Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234332e31332e302f32342d3234203d3e20313938323437.roa
File: 3138352e3234332e31332e302f32342d3234203d3e20313938323437.roa (raw, json)
Hash identifier: fkB6cnV7AMpLXvMFMns4SytKZ19P+6r/ga6Eox7QRRw=
Subject key identifier: 51:6D:68:21:9C:70:D1:F7:E9:29:FA:CF:68:98:E0:DE:A2:C8:1C:1E
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 01519753AA3252F48C0ADCA37E6E3AB2283AE56B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234332e31332e302f32342d3234203d3e20313938323437.roa
Signing time: Fri 27 Dec 2024 11:47:12 +0000
ROA not before: Fri 27 Dec 2024 11:42:12 +0000
ROA not after: Fri 26 Dec 2025 11:47:12 +0000
asID: 198247
IP address blocks: 185.243.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:51:97:53:aa:32:52:f4:8c:0a:dc:a3:7e:6e:3a:b2:28:3a:e5:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:12 2024 GMT
Not After : Dec 26 11:47:12 2025 GMT
Subject: CN=516D68219C70D1F7E929FACF6898E0DEA2C81C1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:58:86:64:62:d2:9d:0f:2c:0d:ce:21:90:00:
e5:9c:6d:44:fb:53:9f:79:66:2c:ab:f7:0b:4c:93:
09:4e:2b:05:f0:6d:72:8c:13:8f:5c:5e:20:e0:ab:
49:db:fe:4d:91:79:0c:f4:29:55:ad:fc:f0:39:74:
ec:f1:46:5b:9c:fe:3d:2b:a3:99:1b:81:f2:98:7f:
a2:bd:dc:00:2e:26:1c:6f:15:e5:51:f6:39:f7:54:
15:c7:bc:f5:9e:82:5d:a6:de:a4:d1:47:eb:dd:ff:
fa:fe:af:a5:fd:3f:99:4c:11:73:b3:76:0d:6d:6e:
1e:6b:20:ff:29:58:3c:be:1b:17:06:44:b5:2e:ee:
63:b6:57:ad:36:7a:02:d3:f5:bc:61:bc:12:ff:a1:
ea:4c:30:a9:ad:2e:61:a4:52:0b:2f:dd:61:8b:fb:
6a:72:15:d3:ac:77:44:a3:6c:8e:cb:ec:7b:46:86:
23:c9:a2:7d:ed:1e:40:5e:1d:36:da:f5:52:a7:9e:
fa:a7:d5:d2:65:7d:42:2f:d4:1e:e2:5c:8f:d3:c9:
ee:e4:41:12:1c:d0:3e:e5:62:3b:74:b3:af:78:74:
ef:4b:dd:bf:3a:4c:80:57:39:5f:1e:3a:c5:6a:ee:
4c:82:4f:6a:69:60:14:cc:8b:77:74:05:00:0e:ef:
10:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:6D:68:21:9C:70:D1:F7:E9:29:FA:CF:68:98:E0:DE:A2:C8:1C:1E
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234332e31332e302f32342d3234203d3e20313938323437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.13.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:42:84:b9:2e:3c:37:f5:62:18:e5:2c:72:80:56:d4:be:fe:
e4:6f:ee:40:4a:c7:d7:78:20:cd:7e:9e:cf:41:8e:91:f4:c6:
f2:e3:78:0f:fc:8b:f9:92:da:23:b3:99:7e:f6:55:51:fd:08:
0c:0d:56:58:b9:00:95:fe:86:e3:25:a9:9c:47:49:b4:ee:53:
d5:d2:df:f3:fc:e7:84:5a:40:e7:c0:98:aa:fe:19:b2:60:1d:
17:9c:38:69:51:fc:c5:43:5b:e5:f2:04:51:a8:ea:7a:a9:9a:
e8:10:23:43:5b:36:f9:af:13:ea:dc:80:17:8b:d4:f2:c0:1e:
14:b8:85:53:10:b4:0b:86:40:67:28:ca:19:4d:ed:21:71:7c:
1f:4d:1a:f3:3d:ef:a5:14:c9:a0:ee:e4:68:e5:b6:87:e4:1f:
87:21:b8:d0:7b:01:67:d0:ef:01:02:83:eb:b1:71:ce:5a:da:
c6:85:a4:fc:5c:f3:d6:80:2a:ed:de:a5:51:dc:cf:e2:f0:9d:
cf:3a:85:8c:98:2e:36:2b:d0:60:65:6c:47:22:36:de:46:7b:
a5:26:d5:b5:64:e1:d6:67:94:a4:ca:16:ff:33:0b:e8:b0:2d:
8e:4a:41:e5:d4:d7:b3:b7:9c:05:56:92:5f:5e:4b:56:09:7f:
16:16:cf:75
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUAVGXU6oyUvSMCtyjfm46sig65WswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTJaFw0yNTEyMjYxMTQ3MTJaMDMxMTAvBgNV
BAMTKDUxNkQ2ODIxOUM3MEQxRjdFOTI5RkFDRjY4OThFMERFQTJDODFDMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaWIZkYtKdDywNziGQAOWcbUT7
U595Ziyr9wtMkwlOKwXwbXKME49cXiDgq0nb/k2ReQz0KVWt/PA5dOzxRluc/j0r
o5kbgfKYf6K93AAuJhxvFeVR9jn3VBXHvPWegl2m3qTRR+vd//r+r6X9P5lMEXOz
dg1tbh5rIP8pWDy+GxcGRLUu7mO2V602egLT9bxhvBL/oepMMKmtLmGkUgsv3WGL
+2pyFdOsd0SjbI7L7HtGhiPJon3tHkBeHTba9VKnnvqn1dJlfUIv1B7iXI/Tye7k
QRIc0D7lYjt0s694dO9L3b86TIBXOV8eOsVq7kyCT2ppYBTMi3d0BQAO7xBTAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUUW1oIZxw0ffpKfrPaJjg3qLIHB4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzQz
MzJlMzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzkzODMyMzQzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALnzDTANBgkqhkiG9w0BAQsFAAOCAQEAwkKEuS48N/ViGOUscoBW1L7+
5G/uQErH13ggzX6ez0GOkfTG8uN4D/yL+ZLaI7OZfvZVUf0IDA1WWLkAlf6G4yWp
nEdJtO5T1dLf8/znhFpA58CYqv4ZsmAdF5w4aVH8xUNb5fIEUajqeqma6BAjQ1s2
+a8T6tyAF4vU8sAeFLiFUxC0C4ZAZyjKGU3tIXF8H00a8z3vpRTJoO7kaOW2h+Qf
hyG40HsBZ9DvAQKD67FxzlraxoWk/Fzz1oAq7d6lUdzP4vCdzzqFjJguNivQYGVs
RyI23kZ7pSbVtWTh1meUpMoW/zML6LAtjkpB5dTXs7ecBVaSX15LVgl/FhbPdQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:12:49 2025 by rpki-client