Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134392e32342e302f32342d3234203d3e20313336373837.roa
File: 3139332e3134392e32342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 3tuPNBPbrEOC4ZpsP4WGyG7mn9DFJ6pgadp8ELa+B9k=
Subject key identifier: 24:B2:98:23:D2:12:1D:D2:8C:08:13:10:7D:94:5E:CE:DF:B8:98:E1
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 05D0E5D002C6F69EE1C32DA464AF83C845EC2327
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134392e32342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:35 +0000
ROA not before: Fri 20 Dec 2024 15:18:35 +0000
ROA not after: Fri 19 Dec 2025 15:23:35 +0000
asID: 136787
IP address blocks: 193.149.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:d0:e5:d0:02:c6:f6:9e:e1:c3:2d:a4:64:af:83:c8:45:ec:23:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:35 2024 GMT
Not After : Dec 19 15:23:35 2025 GMT
Subject: CN=24B29823D2121DD28C0813107D945ECEDFB898E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c5:f6:e1:03:22:bd:d9:b1:9b:d1:57:74:87:
24:7b:c4:e9:a4:8d:fd:3a:aa:73:c1:60:04:25:6e:
6b:d9:e7:44:06:5b:07:fe:24:64:e5:87:30:00:1f:
2d:9f:c8:c8:46:fe:5b:6b:a7:67:25:55:b3:6f:8e:
fc:ce:f5:12:97:0e:92:8c:73:6f:02:45:99:87:4c:
02:02:a0:90:9b:6d:db:a3:8e:d2:7f:70:eb:d2:25:
58:2e:33:0c:78:b5:52:1f:3f:f1:e2:8c:28:9d:71:
d9:f9:af:02:78:51:a5:28:16:41:9b:d7:15:c4:82:
75:c9:54:5d:a0:31:2c:85:03:a5:16:2f:0f:59:7b:
28:6f:91:f4:86:be:29:db:a3:6e:ee:7f:2f:d8:40:
5b:3d:32:1c:bb:d0:94:68:52:fb:2a:e8:8f:4c:cf:
42:82:d6:a4:c0:d3:c1:d9:2c:aa:0f:dc:0d:23:73:
08:a5:a0:35:ea:d0:06:5d:59:0b:d2:f1:a5:f8:3a:
52:d3:ca:16:34:38:31:a2:8d:d8:58:28:fc:57:f7:
3c:fb:32:be:bb:41:13:39:87:4d:1c:9c:c2:b9:8c:
fe:c7:15:e7:4d:67:fa:90:08:00:6a:41:d3:e4:c5:
89:ca:16:24:e2:23:c6:38:3b:fb:d6:5b:e3:ba:35:
18:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:B2:98:23:D2:12:1D:D2:8C:08:13:10:7D:94:5E:CE:DF:B8:98:E1
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3134392e32342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.149.24.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:04:db:7f:43:60:77:96:f8:da:58:51:8e:12:ba:c0:a9:e3:
d4:68:92:27:e1:0e:8a:c8:f5:ef:c1:f5:e1:a3:6f:6d:01:89:
fd:8b:c2:bc:cf:14:30:dc:3b:16:82:c4:fa:2d:da:00:3a:64:
40:9b:1e:71:00:1c:28:b0:f4:db:ee:86:6f:ee:cd:22:82:86:
8b:7e:0a:5f:04:b0:03:5d:70:21:35:bc:aa:f3:1b:eb:9d:ca:
55:fc:80:e3:da:13:db:a7:53:7e:11:c3:66:8e:7f:82:a5:23:
fe:6c:4f:6c:9c:94:93:1d:fb:70:51:60:cb:c9:49:cc:c3:4c:
db:ab:ed:9d:af:d3:cc:74:b4:76:b0:f0:a5:d8:9d:7c:7c:e7:
49:0b:18:3c:34:05:df:52:4e:f0:e0:79:87:9e:6d:13:28:3d:
41:ea:2f:0a:73:54:a5:ac:1f:3c:64:f7:4b:e8:f0:07:62:36:
aa:b9:e8:f2:57:c0:8d:10:9d:ad:ca:75:30:db:95:c7:16:d9:
8f:73:d6:15:c9:9d:2f:13:9a:a2:84:bc:fa:1b:53:25:66:25:
f6:be:6c:03:d5:00:85:5a:42:8e:17:37:de:cb:6c:e0:df:5d:
a5:80:52:8f:f0:82:94:73:4c:0d:86:d6:f6:da:2a:a1:84:44:
4f:36:fd:27
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUBdDl0ALG9p7hwy2kZK+DyEXsIycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzVaFw0yNTEyMTkxNTIzMzVaMDMxMTAvBgNV
BAMTKDI0QjI5ODIzRDIxMjFERDI4QzA4MTMxMDdEOTQ1RUNFREZCODk4RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/xfbhAyK92bGb0Vd0hyR7xOmk
jf06qnPBYAQlbmvZ50QGWwf+JGTlhzAAHy2fyMhG/ltrp2clVbNvjvzO9RKXDpKM
c28CRZmHTAICoJCbbdujjtJ/cOvSJVguMwx4tVIfP/HijCidcdn5rwJ4UaUoFkGb
1xXEgnXJVF2gMSyFA6UWLw9ZeyhvkfSGvinbo27ufy/YQFs9Mhy70JRoUvsq6I9M
z0KC1qTA08HZLKoP3A0jcwiloDXq0AZdWQvS8aX4OlLTyhY0ODGijdhYKPxX9zz7
Mr67QRM5h00cnMK5jP7HFedNZ/qQCABqQdPkxYnKFiTiI8Y4O/vWW+O6NRgTAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUJLKYI9ISHdKMCBMQfZRezt+4mOEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMxMzQz
OTJlMzIzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMGVGDANBgkqhkiG9w0BAQsFAAOCAQEAmwTbf0Ngd5b42lhRjhK6wKnj
1GiSJ+EOisj178H14aNvbQGJ/YvCvM8UMNw7FoLE+i3aADpkQJsecQAcKLD02+6G
b+7NIoKGi34KXwSwA11wITW8qvMb653KVfyA49oT26dTfhHDZo5/gqUj/mxPbJyU
kx37cFFgy8lJzMNM26vtna/TzHS0drDwpdidfHznSQsYPDQF31JO8OB5h55tEyg9
QeovCnNUpawfPGT3S+jwB2I2qrno8lfAjRCdrcp1MNuVxxbZj3PWFcmdLxOaooS8
+htTJWYl9r5sA9UAhVpCjhc33sts4N9dpYBSj/CClHNMDYbW9toqoYRETzb9Jw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:04:25 2025 by rpki-client