Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134382e37342e302f32342d3234203d3e20313336373837.roa
File: 3139332e3134382e37342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: NboOAUhjKP7zZdBKCQL0OAxSbx5bjdajeqSLXbSUS7U=
Subject key identifier: D5:91:D0:57:66:05:4E:E2:C6:75:50:91:F6:05:14:42:1F:96:57:27
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4A062C7BD9B54A5E5899C81FAC11533B6A243C8B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134382e37342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:32 +0000
ROA not before: Fri 20 Dec 2024 15:18:32 +0000
ROA not after: Fri 19 Dec 2025 15:23:32 +0000
asID: 136787
IP address blocks: 193.148.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:06:2c:7b:d9:b5:4a:5e:58:99:c8:1f:ac:11:53:3b:6a:24:3c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:32 2024 GMT
Not After : Dec 19 15:23:32 2025 GMT
Subject: CN=D591D05766054EE2C6755091F60514421F965727
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1e:0b:95:77:47:57:6e:37:9a:dc:52:e2:08:
16:71:93:5d:fb:45:d8:57:44:d7:a9:c0:ec:36:81:
48:de:92:81:62:01:02:6f:e6:ee:c3:9b:6f:59:06:
26:54:ad:ce:04:a1:58:c2:1a:b0:bf:14:c1:3f:1c:
5d:05:34:ac:ad:f1:7a:78:45:97:40:9e:6f:b3:04:
3e:86:0a:ff:b1:8c:59:cf:9f:da:3e:03:ef:ee:4d:
fb:46:15:95:7b:42:72:39:d5:a4:80:4c:1a:37:80:
46:70:3f:5b:c0:60:0d:a1:d2:df:47:16:f3:a3:3b:
e6:b3:66:28:de:a7:ae:35:9c:c9:77:28:b2:21:0f:
d0:69:f2:58:1e:79:6a:45:d6:9d:b4:cf:b8:9d:54:
e7:51:c0:f5:e1:a0:52:5f:a4:3c:ad:43:b9:09:40:
d6:ac:a3:62:38:0d:0b:69:30:a8:2d:88:96:93:01:
e0:a3:bf:d5:6d:cb:8f:93:35:aa:dd:8b:8a:26:f2:
5a:16:bc:c2:52:0e:6a:28:ba:07:7c:b7:d4:48:3f:
50:e5:78:e1:a4:7e:3d:9c:74:66:44:ac:89:d4:de:
64:8d:58:77:c8:c2:91:62:70:54:30:16:61:b9:cd:
80:ba:79:a5:a4:e6:13:85:61:c1:b1:4f:2c:b8:e1:
2e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:91:D0:57:66:05:4E:E2:C6:75:50:91:F6:05:14:42:1F:96:57:27
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134382e37342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.74.0/24
Signature Algorithm: sha256WithRSAEncryption
17:cc:a3:f7:5d:9b:d7:af:89:8d:d9:39:eb:9d:a0:f1:f6:c8:
76:b0:a3:20:5e:88:5c:fd:62:5b:be:a6:3a:83:c4:93:b5:ad:
4d:8c:a7:35:31:ef:07:98:dd:ad:4e:3e:0d:4e:15:1b:bd:36:
83:06:27:a9:ab:d8:7e:e1:31:55:bc:12:5c:15:46:dc:a1:9b:
5f:1e:8f:2f:2d:4a:99:2b:7c:f1:4e:b7:84:82:e5:e6:01:58:
5c:47:2a:cf:94:5b:34:77:74:7a:e9:67:b6:43:4c:2c:0d:b3:
65:93:54:d0:ff:99:71:ac:ac:6c:9d:d1:c1:2f:5b:7e:aa:ec:
36:79:50:e5:2f:15:63:46:d8:4b:53:c3:be:2d:74:66:2c:c9:
5d:fc:66:9f:66:9f:c8:2d:64:77:ba:61:ec:a6:15:0a:f8:e6:
d6:9c:7a:32:93:58:eb:84:29:96:2d:b4:6a:9f:a7:91:b4:81:
7a:ba:1d:de:2b:6f:2b:32:f6:98:bd:21:f3:09:fd:21:81:9a:
46:b5:7d:f5:a6:10:86:c3:ae:fe:5d:de:81:fd:1d:39:d4:aa:
c5:69:e9:74:41:74:ba:75:53:71:17:7c:28:8d:25:21:45:6c:
ab:15:3d:22:df:f3:c8:5c:dc:27:86:90:a1:f1:1c:67:d7:e8:
95:78:9f:a2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUSgYse9m1Sl5YmcgfrBFTO2okPIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzJaFw0yNTEyMTkxNTIzMzJaMDMxMTAvBgNV
BAMTKEQ1OTFEMDU3NjYwNTRFRTJDNjc1NTA5MUY2MDUxNDQyMUY5NjU3MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiHguVd0dXbjea3FLiCBZxk137
RdhXRNepwOw2gUjekoFiAQJv5u7Dm29ZBiZUrc4EoVjCGrC/FME/HF0FNKyt8Xp4
RZdAnm+zBD6GCv+xjFnPn9o+A+/uTftGFZV7QnI51aSATBo3gEZwP1vAYA2h0t9H
FvOjO+azZijep641nMl3KLIhD9Bp8lgeeWpF1p20z7idVOdRwPXhoFJfpDytQ7kJ
QNaso2I4DQtpMKgtiJaTAeCjv9Vty4+TNardi4om8loWvMJSDmoougd8t9RIP1Dl
eOGkfj2cdGZErInU3mSNWHfIwpFicFQwFmG5zYC6eaWk5hOFYcGxTyy44S4RAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU1ZHQV2YFTuLGdVCR9gUUQh+WVycwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMxMzQz
ODJlMzczNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMGUSjANBgkqhkiG9w0BAQsFAAOCAQEAF8yj912b16+Jjdk5652g8fbI
drCjIF6IXP1iW76mOoPEk7WtTYynNTHvB5jdrU4+DU4VG702gwYnqavYfuExVbwS
XBVG3KGbXx6PLy1KmSt88U63hILl5gFYXEcqz5RbNHd0eulntkNMLA2zZZNU0P+Z
caysbJ3RwS9bfqrsNnlQ5S8VY0bYS1PDvi10ZizJXfxmn2afyC1kd7ph7KYVCvjm
1px6MpNY64Qpli20ap+nkbSBerod3itvKzL2mL0h8wn9IYGaRrV99aYQhsOu/l3e
gf0dOdSqxWnpdEF0unVTcRd8KI0lIUVsqxU9It/zyFzcJ4aQofEcZ9folXifog==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:38:43 2025 by rpki-client