Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3134352e3131372e302f32342d3234203d3e20313431303339.roa
File: 3139322e3134352e3131372e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: Z0Drb5RcEiax22Abs7KjO6pbKKTKXeE4jrP7wtT7/X0=
Subject key identifier: CC:7D:C2:52:D0:6B:0B:1D:93:DF:13:32:9C:A2:9E:65:FE:6F:A0:A8
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7122D30FAA3759A581D8CDCDDBF38F67ECBEA429
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3134352e3131372e302f32342d3234203d3e20313431303339.roa
Signing time: Fri 27 Dec 2024 11:47:17 +0000
ROA not before: Fri 27 Dec 2024 11:42:17 +0000
ROA not after: Fri 26 Dec 2025 11:47:17 +0000
asID: 141039
IP address blocks: 192.145.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:22:d3:0f:aa:37:59:a5:81:d8:cd:cd:db:f3:8f:67:ec:be:a4:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:17 2024 GMT
Not After : Dec 26 11:47:17 2025 GMT
Subject: CN=CC7DC252D06B0B1D93DF13329CA29E65FE6FA0A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:72:a1:b9:9c:7c:94:be:9f:3a:e2:90:b2:74:
24:01:e7:b1:d0:b0:ab:9e:0d:97:7e:10:44:70:6d:
7b:d1:12:c8:8b:e4:49:76:c5:85:13:b8:8f:ab:7b:
91:b6:31:19:c6:64:4f:1d:82:f8:d0:ee:9f:9f:3d:
a5:64:1b:0f:16:42:9a:53:69:b9:f4:b1:ef:b0:d5:
2d:8f:84:30:9a:5c:83:37:7f:b0:08:4b:f6:e3:64:
e4:c1:0f:c5:34:55:5f:28:21:12:b7:19:bd:7f:cd:
2c:dd:51:f6:79:15:a6:c3:a3:93:fa:fa:a3:03:5c:
e5:04:ba:ac:c8:1d:3e:a8:ff:da:4d:f4:6b:ab:17:
4d:c2:bd:38:c1:df:7c:93:3d:83:f2:dd:0e:c8:d2:
78:20:fc:ea:4b:b8:06:d4:7f:b2:24:8e:ab:4b:af:
f2:2f:44:58:b1:93:a6:73:70:42:15:a9:a0:bd:4a:
62:92:64:03:36:25:b1:39:a2:d7:30:16:86:73:3b:
1c:00:07:cc:33:dd:ec:db:f4:43:4a:ac:d7:52:46:
4f:34:84:46:0b:b4:4d:2a:20:35:06:23:fd:42:82:
d7:9c:bb:02:35:36:74:7f:9a:cc:b0:89:87:e5:18:
a3:fe:77:3a:f2:e6:b6:59:e3:c9:c0:89:d7:f0:a2:
59:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7D:C2:52:D0:6B:0B:1D:93:DF:13:32:9C:A2:9E:65:FE:6F:A0:A8
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3134352e3131372e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.117.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:0d:08:49:50:03:9a:64:36:cd:80:bd:ec:52:3a:27:ff:6c:
c3:52:db:71:b3:c5:cb:3b:4e:73:ac:67:56:2b:9f:bd:68:53:
79:01:10:b1:ee:33:f5:9f:74:d8:dc:c6:4b:df:3d:c1:64:8a:
0d:0b:29:07:ab:c6:2e:73:90:63:46:96:1e:53:2b:85:91:f7:
fb:e9:54:72:79:fe:4a:7c:a3:68:a8:cd:d2:7d:69:76:d8:ec:
ad:b9:1d:5d:57:af:e0:f2:e6:01:9b:88:a2:91:b2:f1:eb:ba:
5e:be:14:b2:85:74:d8:4b:44:5c:ea:13:42:46:43:b7:02:61:
86:5c:e3:7f:a6:64:64:f0:d8:da:23:e0:7a:38:be:22:7c:b5:
cd:b0:4a:21:79:c6:29:6f:fb:54:9e:e9:0c:62:c1:7d:aa:7f:
98:07:06:40:a2:e3:f6:9b:e6:31:39:a9:23:6a:9f:6e:be:b5:
3e:c6:b2:ce:7c:73:a9:07:fd:2c:54:8c:e1:b9:af:46:9f:ed:
a8:e4:64:ec:a6:db:c5:d9:d3:8b:cb:17:41:da:32:9a:cd:81:
58:2b:57:03:93:79:d3:e9:d8:9f:2b:8a:5f:cb:aa:d2:ba:3e:
51:08:f4:d9:54:ee:57:72:4d:20:40:2a:fd:ec:80:f2:98:34:
5b:33:b0:d0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUcSLTD6o3WaWB2M3N2/OPZ+y+pCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTdaFw0yNTEyMjYxMTQ3MTdaMDMxMTAvBgNV
BAMTKENDN0RDMjUyRDA2QjBCMUQ5M0RGMTMzMjlDQTI5RTY1RkU2RkEwQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDocqG5nHyUvp864pCydCQB57HQ
sKueDZd+EERwbXvREsiL5El2xYUTuI+re5G2MRnGZE8dgvjQ7p+fPaVkGw8WQppT
abn0se+w1S2PhDCaXIM3f7AIS/bjZOTBD8U0VV8oIRK3Gb1/zSzdUfZ5FabDo5P6
+qMDXOUEuqzIHT6o/9pN9GurF03CvTjB33yTPYPy3Q7I0ngg/OpLuAbUf7IkjqtL
r/IvRFixk6ZzcEIVqaC9SmKSZAM2JbE5otcwFoZzOxwAB8wz3ezb9ENKrNdSRk80
hEYLtE0qIDUGI/1CgtecuwI1NnR/msywiYflGKP+dzry5rZZ48nAidfwolkXAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUzH3CUtBrCx2T3xMynKKeZf5voKgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzIyZTMxMzQz
NTJlMzEzMTM3MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMxMzAzMzM5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwJF1MA0GCSqGSIb3DQEBCwUAA4IBAQC8DQhJUAOaZDbNgL3sUjon
/2zDUttxs8XLO05zrGdWK5+9aFN5ARCx7jP1n3TY3MZL3z3BZIoNCykHq8Yuc5Bj
RpYeUyuFkff76VRyef5KfKNoqM3SfWl22OytuR1dV6/g8uYBm4iikbLx67pevhSy
hXTYS0Rc6hNCRkO3AmGGXON/pmRk8NjaI+B6OL4ifLXNsEohecYpb/tUnukMYsF9
qn+YBwZAouP2m+YxOakjap9uvrU+xrLOfHOpB/0sVIzhua9Gn+2o5GTsptvF2dOL
yxdB2jKazYFYK1cDk3nT6difK4pfy6rSuj5RCPTZVO5Xck0gQCr97IDymDRbM7DQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:22:54 2025 by rpki-client