Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa
File: 3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa (raw, json)
Hash identifier: W8z4PyetTpQUEvlNc7r7+zqpbrNEU+knSNJdcoSUB5Y=
Subject key identifier: 69:C7:3E:43:2B:04:D6:9D:27:67:CE:6A:2F:AD:83:7A:B5:D9:1E:B1
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0AC242CB569535BC6E341659B1F98FC07BDFA701
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa
Signing time: Fri 27 Dec 2024 11:47:23 +0000
ROA not before: Fri 27 Dec 2024 11:42:23 +0000
ROA not after: Fri 26 Dec 2025 11:47:23 +0000
asID: 206283
IP address blocks: 185.245.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:c2:42:cb:56:95:35:bc:6e:34:16:59:b1:f9:8f:c0:7b:df:a7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:23 2024 GMT
Not After : Dec 26 11:47:23 2025 GMT
Subject: CN=69C73E432B04D69D2767CE6A2FAD837AB5D91EB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3f:30:69:67:5b:4c:75:3a:44:91:90:28:42:
4f:db:0f:15:5d:80:38:2a:fc:bd:b0:47:5e:c6:b9:
d1:11:94:4d:25:35:b7:3f:5e:0d:6f:62:e3:8d:98:
78:f6:df:29:95:1f:11:8f:ab:3b:76:10:7c:f1:0d:
5a:f8:ce:04:42:9c:b1:78:10:ab:ad:a3:b1:eb:48:
66:1d:e2:93:3e:0e:d6:a4:bb:62:fd:b4:e2:80:f5:
dc:b4:6e:92:da:9a:94:47:e8:06:6d:51:17:c0:d3:
8d:a6:70:50:2c:58:f8:79:63:31:b9:c1:7b:22:29:
49:1d:2c:35:df:67:e7:c2:49:55:60:c6:53:37:ff:
24:16:1f:cb:e3:ea:c4:7d:e3:f8:38:cd:5a:01:04:
2a:5d:89:b5:a1:f3:5d:67:4b:0c:d3:6a:09:12:b6:
cc:98:4d:7f:f2:97:5b:ca:87:fd:a6:dc:90:5d:9b:
5b:6f:1d:4f:fc:36:45:66:6d:76:cc:fe:52:9d:b3:
02:2a:7a:a3:0e:77:a3:a2:a8:72:ab:ab:29:de:07:
da:19:63:d4:72:59:be:27:79:b1:4c:31:51:57:72:
48:82:66:5a:ee:4a:4a:8c:4f:c3:d7:45:70:cc:ee:
a3:b4:be:91:15:31:a2:b3:63:f6:63:fe:4f:c5:a6:
12:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C7:3E:43:2B:04:D6:9D:27:67:CE:6A:2F:AD:83:7A:B5:D9:1E:B1
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.152.0/24
Signature Algorithm: sha256WithRSAEncryption
35:81:88:11:dd:1f:32:59:a8:73:00:80:00:21:e6:2f:9f:9b:
01:1c:3e:6d:36:85:b3:a2:69:6b:a3:56:2f:65:a4:db:be:e5:
4e:9c:7e:be:2a:57:07:79:ba:a8:9b:04:74:90:38:fd:54:2b:
b6:ec:7a:5d:b1:c0:c7:63:bd:0a:b1:f4:bf:cf:20:00:3c:9d:
75:c5:bb:36:ff:4d:8e:a8:34:e7:17:d1:c4:89:f1:28:c4:05:
5a:ae:4e:fb:cb:38:be:92:33:c0:ea:ed:d4:08:cc:de:96:25:
a9:dc:2e:dc:17:2a:f9:8f:cf:2b:da:a8:c6:18:45:0a:7f:47:
2c:be:37:93:aa:1d:81:47:a6:1f:d0:98:5a:07:44:76:db:12:
3e:38:fb:ae:b1:b3:3f:78:2a:52:59:ea:aa:ae:d3:79:fa:b0:
54:47:0f:f7:51:63:a8:53:5a:a9:3c:e2:06:f2:59:e4:44:a1:
14:57:42:e8:00:73:4d:ec:ac:4f:ae:61:9a:5c:4c:ac:73:d2:
db:64:bf:ef:61:e2:fa:6c:04:97:5d:78:6e:34:f7:b8:bc:a3:
df:83:27:51:51:20:4c:bb:df:3b:08:de:95:86:12:cb:83:d2:
3d:3f:13:e7:ae:4a:74:96:35:bd:38:ff:c1:81:a0:71:5c:f9:
e0:3e:f6:03
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUCsJCy1aVNbxuNBZZsfmPwHvfpwEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjNaFw0yNTEyMjYxMTQ3MjNaMDMxMTAvBgNV
BAMTKDY5QzczRTQzMkIwNEQ2OUQyNzY3Q0U2QTJGQUQ4MzdBQjVEOTFFQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4PzBpZ1tMdTpEkZAoQk/bDxVd
gDgq/L2wR17GudERlE0lNbc/Xg1vYuONmHj23ymVHxGPqzt2EHzxDVr4zgRCnLF4
EKuto7HrSGYd4pM+Dtaku2L9tOKA9dy0bpLampRH6AZtURfA042mcFAsWPh5YzG5
wXsiKUkdLDXfZ+fCSVVgxlM3/yQWH8vj6sR94/g4zVoBBCpdibWh811nSwzTagkS
tsyYTX/yl1vKh/2m3JBdm1tvHU/8NkVmbXbM/lKdswIqeqMOd6OiqHKrqyneB9oZ
Y9RyWb4nebFMMVFXckiCZlruSkqMT8PXRXDM7qO0vpEVMaKzY/Zj/k/FphJpAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUacc+QysE1p0nZ85qL62DerXZHrEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzQz
NTJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzIzODMzLnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAufWYMA0GCSqGSIb3DQEBCwUAA4IBAQA1gYgR3R8yWahzAIAAIeYv
n5sBHD5tNoWzomlro1YvZaTbvuVOnH6+KlcHebqomwR0kDj9VCu27HpdscDHY70K
sfS/zyAAPJ11xbs2/02OqDTnF9HEifEoxAVark77yzi+kjPA6u3UCMzeliWp3C7c
Fyr5j88r2qjGGEUKf0csvjeTqh2BR6Yf0JhaB0R22xI+OPuusbM/eCpSWeqqrtN5
+rBURw/3UWOoU1qpPOIG8lnkRKEUV0LoAHNN7KxPrmGaXEysc9LbZL/vYeL6bASX
XXhuNPe4vKPfgydRUSBMu987CN6VhhLLg9I9PxPnrkp0ljW9OP/BgaBxXPngPvYD
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:01:59 2025 by rpki-client