Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232362e302f32342d3332203d3e203536383736.roa
File: 3138352e3234392e3232362e302f32342d3332203d3e203536383736.roa (raw, json)
Hash identifier: Nlk98GrCumhMjRr6d9/z+MNbbTdlUANh01nI6etcZLs=
Subject key identifier: 0D:F3:77:D1:8D:87:EE:28:EA:ED:DF:8F:20:29:F1:7C:C9:ED:B4:DF
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 197B1D2FD7B7D627088D6CC79D933800A3764A5C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232362e302f32342d3332203d3e203536383736.roa
Signing time: Fri 27 Dec 2024 11:47:30 +0000
ROA not before: Fri 27 Dec 2024 11:42:30 +0000
ROA not after: Fri 26 Dec 2025 11:47:30 +0000
asID: 56876
IP address blocks: 185.249.226.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:7b:1d:2f:d7:b7:d6:27:08:8d:6c:c7:9d:93:38:00:a3:76:4a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:30 2024 GMT
Not After : Dec 26 11:47:30 2025 GMT
Subject: CN=0DF377D18D87EE28EAEDDF8F2029F17CC9EDB4DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b1:96:ab:4f:cc:c7:7b:2c:cc:48:ba:41:33:
57:d8:14:f5:8d:91:e8:89:78:56:07:a5:d6:b4:b0:
35:75:8f:64:b6:15:c6:e4:13:d1:7b:5c:33:ad:26:
b7:02:cb:c3:f4:72:c5:52:94:1f:25:82:7f:05:80:
24:bc:89:b0:20:7f:e9:3d:1e:ed:08:b5:a0:9d:74:
21:8e:5d:c5:8f:a1:83:2e:93:8a:a8:e1:ad:45:b9:
71:4d:e8:50:af:67:2f:f3:d3:10:c5:95:f2:b0:50:
a6:38:01:ce:52:f8:32:15:7d:73:86:7e:48:0d:98:
49:41:b2:97:80:ec:16:3d:9c:05:b7:e2:ea:84:9c:
3f:c4:f1:2a:ad:17:cf:ad:70:60:c4:99:c8:2b:bd:
15:5e:71:23:8c:76:71:29:51:f3:b2:6e:62:5b:f9:
6c:64:4f:c2:3a:02:4c:bf:02:7a:30:62:a9:fc:6e:
3e:7c:6b:f0:8b:80:c0:86:2c:25:79:52:dc:68:9d:
4a:66:a4:a9:b2:31:af:8b:1f:da:cd:f3:87:ce:b9:
78:86:55:2f:76:18:22:bc:9e:9a:5f:8e:82:4c:99:
a9:3e:2d:33:38:55:08:89:dc:ac:18:20:32:b9:6a:
56:89:0a:30:4f:29:46:2e:e7:d4:14:36:86:a2:64:
8e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F3:77:D1:8D:87:EE:28:EA:ED:DF:8F:20:29:F1:7C:C9:ED:B4:DF
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232362e302f32342d3332203d3e203536383736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.226.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:31:74:fd:8d:88:f9:56:c6:50:7f:2a:6e:58:ee:80:a2:d7:
1f:1c:8c:a8:9f:be:8c:7e:89:79:82:80:41:46:3a:d2:8f:53:
aa:a4:1f:e7:e8:ce:b9:71:ee:d6:4d:48:59:3a:b5:75:de:5a:
4a:3f:21:c6:58:b5:c5:77:30:03:d5:69:75:0a:44:96:5a:2c:
0a:6a:41:8b:01:36:35:a8:e2:3b:53:6e:29:97:17:3a:60:1a:
28:c9:b5:50:54:58:1a:84:f1:7c:a7:6b:1d:eb:44:f0:ca:29:
0f:9e:2d:22:c9:6c:7b:d6:0b:2a:4e:31:fd:4e:36:f4:9d:e1:
ed:a3:80:16:55:60:6d:cc:6c:da:4c:c6:0a:aa:b8:06:53:06:
40:5f:d1:a3:72:c2:a2:29:26:9b:b9:47:ff:71:8d:5d:f5:17:
6b:7f:e3:7b:82:e6:cc:eb:ee:b2:8f:3f:e5:42:8d:2c:2f:fb:
2f:f0:4e:05:c8:b2:0d:06:1b:52:2d:75:db:38:c3:d8:14:12:
da:8c:e5:f9:8a:30:2e:4d:f1:14:94:e8:0f:97:b8:33:5f:a0:
1b:00:9d:83:df:b5:05:cd:ef:06:9b:69:35:47:d5:7d:88:20:
7e:53:1e:04:e2:4e:24:a0:22:7e:f8:a0:2a:d8:18:66:4f:4c:
23:d5:25:57
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUGXsdL9e31icIjWzHnZM4AKN2SlwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzBaFw0yNTEyMjYxMTQ3MzBaMDMxMTAvBgNV
BAMTKDBERjM3N0QxOEQ4N0VFMjhFQUVEREY4RjIwMjlGMTdDQzlFREI0REYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKsZarT8zHeyzMSLpBM1fYFPWN
keiJeFYHpda0sDV1j2S2FcbkE9F7XDOtJrcCy8P0csVSlB8lgn8FgCS8ibAgf+k9
Hu0ItaCddCGOXcWPoYMuk4qo4a1FuXFN6FCvZy/z0xDFlfKwUKY4Ac5S+DIVfXOG
fkgNmElBspeA7BY9nAW34uqEnD/E8SqtF8+tcGDEmcgrvRVecSOMdnEpUfOybmJb
+WxkT8I6Aky/AnowYqn8bj58a/CLgMCGLCV5UtxonUpmpKmyMa+LH9rN84fOuXiG
VS92GCK8nppfjoJMmak+LTM4VQiJ3KwYIDK5alaJCjBPKUYu59QUNoaiZI4PAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUDfN30Y2H7ijq7d+PICnxfMnttN8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzQz
OTJlMzIzMjM2MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzUzNjM4MzczNi5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALn54jANBgkqhkiG9w0BAQsFAAOCAQEALjF0/Y2I+VbGUH8qbljugKLX
HxyMqJ++jH6JeYKAQUY60o9TqqQf5+jOuXHu1k1IWTq1dd5aSj8hxli1xXcwA9Vp
dQpEllosCmpBiwE2NajiO1NuKZcXOmAaKMm1UFRYGoTxfKdrHetE8MopD54tIsls
e9YLKk4x/U429J3h7aOAFlVgbcxs2kzGCqq4BlMGQF/Ro3LCoikmm7lH/3GNXfUX
a3/je4LmzOvuso8/5UKNLC/7L/BOBciyDQYbUi112zjD2BQS2ozl+YowLk3xFJTo
D5e4M1+gGwCdg9+1Bc3vBptpNUfVfYggflMeBOJOJKAifvigKtgYZk9MI9UlVw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:45:17 2025 by rpki-client