fb:09:39:be:12:d2:e9:7a:
d8:3c:49:ea:03:b4:8f:91:d3:fb:d1:38:43:60:ce:19:84:87:
65:cc:7b:34:10:0a:9e:e4:8f:53:dc:e0:58:c0:aa:2d:f9:bf:
a0:b1:09:ac
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUT9hsqkjre3FAhK5EMNxGJVT0d88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyNDBaFw0yNTEyMjYxMTQ3NDBaMDMxMTAvBgNV
BAMTKEZBQzc2MDEwNjEzM0JCOTgxRkZBQ0UxNkU3MTE5QkIxMzlBQzk1QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6AeePxIX50NZFLxYciP2twRjg
RPJXTKH9a/G0J/gugECwckcRIr/dIj/Vt1QdFmvQJsp+HNXGkJMBMB4gaze9KC2J
UXxOZ/YRmhytt1V98sL1iKqhosJKn/JjhOIUzYyXcbgee5efa1zDqdD8BaMhrGLv
jWrtJ2vDBqgGfd1EBRfaK58hnMnqoOUeeFaO3h2zECH4jo+bA1QSkOjXQzFoi+QY
nykUyjEhh6rhMAITutQV38K4Chn70RmfV7kzrWonYTkwCP6X9Esw+ZkBXz/YnW2+
P+hbPtpJO7w7EhbPEhIoxu1NjowDDmCLbrYcJrXN68UrJmQq+EE3qFyXd2/FAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQU+sdgEGEzu5gf+s4W5xGbsTmslcEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzQz
MDJlMzIzNDM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAufD2MA0GCSqGSIb3DQEBCwUAA4IBAQA5FSO1iPn51yUpfdZF4ySn
1p4JlcBrT2cRTpjdNIgsfcu+WkUe9D4JMeN+hjrYUdwduqqTgNyZHxoRK29vmbk0
CcfdHV4ZaRSMxX6IPunuGdN5QVEtP1IPXoXyBq90Ci4vcUjk9ZWi2fVVhZMC8gbC
1az03XQfEXbi3VFoGYrKT6gKEtQU4caa9LUlXvGEykLURd21uv75hszlncQ22CyD
0B1T0LPV4037Ekr7PJ2oAL25Pvvj6sfXbyWzAFmI09/w8/a0Wz3S+0AmuZ1vJ+f/
+wk5vhLS6XrYPEnqA7SPkdP70ThDYM4ZhIdlzHs0EAqe5I9T3OBYwKot+b+gsQms
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:35:33 2025 by rpki-client