Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134382e37352e302f32342d3234203d3e20313336373837.roa
File: 3139332e3134382e37352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: L0iVunUX8/sVHzkl3OtZHk+gsbPYaMeW3n8zPG9g9Ko=
Subject key identifier: EE:FB:43:4E:0A:8C:4B:68:1F:D9:DB:0D:D5:D8:54:2F:69:64:81:20
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1C18B29AB4D3727BDD830227DE093EFD1EBA0809
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134382e37352e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:30 +0000
ROA not before: Fri 20 Dec 2024 15:18:30 +0000
ROA not after: Fri 19 Dec 2025 15:23:30 +0000
asID: 136787
IP address blocks: 193.148.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:18:b2:9a:b4:d3:72:7b:dd:83:02:27:de:09:3e:fd:1e:ba:08:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:30 2024 GMT
Not After : Dec 19 15:23:30 2025 GMT
Subject: CN=EEFB434E0A8C4B681FD9DB0DD5D8542F69648120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:22:85:73:23:6b:ea:4b:d4:d2:38:bc:02:1a:
5d:07:a0:2f:97:f6:17:6d:58:27:53:a1:d9:f8:74:
86:66:16:0c:33:e4:ce:22:8f:25:c9:d6:c3:71:e0:
d0:d1:69:49:4f:66:3c:dc:54:38:1c:a4:ed:e5:51:
a9:a4:20:ff:75:25:45:64:aa:f3:d7:83:03:85:05:
59:c3:7c:cb:3c:6f:81:43:03:7a:ae:a6:89:93:8c:
3f:26:45:b7:43:2a:81:52:ef:30:be:10:71:69:d2:
18:c1:54:8d:15:fe:90:92:4b:9d:f4:ab:1a:54:94:
38:3f:c1:57:12:55:98:0e:20:3f:8a:bb:a0:29:46:
7d:bb:93:16:07:d6:77:4e:94:b2:c3:aa:29:9f:41:
7b:b6:bf:89:ad:08:0a:9c:bf:0e:86:cf:28:a4:57:
77:86:60:ce:d7:d4:66:23:a0:b0:91:11:ac:9b:ca:
54:54:b5:62:fe:24:9a:6c:2c:3c:4c:ba:f8:a3:2f:
81:f0:f1:5c:cd:fe:ae:a9:0c:6b:58:d6:bc:92:9a:
23:a0:fc:d2:25:2f:78:55:6b:ed:1f:09:ae:d9:16:
f0:c5:56:a6:3f:4d:7d:c6:50:d1:cf:e3:b5:82:ef:
40:75:a4:92:9c:6c:58:4a:18:c1:ee:9a:93:79:03:
eb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:FB:43:4E:0A:8C:4B:68:1F:D9:DB:0D:D5:D8:54:2F:69:64:81:20
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134382e37352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.75.0/24
Signature Algorithm: sha256WithRSAEncryption
89:6e:52:17:28:ec:83:16:06:04:28:9b:6b:16:c9:d5:3e:07:
68:cf:7c:90:bd:67:23:01:19:41:50:b1:53:09:f9:eb:91:12:
55:89:41:3f:64:68:2e:d0:a0:c6:a5:5c:fc:f2:1a:b0:29:f6:
26:d8:be:93:d6:64:a0:33:8e:0d:2d:d8:3a:0a:96:03:f0:3c:
a6:b2:d6:5d:d2:02:a2:39:67:e5:7d:bd:79:7e:f8:0a:9a:f9:
96:dc:73:56:24:7d:18:0f:90:04:6f:9e:34:dd:31:53:3e:00:
d0:69:5f:f7:0b:7f:bc:2c:38:3b:84:8a:71:4b:3d:75:c3:38:
21:bb:99:bc:33:00:f6:69:fc:46:d0:45:0f:ba:b0:1f:dd:04:
59:cd:c4:7a:f6:ad:27:c8:a2:f6:8a:3b:04:d3:c3:85:ec:1e:
5f:d8:40:95:aa:fe:cd:9a:87:12:ed:4a:3d:90:49:4c:f5:ad:
7c:d5:bf:a7:51:90:17:be:0a:3c:58:4e:b6:c3:1e:82:c0:39:
82:2b:57:27:00:97:49:91:7e:b2:8e:a1:7e:c8:7e:da:8f:b6:
8e:1b:c5:93:5d:4b:92:fd:ac:6c:1a:40:ac:27:5c:9e:dd:e4:
8f:11:25:0d:65:0c:52:d7:d5:8a:38:3c:32:2b:78:23:89:b1:
b6:f2:d0:f0
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUHBiymrTTcnvdgwIn3gk+/R66CAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzBaFw0yNTEyMTkxNTIzMzBaMDMxMTAvBgNV
BAMTKEVFRkI0MzRFMEE4QzRCNjgxRkQ5REIwREQ1RDg1NDJGNjk2NDgxMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNIoVzI2vqS9TSOLwCGl0HoC+X
9hdtWCdTodn4dIZmFgwz5M4ijyXJ1sNx4NDRaUlPZjzcVDgcpO3lUamkIP91JUVk
qvPXgwOFBVnDfMs8b4FDA3qupomTjD8mRbdDKoFS7zC+EHFp0hjBVI0V/pCSS530
qxpUlDg/wVcSVZgOID+Ku6ApRn27kxYH1ndOlLLDqimfQXu2v4mtCAqcvw6Gzyik
V3eGYM7X1GYjoLCREaybylRUtWL+JJpsLDxMuvijL4Hw8VzN/q6pDGtY1rySmiOg
/NIlL3hVa+0fCa7ZFvDFVqY/TX3GUNHP47WC70B1pJKcbFhKGMHumpN5A+uPAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU7vtDTgqMS2gf2dsN1dhUL2lkgSAwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMxMzQz
ODJlMzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMGUSzANBgkqhkiG9w0BAQsFAAOCAQEAiW5SFyjsgxYGBCibaxbJ1T4H
aM98kL1nIwEZQVCxUwn565ESVYlBP2RoLtCgxqVc/PIasCn2Jti+k9ZkoDOODS3Y
OgqWA/A8prLWXdICojln5X29eX74Cpr5ltxzViR9GA+QBG+eNN0xUz4A0Glf9wt/
vCw4O4SKcUs9dcM4IbuZvDMA9mn8RtBFD7qwH90EWc3EevatJ8ii9oo7BNPDhewe
X9hAlar+zZqHEu1KPZBJTPWtfNW/p1GQF74KPFhOtsMegsA5gitXJwCXSZF+so6h
fsh+2o+2jhvFk11Lkv2sbBpArCdcnt3kjxElDWUMUtfVijg8Mit4I4mxtvLQ8A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:58:17 2025 by rpki-client