Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134382e37322e302f32342d3332203d3e20313336373837.roa
File: 3139332e3134382e37322e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: 4jk+J3UaQ0wj05eg4+ryPIUg7tg3B+5Q7aldLcY8iEY=
Subject key identifier: 8F:2D:A0:62:82:2A:C1:D6:53:9D:7F:A9:49:E1:23:90:38:DD:57:44
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7998A8316B91A96B84C251BF4AB54203B5B15FED
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134382e37322e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:40 +0000
ROA not before: Fri 20 Dec 2024 15:18:40 +0000
ROA not after: Fri 19 Dec 2025 15:23:40 +0000
asID: 136787
IP address blocks: 193.148.72.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:98:a8:31:6b:91:a9:6b:84:c2:51:bf:4a:b5:42:03:b5:b1:5f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:40 2024 GMT
Not After : Dec 19 15:23:40 2025 GMT
Subject: CN=8F2DA062822AC1D6539D7FA949E1239038DD5744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b3:43:b0:b8:4f:07:b5:85:d9:84:6a:c9:37:
d8:5f:5a:9c:66:46:1e:5b:94:3c:a8:0e:0c:93:09:
3f:7c:bc:4c:a6:cd:8e:95:1a:6e:57:d7:d6:0f:74:
85:d6:4f:fa:34:64:63:c3:c6:48:b6:30:11:16:4e:
a3:b5:c5:19:5f:fd:2b:85:49:2f:fd:d0:e3:eb:e5:
51:fb:4a:80:d5:6d:90:13:4c:73:e5:ac:58:52:aa:
77:d9:33:c4:33:6b:4c:a2:b7:56:29:fe:a2:d3:bb:
aa:9a:0a:91:14:68:ba:05:95:9d:11:9a:ef:2e:41:
dc:1c:cb:e1:99:17:da:2b:13:df:db:ad:c0:f2:cf:
93:a2:cf:a5:5e:ee:ae:12:99:a7:de:74:1c:f6:8b:
b5:61:32:83:1f:8c:23:82:2f:a7:69:dc:f5:19:84:
e2:24:2b:f5:3a:4d:83:ad:1e:2f:6a:09:0a:bd:07:
d8:55:e3:f6:b0:a2:37:b8:fb:2e:ee:0b:be:f1:f1:
00:2c:f4:4e:da:7b:06:fe:34:aa:be:2f:78:8c:73:
25:1b:fc:af:f6:25:7f:f8:d7:e2:2b:0c:f8:d2:ac:
1b:96:22:c0:c6:a9:51:36:94:1d:60:22:ac:46:69:
ca:b8:1d:22:a6:8a:21:bc:e5:78:d3:86:85:46:c2:
0e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:2D:A0:62:82:2A:C1:D6:53:9D:7F:A9:49:E1:23:90:38:DD:57:44
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134382e37322e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:17:82:18:fc:cb:1e:80:7d:ce:9d:bb:03:13:54:21:9b:7b:
d8:05:10:c0:dd:60:48:d2:0c:07:ee:d3:97:3b:95:5c:ff:65:
23:9b:5f:11:04:55:c6:17:ae:43:c3:28:46:21:e1:70:17:c5:
ae:71:1d:ea:19:51:db:22:2b:7c:2f:a6:34:2f:fb:04:79:cf:
49:d5:fa:d8:fa:97:65:09:3e:fa:0e:d6:45:e0:aa:b0:25:7f:
c5:c7:ad:4b:7f:9c:6e:32:65:0a:8f:38:26:b8:6c:ce:6d:4d:
0b:fb:f3:90:26:89:11:e1:a5:68:6a:d3:27:cc:e8:1d:2b:da:
9e:57:a2:60:4a:1c:10:8a:4e:fc:30:b3:4a:35:43:52:f1:f9:
46:f9:8a:dd:98:76:0d:c5:f6:78:7a:37:cc:ba:dd:32:9c:e0:
06:ee:82:3f:cb:9b:6f:bc:00:f6:37:26:85:d9:2d:e3:81:18:
8c:e9:81:f0:d6:b4:0d:c1:13:09:5d:8c:ee:06:7a:af:de:79:
a1:3b:cf:eb:1d:75:02:0b:e6:32:91:13:87:cf:a1:c9:39:63:
75:dc:44:e3:13:a2:24:0d:4c:74:51:e9:3f:34:64:00:e7:10:
0e:f4:64:6d:ff:b4:ca:22:10:e7:2b:91:e9:ba:be:d4:d5:22:
9a:8a:5b:fb
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUeZioMWuRqWuEwlG/SrVCA7WxX+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4NDBaFw0yNTEyMTkxNTIzNDBaMDMxMTAvBgNV
BAMTKDhGMkRBMDYyODIyQUMxRDY1MzlEN0ZBOTQ5RTEyMzkwMzhERDU3NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRs0OwuE8HtYXZhGrJN9hfWpxm
Rh5blDyoDgyTCT98vEymzY6VGm5X19YPdIXWT/o0ZGPDxki2MBEWTqO1xRlf/SuF
SS/90OPr5VH7SoDVbZATTHPlrFhSqnfZM8Qza0yit1Yp/qLTu6qaCpEUaLoFlZ0R
mu8uQdwcy+GZF9orE9/brcDyz5Oiz6Ve7q4SmafedBz2i7VhMoMfjCOCL6dp3PUZ
hOIkK/U6TYOtHi9qCQq9B9hV4/awoje4+y7uC77x8QAs9E7aewb+NKq+L3iMcyUb
/K/2JX/41+IrDPjSrBuWIsDGqVE2lB1gIqxGacq4HSKmiiG85XjThoVGwg4PAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUjy2gYoIqwdZTnX+pSeEjkDjdV0QwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMxMzQz
ODJlMzczMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMGUSDANBgkqhkiG9w0BAQsFAAOCAQEAoReCGPzLHoB9zp27AxNUIZt7
2AUQwN1gSNIMB+7TlzuVXP9lI5tfEQRVxheuQ8MoRiHhcBfFrnEd6hlR2yIrfC+m
NC/7BHnPSdX62PqXZQk++g7WReCqsCV/xcetS3+cbjJlCo84Jrhszm1NC/vzkCaJ
EeGlaGrTJ8zoHSvanleiYEocEIpO/DCzSjVDUvH5RvmK3Zh2DcX2eHo3zLrdMpzg
Bu6CP8ubb7wA9jcmhdkt44EYjOmB8Na0DcETCV2M7gZ6r955oTvP6x11AgvmMpET
h8+hyTljddxE4xOiJA1MdFHpPzRkAOcQDvRkbf+0yiIQ5yuR6bq+1NUimopb+w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:59:17 2025 by rpki-client