Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3134352e33392e302f32342d3234203d3e20313336373837.roa
File: 3139322e3134352e33392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ncxiFEuSv8B/c5yoDC6qQ+ovHKZwyuBUVRVoSctXz8o=
Subject key identifier: 71:4E:79:0F:92:CD:C1:75:84:09:4C:9F:7E:51:82:43:DB:72:F4:69
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1128C415B45D41F93B931AA54015C7E5619CA11E
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3134352e33392e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:29 +0000
ROA not before: Fri 20 Dec 2024 15:18:29 +0000
ROA not after: Fri 19 Dec 2025 15:23:29 +0000
asID: 136787
IP address blocks: 192.145.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:28:c4:15:b4:5d:41:f9:3b:93:1a:a5:40:15:c7:e5:61:9c:a1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:29 2024 GMT
Not After : Dec 19 15:23:29 2025 GMT
Subject: CN=714E790F92CDC17584094C9F7E518243DB72F469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1a:a9:94:47:f7:27:59:ab:39:c0:79:62:3e:
20:a9:27:41:e9:1c:02:82:15:ef:e3:30:5c:87:16:
6b:01:2b:a4:10:d7:6e:c8:e5:cf:d1:45:94:32:99:
58:8d:bf:46:f8:04:a9:7d:70:5a:bd:bb:86:59:f3:
1c:8d:43:a0:d9:8e:ea:6e:60:23:29:74:67:8c:85:
28:15:fa:4e:49:07:21:9e:d3:86:e6:8a:44:29:1c:
8d:05:b4:4a:c0:47:51:33:34:01:ca:89:5b:a0:be:
17:95:e3:b7:08:c1:4c:6a:ff:8c:5c:2b:9c:b0:90:
88:34:08:9f:5f:cc:ee:8a:df:92:df:30:a0:a8:b3:
b5:c6:2e:72:50:3a:2d:d1:10:1b:ee:4d:7e:70:5d:
98:a3:e1:82:38:06:3a:0c:a7:d3:ea:b9:62:9c:34:
60:c4:76:20:5d:8e:9d:27:22:78:00:6d:8e:16:1a:
c6:48:3d:2f:8c:1e:55:2a:bf:9b:6f:c6:2e:7c:68:
2d:20:13:a3:ad:05:4d:9b:7b:57:2c:ca:3a:66:a0:
f4:d8:d3:24:b3:e9:10:6c:ab:5c:8d:12:0d:d5:e6:
a3:b2:db:ba:e9:bc:0c:d7:3a:e1:b0:86:d0:43:51:
92:e5:a6:be:a4:ff:1d:c9:b3:50:7b:f4:9b:51:70:
de:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4E:79:0F:92:CD:C1:75:84:09:4C:9F:7E:51:82:43:DB:72:F4:69
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3134352e33392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.39.0/24
Signature Algorithm: sha256WithRSAEncryption
43:e3:b6:e5:59:cc:df:e8:18:8d:88:ad:8e:93:54:8f:4c:46:
85:04:a9:c3:9d:5c:4f:81:57:1a:84:5d:66:c1:b7:ac:e3:93:
65:87:01:87:e1:04:f4:96:6b:21:44:0c:db:b6:1f:a6:08:da:
3b:de:df:5f:80:d8:33:65:d0:3f:65:d2:be:6b:fe:8b:e3:0b:
03:92:e3:db:97:d5:77:01:c0:77:c0:22:5b:0d:d0:3d:9d:dd:
d1:65:a8:ac:0b:78:eb:df:c3:d1:1e:3c:d7:c4:31:d4:0b:d0:
ab:f9:c4:32:19:d9:de:5b:e4:1b:f0:c7:e9:15:f2:d1:47:eb:
7d:76:85:fb:2c:bf:f4:06:fb:4e:3a:62:d5:f9:99:4e:f5:63:
25:cc:1d:dd:d4:60:43:d1:bc:49:c7:e5:fc:8b:df:64:76:f9:
37:cc:78:ee:5b:80:46:96:41:1d:f4:88:18:bd:59:69:44:6c:
45:04:51:48:ae:0d:0f:48:03:7f:a8:ae:16:ee:45:71:2b:d6:
8f:9c:bd:f4:17:89:26:5c:6a:39:b7:f9:51:fe:40:3d:df:ca:
07:59:27:20:81:5a:40:e1:39:41:fe:e2:03:21:e1:4f:a1:20:
ce:e5:00:93:3d:40:0c:c1:c2:4b:52:a2:af:07:0f:63:5e:4e:
fe:f0:52:48
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUESjEFbRdQfk7kxqlQBXH5WGcoR4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MjlaFw0yNTEyMTkxNTIzMjlaMDMxMTAvBgNV
BAMTKDcxNEU3OTBGOTJDREMxNzU4NDA5NEM5RjdFNTE4MjQzREI3MkY0NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGGqmUR/cnWas5wHliPiCpJ0Hp
HAKCFe/jMFyHFmsBK6QQ127I5c/RRZQymViNv0b4BKl9cFq9u4ZZ8xyNQ6DZjupu
YCMpdGeMhSgV+k5JByGe04bmikQpHI0FtErAR1EzNAHKiVugvheV47cIwUxq/4xc
K5ywkIg0CJ9fzO6K35LfMKCos7XGLnJQOi3REBvuTX5wXZij4YI4BjoMp9PquWKc
NGDEdiBdjp0nIngAbY4WGsZIPS+MHlUqv5tvxi58aC0gE6OtBU2be1csyjpmoPTY
0ySz6RBsq1yNEg3V5qOy27rpvAzXOuGwhtBDUZLlpr6k/x3Js1B79JtRcN5ZAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUcU55D5LNwXWECUyfflGCQ9ty9GkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzIyZTMxMzQz
NTJlMzMzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMCRJzANBgkqhkiG9w0BAQsFAAOCAQEAQ+O25VnM3+gYjYitjpNUj0xG
hQSpw51cT4FXGoRdZsG3rOOTZYcBh+EE9JZrIUQM27YfpgjaO97fX4DYM2XQP2XS
vmv+i+MLA5Lj25fVdwHAd8AiWw3QPZ3d0WWorAt469/D0R4818Qx1AvQq/nEMhnZ
3lvkG/DH6RXy0UfrfXaF+yy/9Ab7Tjpi1fmZTvVjJcwd3dRgQ9G8Scfl/IvfZHb5
N8x47luARpZBHfSIGL1ZaURsRQRRSK4ND0gDf6iuFu5FcSvWj5y99BeJJlxqObf5
Uf5APd/KB1knIIFaQOE5Qf7iAyHhT6EgzuUAkz1ADMHCS1KirwcPY15O/vBSSA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:52:33 2025 by rpki-client