Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa
File: 3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: 3XYabxOyGEz8H2lMEDURqFpLGtIW4bnARWJRaUsyq40=
Subject key identifier: A6:51:1F:1E:F4:9B:F3:BE:41:F4:1A:92:1B:CB:29:BA:85:F9:E9:2C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2EE34208B00967367EDCB3F5E1134E2FBFBD81B5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa
Signing time: Fri 27 Dec 2024 11:47:08 +0000
ROA not before: Fri 27 Dec 2024 11:42:08 +0000
ROA not after: Fri 26 Dec 2025 11:47:08 +0000
asID: 147049
IP address blocks: 192.166.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:e3:42:08:b0:09:67:36:7e:dc:b3:f5:e1:13:4e:2f:bf:bd:81:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:08 2024 GMT
Not After : Dec 26 11:47:08 2025 GMT
Subject: CN=A6511F1EF49BF3BE41F41A921BCB29BA85F9E92C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:54:2a:6d:cf:0d:59:a6:be:63:78:6f:97:ec:
61:e0:05:ed:ef:64:76:d7:26:95:0b:ad:c4:94:73:
e9:88:f7:a5:eb:59:49:d5:60:1d:66:25:3b:70:f9:
b8:b4:d4:04:7d:d9:c9:bc:8e:1a:05:76:5a:e0:cc:
e8:b8:45:f9:37:b9:54:de:63:e5:8c:6e:70:0f:e6:
0a:ee:a1:93:47:c2:56:26:d3:bc:44:bb:76:49:79:
26:63:7a:40:98:e8:97:c8:35:50:72:c2:d4:65:78:
61:e5:1a:17:15:17:50:dd:72:f9:d7:79:99:0d:03:
92:ec:1e:c1:ad:ee:83:e8:6a:63:c8:34:e9:4a:ae:
d7:1f:4a:a7:89:0b:be:f9:31:fd:d3:e3:57:b9:54:
cc:9f:f2:bb:33:5d:86:36:c1:4f:5b:42:ce:85:1f:
83:da:35:3d:51:c3:d7:54:da:36:86:50:16:c2:ee:
21:0c:4f:38:b2:a9:19:ff:82:87:73:d8:6c:e3:47:
59:97:52:02:ca:b0:ce:ed:98:ee:fc:aa:13:e1:a8:
5b:97:0b:66:e8:d0:34:af:6f:7e:b3:f5:e6:3c:ea:
1e:fa:15:90:6e:16:4f:fd:4f:7a:37:1d:d2:08:28:
70:d9:84:0c:88:5c:97:f2:97:d8:1b:1c:5f:91:72:
e7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:51:1F:1E:F4:9B:F3:BE:41:F4:1A:92:1B:CB:29:BA:85:F9:E9:2C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.244.0/24
Signature Algorithm: sha256WithRSAEncryption
56:4b:4e:13:6c:2b:70:94:00:09:ef:c9:34:45:b0:a0:81:9b:
97:cb:75:91:16:6d:3c:cd:74:dd:55:7d:9d:a9:7e:b7:61:4b:
a6:16:58:5b:76:ec:ab:60:59:2c:41:bf:84:0a:66:81:30:e0:
46:92:ff:1b:7a:81:d1:50:97:fe:28:53:ad:01:76:57:83:ee:
67:c3:1b:b9:d6:0b:36:c1:01:a5:71:e7:3d:69:ca:90:2d:40:
aa:a9:57:3c:55:2d:92:b6:ea:0a:d1:0b:77:80:0c:37:2d:a7:
3b:47:af:88:19:47:d0:58:30:ba:eb:da:22:d8:69:53:19:93:
cb:a9:2e:e5:de:49:d0:96:38:f6:a1:23:e8:62:d8:06:25:ef:
9c:8a:8c:be:d2:6a:58:19:9d:c8:26:14:3b:65:a6:0e:9f:67:
eb:e5:41:1b:77:9c:88:13:6f:c7:ac:f3:ed:70:12:54:ce:f3:
9c:9f:b7:b3:d8:48:05:37:2d:f8:86:fe:62:3e:74:9e:3a:42:
64:cb:86:4a:5d:d3:1e:61:d6:c3:36:57:4f:2b:d5:c0:35:88:
83:a2:ad:a7:a8:21:1e:f2:55:c7:1b:d9:82:53:cf:41:1d:f3:
83:2f:fe:fb:9e:28:13:2f:81:98:d2:8d:80:eb:c9:f3:ec:b7:
12:1a:48:f0
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIULuNCCLAJZzZ+3LP14RNOL7+9gbUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMDhaFw0yNTEyMjYxMTQ3MDhaMDMxMTAvBgNV
BAMTKEE2NTExRjFFRjQ5QkYzQkU0MUY0MUE5MjFCQ0IyOUJBODVGOUU5MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/VCptzw1Zpr5jeG+X7GHgBe3v
ZHbXJpULrcSUc+mI96XrWUnVYB1mJTtw+bi01AR92cm8jhoFdlrgzOi4Rfk3uVTe
Y+WMbnAP5gruoZNHwlYm07xEu3ZJeSZjekCY6JfINVBywtRleGHlGhcVF1DdcvnX
eZkNA5LsHsGt7oPoamPINOlKrtcfSqeJC775Mf3T41e5VMyf8rszXYY2wU9bQs6F
H4PaNT1Rw9dU2jaGUBbC7iEMTziyqRn/godz2GzjR1mXUgLKsM7tmO78qhPhqFuX
C2bo0DSvb36z9eY86h76FZBuFk/9T3o3HdIIKHDZhAyIXJfyl9gbHF+RcudrAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUplEfHvSb875B9BqSG8spuoX56SwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzIyZTMxMzYz
NjJlMzIzNDM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM3MzAzNDM5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwKb0MA0GCSqGSIb3DQEBCwUAA4IBAQBWS04TbCtwlAAJ78k0RbCg
gZuXy3WRFm08zXTdVX2dqX63YUumFlhbduyrYFksQb+ECmaBMOBGkv8beoHRUJf+
KFOtAXZXg+5nwxu51gs2wQGlcec9acqQLUCqqVc8VS2StuoK0Qt3gAw3Lac7R6+I
GUfQWDC669oi2GlTGZPLqS7l3knQljj2oSPoYtgGJe+cioy+0mpYGZ3IJhQ7ZaYO
n2fr5UEbd5yIE2/HrPPtcBJUzvOcn7ez2EgFNy34hv5iPnSeOkJky4ZKXdMeYdbD
NldPK9XANYiDoq2nqCEe8lXHG9mCU89BHfODL/77nigTL4GY0o2A68nz7LcSGkjw
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:58:32 2025 by rpki-client