Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232372e302f32342d3332203d3e203531313637.roa
File: 3138352e3234392e3232372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: AX9j1vbkRyfOa92HyobEhZ64ximvNGF9la20+gF0wN4=
Subject key identifier: 43:E0:04:E1:EA:29:E6:73:D6:1A:D7:3F:5D:DA:E0:66:08:C2:08:2D
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 619370A03BFED2E52568217D348438A466C8FA4B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232372e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:37 +0000
ROA not before: Fri 27 Dec 2024 11:42:37 +0000
ROA not after: Fri 26 Dec 2025 11:47:37 +0000
asID: 51167
IP address blocks: 185.249.227.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:93:70:a0:3b:fe:d2:e5:25:68:21:7d:34:84:38:a4:66:c8:fa:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:37 2024 GMT
Not After : Dec 26 11:47:37 2025 GMT
Subject: CN=43E004E1EA29E673D61AD73F5DDAE06608C2082D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a5:81:c6:05:6a:3f:86:78:6d:59:2e:14:00:
28:08:32:28:0c:68:0d:8c:14:3a:0e:c9:46:b5:10:
91:7b:b9:d6:24:13:33:d9:0a:6f:35:e2:13:1f:62:
9e:3f:df:6c:b8:b6:68:a1:a3:b6:9d:f9:ac:62:6a:
c6:ee:e9:e0:4a:ad:c0:e2:2a:5c:7a:08:4e:d2:af:
5f:af:02:cb:a0:31:99:67:c1:db:71:77:6d:1a:6b:
c7:69:b7:29:a6:c0:a7:c5:9a:58:fe:73:1d:02:2d:
9a:03:92:ca:df:bb:fa:82:8d:f3:e0:26:6c:de:f4:
89:14:e2:0e:a2:b8:15:2f:e0:cd:0f:7d:d8:ff:fb:
6c:67:8b:5b:c9:54:99:d6:d0:4d:a4:ab:9c:91:69:
25:62:37:9e:90:32:e3:22:38:60:e9:ac:b8:5d:39:
1f:ae:a0:ea:98:50:87:46:98:a3:20:b1:21:4d:97:
db:f7:4e:33:45:d6:1a:1a:83:5b:f2:be:ab:97:22:
2c:a9:93:8a:21:d4:84:07:5f:97:8a:4e:0c:62:2c:
7b:61:e7:6b:b2:09:b3:1a:b0:ad:b4:3d:15:9c:01:
31:95:3a:5b:3a:dd:4e:37:00:75:9d:22:23:1b:66:
0f:0a:72:0b:27:d8:41:1d:6b:c8:70:b5:19:7b:f1:
f9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E0:04:E1:EA:29:E6:73:D6:1A:D7:3F:5D:DA:E0:66:08:C2:08:2D
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.227.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:46:17:ef:02:e6:ad:26:a4:51:8d:2a:13:f5:b4:be:9b:00:
8b:71:d8:0b:8a:05:d1:7c:9d:f9:c0:cf:6a:fa:d7:5a:3a:18:
2d:ad:7d:7f:29:ec:0f:7a:1b:e6:81:c8:e8:b8:89:a8:d1:09:
1d:71:8d:bd:58:52:97:d7:ba:a6:e5:24:64:e3:a8:2f:e9:92:
13:7c:1f:f7:b5:56:37:cd:91:7f:c9:d1:14:aa:55:7b:16:2b:
ec:04:b2:de:85:e5:e8:0b:7b:12:ab:9b:30:3f:9e:c3:17:48:
67:5a:e6:ce:8d:6d:56:1e:5e:c4:cb:7e:50:e4:20:21:44:61:
7e:e5:7d:a3:5d:78:23:91:8b:86:c3:7f:5f:14:76:20:20:53:
91:7e:d2:e2:61:fc:00:63:05:f5:3a:99:6c:9a:4a:76:05:13:
c7:a0:98:86:59:69:28:e7:e1:c1:98:41:75:89:29:0d:72:b1:
fd:a2:32:87:6a:ae:09:62:33:ac:bf:f6:af:55:86:4e:01:f2:
7a:08:b7:fa:1f:0f:4e:55:8c:14:12:09:8e:a7:b8:17:ff:71:
ba:6d:f8:9b:c2:2f:d8:e7:d4:43:b9:cc:2e:6b:6a:80:db:03:
93:93:61:53:a3:c7:e6:7a:5a:52:85:11:fe:74:0c:03:98:23:
a3:08:89:c2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUYZNwoDv+0uUlaCF9NIQ4pGbI+kswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzdaFw0yNTEyMjYxMTQ3MzdaMDMxMTAvBgNV
BAMTKDQzRTAwNEUxRUEyOUU2NzNENjFBRDczRjVEREFFMDY2MDhDMjA4MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfpYHGBWo/hnhtWS4UACgIMigM
aA2MFDoOyUa1EJF7udYkEzPZCm814hMfYp4/32y4tmiho7ad+axiasbu6eBKrcDi
Klx6CE7Sr1+vAsugMZlnwdtxd20aa8dptymmwKfFmlj+cx0CLZoDksrfu/qCjfPg
Jmze9IkU4g6iuBUv4M0Pfdj/+2xni1vJVJnW0E2kq5yRaSViN56QMuMiOGDprLhd
OR+uoOqYUIdGmKMgsSFNl9v3TjNF1hoag1vyvquXIiypk4oh1IQHX5eKTgxiLHth
52uyCbMasK20PRWcATGVOls63U43AHWdIiMbZg8Kcgsn2EEda8hwtRl78fkVAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUQ+AE4eop5nPWGtc/XdrgZgjCCC0wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzQz
OTJlMzIzMjM3MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALn54zANBgkqhkiG9w0BAQsFAAOCAQEA2EYX7wLmrSakUY0qE/W0vpsA
i3HYC4oF0Xyd+cDPavrXWjoYLa19fynsD3ob5oHI6LiJqNEJHXGNvVhSl9e6puUk
ZOOoL+mSE3wf97VWN82Rf8nRFKpVexYr7ASy3oXl6At7EqubMD+ewxdIZ1rmzo1t
Vh5exMt+UOQgIURhfuV9o114I5GLhsN/XxR2ICBTkX7S4mH8AGMF9TqZbJpKdgUT
x6CYhllpKOfhwZhBdYkpDXKx/aIyh2quCWIzrL/2r1WGTgHyegi3+h8PTlWMFBIJ
jqe4F/9xum34m8Iv2OfUQ7nMLmtqgNsDk5NhU6PH5npaUoUR/nQMA5gjowiJwg==
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:22:07 2025 by rpki-client