Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232342e302f32342d3234203d3e203437353833.roa
File: 3138352e3234392e3232342e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: f6hCH9xPRARfQWSwb4Uwqy1+2BWAo8P/FlbQA0ljY+Q=
Subject key identifier: B6:45:99:19:26:A8:43:26:B6:89:21:6D:A5:8C:FF:AC:C0:DE:0C:E9
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6858F512BEC481999BBAF2904645EBF0DF9E2520
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232342e302f32342d3234203d3e203437353833.roa
Signing time: Fri 27 Dec 2024 11:47:10 +0000
ROA not before: Fri 27 Dec 2024 11:42:10 +0000
ROA not after: Fri 26 Dec 2025 11:47:10 +0000
asID: 47583
IP address blocks: 185.249.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 02:18:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:58:f5:12:be:c4:81:99:9b:ba:f2:90:46:45:eb:f0:df:9e:25:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:10 2024 GMT
Not After : Dec 26 11:47:10 2025 GMT
Subject: CN=B645991926A84326B689216DA58CFFACC0DE0CE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:85:c8:ae:ea:16:c0:81:d4:1c:3c:74:10:bc:
b3:28:63:6f:c6:cf:fa:82:54:09:9f:46:80:7d:aa:
06:08:fc:24:04:d8:6c:7f:61:3e:23:ee:ad:5d:ca:
63:99:8c:84:d1:1e:c3:88:58:85:eb:6f:ec:62:b3:
a2:b0:8a:b1:52:a7:c9:29:88:72:9d:79:5e:07:22:
c1:c5:ed:24:c9:8f:c3:b5:2e:c3:94:d5:b4:9c:d9:
f4:98:89:15:4d:1e:e4:c4:11:30:2d:91:c6:fb:74:
47:73:83:5b:3a:fd:63:6f:5a:50:29:c9:18:91:fe:
1c:9f:86:40:f0:85:e6:9b:2b:25:60:6c:53:0e:cf:
c3:8f:79:3c:d8:8e:c6:e5:6b:09:99:a7:01:98:1d:
37:6b:cd:32:9d:36:25:76:64:e1:de:19:4d:64:d9:
2b:08:c7:5f:8e:b6:6f:ad:53:c4:ab:f8:37:cb:0d:
81:97:f8:19:0f:39:dc:93:29:c7:bb:57:c5:61:79:
be:8a:43:a9:bb:15:d6:b2:47:09:45:9e:4c:91:35:
b9:b7:34:29:9f:b1:62:3c:c1:39:55:98:69:22:e5:
d1:91:80:15:d4:07:e4:fe:96:87:c3:ce:87:93:52:
d1:20:ef:cf:f1:80:c1:f5:b4:ae:31:e7:fd:57:62:
73:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:45:99:19:26:A8:43:26:B6:89:21:6D:A5:8C:FF:AC:C0:DE:0C:E9
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232342e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.224.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ff:b2:5d:9a:69:cb:6c:41:76:0c:50:fc:aa:6c:00:b1:4f:
24:73:df:eb:65:45:a0:70:8f:47:2b:1f:8e:56:bc:e2:e8:1f:
ab:22:18:35:32:ea:d2:69:41:52:70:b1:65:2e:a4:93:50:f9:
0b:02:9f:8c:76:20:03:12:f2:1d:3a:7f:bd:34:04:14:4a:14:
96:68:ee:da:da:04:ff:e2:5c:58:36:62:6f:78:d0:04:8a:15:
43:4f:0b:c7:e2:63:1d:6e:d5:86:da:24:84:75:a4:96:5c:6e:
16:0c:c6:4c:e6:b7:d2:3a:90:e7:25:a8:ec:64:c3:63:4f:ac:
78:91:ae:d5:6c:41:e9:00:7b:94:ee:89:b9:b2:80:f8:58:cb:
b1:c5:98:23:f7:bd:74:e2:24:ef:88:44:a0:c7:6a:78:8f:29:
a2:15:21:4c:e0:b9:10:b5:7d:a1:a4:67:17:b2:a0:90:75:32:
14:4b:39:44:98:19:dc:36:29:7f:3d:aa:c3:bc:0c:2e:ca:02:
f2:0d:f8:48:1a:e8:c1:2c:0e:79:67:70:f7:7a:35:b0:a9:5e:
76:a5:cc:c6:6d:fe:a8:7c:f0:de:50:5a:31:2c:a4:df:30:50:
80:a5:64:3d:7c:9d:4d:2a:30:1d:63:70:68:93:ab:72:81:a3:
58:33:90:18
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUaFj1Er7EgZmbuvKQRkXr8N+eJSAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTBaFw0yNTEyMjYxMTQ3MTBaMDMxMTAvBgNV
BAMTKEI2NDU5OTE5MjZBODQzMjZCNjg5MjE2REE1OENGRkFDQzBERTBDRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDghciu6hbAgdQcPHQQvLMoY2/G
z/qCVAmfRoB9qgYI/CQE2Gx/YT4j7q1dymOZjITRHsOIWIXrb+xis6KwirFSp8kp
iHKdeV4HIsHF7STJj8O1LsOU1bSc2fSYiRVNHuTEETAtkcb7dEdzg1s6/WNvWlAp
yRiR/hyfhkDwheabKyVgbFMOz8OPeTzYjsblawmZpwGYHTdrzTKdNiV2ZOHeGU1k
2SsIx1+Otm+tU8Sr+DfLDYGX+BkPOdyTKce7V8Vheb6KQ6m7FdayRwlFnkyRNbm3
NCmfsWI8wTlVmGki5dGRgBXUB+T+lofDzoeTUtEg78/xgMH1tK4x5/1XYnMvAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUtkWZGSaoQya2iSFtpYz/rMDeDOkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzQz
OTJlMzIzMjM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALn54DANBgkqhkiG9w0BAQsFAAOCAQEARf+yXZppy2xBdgxQ/KpsALFP
JHPf62VFoHCPRysfjla84ugfqyIYNTLq0mlBUnCxZS6kk1D5CwKfjHYgAxLyHTp/
vTQEFEoUlmju2toE/+JcWDZib3jQBIoVQ08Lx+JjHW7VhtokhHWkllxuFgzGTOa3
0jqQ5yWo7GTDY0+seJGu1WxB6QB7lO6JubKA+FjLscWYI/e9dOIk74hEoMdqeI8p
ohUhTOC5ELV9oaRnF7KgkHUyFEs5RJgZ3DYpfz2qw7wMLsoC8g34SBrowSwOeWdw
93o1sKledqXMxm3+qHzw3lBaMSyk3zBQgKVkPXydTSowHWNwaJOrcoGjWDOQGA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:38:34 2025 by rpki-client