Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134322e3230302e302f32342d3234203d3e20313336373837.roa
File: 3139332e3134322e3230302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: q5NmVAro86jjJfqOJQx/Rigd42/OrwxI+GVMn5azb/0=
Subject key identifier: 39:7E:85:1F:C4:06:93:B5:89:E6:D3:9F:81:8C:1B:8E:77:C5:17:1E
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 338BD170713F38CB088937F7BFE80AB82F6AA759
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134322e3230302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:12 +0000
ROA not before: Fri 27 Dec 2024 11:42:12 +0000
ROA not after: Fri 26 Dec 2025 11:47:12 +0000
asID: 136787
IP address blocks: 193.142.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 19:42:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:8b:d1:70:71:3f:38:cb:08:89:37:f7:bf:e8:0a:b8:2f:6a:a7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:12 2024 GMT
Not After : Dec 26 11:47:12 2025 GMT
Subject: CN=397E851FC40693B589E6D39F818C1B8E77C5171E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:bc:37:58:9d:62:ae:54:8b:59:55:77:64:7e:
4d:5a:23:d4:31:95:c0:26:1a:56:46:25:b3:85:12:
da:d3:32:22:01:c3:36:75:90:c1:79:cf:0c:58:eb:
4b:c7:89:d8:23:77:b5:bf:0d:39:cd:0d:f9:be:06:
09:5a:40:b2:c5:3e:79:0e:6b:1c:9a:ec:f3:59:fb:
0b:ab:a3:2a:b8:c6:96:f6:2c:34:a8:1b:2c:27:6c:
c4:65:90:22:ed:df:04:54:d6:51:e6:f6:77:c2:70:
f0:26:e2:97:14:19:43:5f:f0:b3:1e:38:f4:fc:f8:
01:e6:8d:d1:7b:de:c9:d3:67:57:05:06:b6:08:44:
ca:e3:a9:d9:67:1d:26:79:f6:06:22:62:97:85:ff:
01:70:0e:5e:24:d5:9e:d3:aa:6a:5f:e9:3a:55:28:
2a:18:76:e7:24:2e:fb:ab:54:3d:ea:41:8f:cc:83:
b9:58:7e:69:f7:94:9c:6f:1c:d2:2e:7b:aa:27:7e:
84:3b:47:c7:e6:ff:7f:75:7a:1e:e2:72:94:70:68:
ec:d2:da:aa:78:32:1a:70:9d:95:12:c9:8e:05:a8:
a6:66:79:9d:93:01:f8:e2:e9:62:d4:e2:60:80:39:
3d:b1:13:4a:75:44:51:b0:19:3c:f8:d5:60:25:83:
87:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7E:85:1F:C4:06:93:B5:89:E6:D3:9F:81:8C:1B:8E:77:C5:17:1E
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134322e3230302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.200.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:7b:c8:12:82:14:33:9d:26:f1:13:12:df:54:db:29:52:eb:
52:34:2e:c8:ca:43:fe:6c:fd:03:57:a4:20:a1:2a:8d:aa:c4:
07:35:ed:4f:70:25:ad:82:61:ca:75:94:2f:ba:0f:62:e8:e4:
e4:1e:27:f6:41:b4:56:6d:4f:df:ad:17:77:52:9e:61:f4:32:
02:ef:44:9c:06:3d:64:73:4c:99:8d:b3:f1:c0:0a:b7:77:ce:
44:3b:46:59:f9:d0:86:09:9f:6c:8b:f9:f3:e5:d5:1c:34:e5:
dc:1f:9e:3c:04:45:22:09:70:e6:d2:f8:9b:ca:ad:27:c0:d9:
13:92:a4:59:1c:97:c8:5b:8f:c0:59:e0:d2:43:ac:68:bc:ec:
fb:68:28:47:f3:4e:2b:4b:f6:7d:5d:af:24:44:d4:26:3f:47:
a7:42:f0:9b:ca:8a:9c:38:70:05:ab:51:97:c4:fe:fc:9b:83:
13:19:6c:61:0a:7d:66:ef:6b:8f:dd:f5:16:76:25:ee:34:3b:
c4:ba:28:1a:00:64:f2:cf:1b:d5:9b:41:ed:b0:82:d4:72:a4:
44:80:6d:1b:ea:0f:33:27:a9:22:54:25:72:94:08:50:b7:08:
1c:28:0d:91:36:a1:c9:84:17:a5:c8:a6:6f:6d:d4:4f:42:dc:
eb:21:1e:76
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUM4vRcHE/OMsIiTf3v+gKuC9qp1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTJaFw0yNTEyMjYxMTQ3MTJaMDMxMTAvBgNV
BAMTKDM5N0U4NTFGQzQwNjkzQjU4OUU2RDM5RjgxOEMxQjhFNzdDNTE3MUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXvDdYnWKuVItZVXdkfk1aI9Qx
lcAmGlZGJbOFEtrTMiIBwzZ1kMF5zwxY60vHidgjd7W/DTnNDfm+BglaQLLFPnkO
axya7PNZ+wuroyq4xpb2LDSoGywnbMRlkCLt3wRU1lHm9nfCcPAm4pcUGUNf8LMe
OPT8+AHmjdF73snTZ1cFBrYIRMrjqdlnHSZ59gYiYpeF/wFwDl4k1Z7Tqmpf6TpV
KCoYduckLvurVD3qQY/Mg7lYfmn3lJxvHNIue6onfoQ7R8fm/391eh7icpRwaOzS
2qp4MhpwnZUSyY4FqKZmeZ2TAfji6WLU4mCAOT2xE0p1RFGwGTz41WAlg4e5AgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUOX6FH8QGk7WJ5tOfgYwbjnfFFx4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMxMzQz
MjJlMzIzMDMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAwY7IMA0GCSqGSIb3DQEBCwUAA4IBAQA7e8gSghQznSbxExLfVNsp
UutSNC7IykP+bP0DV6QgoSqNqsQHNe1PcCWtgmHKdZQvug9i6OTkHif2QbRWbU/f
rRd3Up5h9DIC70ScBj1kc0yZjbPxwAq3d85EO0ZZ+dCGCZ9si/nz5dUcNOXcH548
BEUiCXDm0vibyq0nwNkTkqRZHJfIW4/AWeDSQ6xovOz7aChH804rS/Z9Xa8kRNQm
P0enQvCbyoqcOHAFq1GXxP78m4MTGWxhCn1m72uP3fUWdiXuNDvEuigaAGTyzxvV
m0HtsILUcqREgG0b6g8zJ6kiVCVylAhQtwgcKA2RNqHJhBelyKZvbdRPQtzrIR52
-----END CERTIFICATE-----
Generated at Thu Apr 10 08:42:52 2025 by rpki-client