Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa
File: 3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 9mVHF6SLMVka4GIgqlN0wVSmrICHHTQ/9PiWYT73Fuc=
Subject key identifier: 66:88:6E:F6:53:85:12:8C:FE:61:9A:A1:39:13:35:30:A0:28:84:CF
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 59B6D99FAA691B9D2DFC9F221935EECF69CEA1E6
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:35 +0000
ROA not before: Fri 20 Dec 2024 15:18:35 +0000
ROA not after: Fri 19 Dec 2025 15:23:35 +0000
asID: 136787
IP address blocks: 192.145.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:b6:d9:9f:aa:69:1b:9d:2d:fc:9f:22:19:35:ee:cf:69:ce:a1:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:35 2024 GMT
Not After : Dec 19 15:23:35 2025 GMT
Subject: CN=66886EF65385128CFE619AA139133530A02884CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:83:e6:94:79:db:0f:6d:a2:f3:43:a1:75:c2:
bb:bc:8f:6a:6c:68:b7:c0:54:7d:1e:0b:bd:98:cf:
a7:78:23:13:29:f1:dd:bf:dc:9f:cb:2b:a7:db:9e:
b7:d4:65:9b:12:f8:62:54:3a:2b:72:24:41:1a:c0:
f0:71:a3:1f:25:d0:3a:00:ea:1d:21:cb:68:52:dc:
e8:89:a7:f0:9f:ff:7c:d0:fe:0b:51:cf:fc:14:0a:
28:4f:cd:f7:a1:fd:4c:57:e1:96:2c:80:e0:8b:25:
3a:9e:ac:f7:dc:75:f8:09:f3:59:76:e8:f6:b1:78:
3c:d7:b0:57:d2:dd:4c:f7:0e:cd:32:f5:93:63:5b:
d9:c0:f4:e5:1a:23:f1:72:5e:fa:11:72:c6:b4:b2:
3b:9c:92:b7:7c:2c:99:d1:61:4e:bb:c2:7b:aa:52:
b0:0c:e8:64:0d:ec:0a:d9:57:73:65:2e:64:c2:c9:
8f:1a:77:e4:0c:da:44:e4:c4:5e:51:12:53:1d:55:
3a:d0:5b:0c:ef:97:f3:6c:da:bb:d2:c0:4d:50:70:
fd:8a:6a:ba:16:32:d1:ed:c7:88:6e:f3:a9:94:46:
5c:3a:87:e8:03:d9:bf:e9:ab:ec:38:f5:b7:ae:4e:
cd:13:c1:7d:92:1b:0b:33:fe:df:60:0b:12:9e:a8:
e4:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:88:6E:F6:53:85:12:8C:FE:61:9A:A1:39:13:35:30:A0:28:84:CF
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3134352e33362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.36.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:02:ad:e1:0a:36:5b:23:14:cc:9b:e6:55:37:a2:e5:8a:5a:
90:6f:20:8b:d3:b8:fd:82:28:d0:5b:35:a3:35:05:bc:4d:1e:
51:cf:0d:87:81:f9:c4:ad:98:07:cb:f8:7c:fb:f8:89:ee:c4:
da:35:1d:33:62:0b:0a:d2:ef:99:57:a1:d9:6f:63:c4:ab:2c:
64:de:0a:36:36:44:0e:89:a9:94:3d:70:a5:db:78:53:49:ec:
12:fb:ce:4d:5e:eb:96:82:b2:f9:02:0c:b9:44:9b:2a:62:a0:
a9:ea:f7:6e:12:54:6a:21:5c:72:ba:e4:fd:7f:8e:8c:43:89:
1c:f4:63:3e:16:81:a6:46:e2:c0:df:c5:d6:b8:5d:d1:91:d9:
bb:b9:1d:44:f8:56:be:00:d7:02:9c:45:40:59:7e:f9:a7:f5:
08:ed:c5:9e:f8:59:1e:76:fe:cf:ad:bf:ef:9b:58:ad:5e:3b:
3e:54:c6:c9:f0:bb:b5:b5:66:7f:b9:ee:a4:cd:56:eb:40:04:
5a:ee:de:33:18:3e:7d:af:53:40:2c:15:77:bd:5e:c1:b2:14:
a0:5e:df:0c:ff:b9:1e:4f:3f:ee:35:5c:d4:57:5d:96:c3:32:
dd:0a:ac:ce:87:e2:6f:44:3e:27:28:6c:22:aa:0c:c3:9b:8c:
12:22:dd:fc
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUWbbZn6ppG50t/J8iGTXuz2nOoeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzVaFw0yNTEyMTkxNTIzMzVaMDMxMTAvBgNV
BAMTKDY2ODg2RUY2NTM4NTEyOENGRTYxOUFBMTM5MTMzNTMwQTAyODg0Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4g+aUedsPbaLzQ6F1wru8j2ps
aLfAVH0eC72Yz6d4IxMp8d2/3J/LK6fbnrfUZZsS+GJUOityJEEawPBxox8l0DoA
6h0hy2hS3OiJp/Cf/3zQ/gtRz/wUCihPzfeh/UxX4ZYsgOCLJTqerPfcdfgJ81l2
6PaxeDzXsFfS3Uz3Ds0y9ZNjW9nA9OUaI/FyXvoRcsa0sjuckrd8LJnRYU67wnuq
UrAM6GQN7ArZV3NlLmTCyY8ad+QM2kTkxF5RElMdVTrQWwzvl/Ns2rvSwE1QcP2K
aroWMtHtx4hu86mURlw6h+gD2b/pq+w49beuTs0TwX2SGwsz/t9gCxKeqOTbAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUZohu9lOFEoz+YZqhORM1MKAohM8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzIyZTMxMzQz
NTJlMzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMCRJDANBgkqhkiG9w0BAQsFAAOCAQEAtQKt4Qo2WyMUzJvmVTei5Ypa
kG8gi9O4/YIo0Fs1ozUFvE0eUc8Nh4H5xK2YB8v4fPv4ie7E2jUdM2ILCtLvmVeh
2W9jxKssZN4KNjZEDomplD1wpdt4U0nsEvvOTV7rloKy+QIMuUSbKmKgqer3bhJU
aiFccrrk/X+OjEOJHPRjPhaBpkbiwN/F1rhd0ZHZu7kdRPhWvgDXApxFQFl++af1
CO3FnvhZHnb+z62/75tYrV47PlTGyfC7tbVmf7nupM1W60AEWu7eMxg+fa9TQCwV
d71ewbIUoF7fDP+5Hk8/7jVc1FddlsMy3Qqszofib0Q+JyhsIqoMw5uMEiLd/A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:38:41 2025 by rpki-client