Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3138372e3132392e302f32342d3332203d3e203531313637.roa
File: 3139332e3138372e3132392e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: zhyUMEO3H9DCT3vdMremKbGM5qLcwoEvD1Od/yNIdSo=
Subject key identifier: 21:D7:1A:2E:D4:37:96:31:3A:11:47:EE:30:D7:19:DB:40:8C:1C:50
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2549CDAE3BEAD02949880BD6E08F3AE6710ACEBA
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3138372e3132392e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:09 +0000
ROA not before: Fri 27 Dec 2024 11:42:09 +0000
ROA not after: Fri 26 Dec 2025 11:47:09 +0000
asID: 51167
IP address blocks: 193.187.129.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:49:cd:ae:3b:ea:d0:29:49:88:0b:d6:e0:8f:3a:e6:71:0a:ce:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:09 2024 GMT
Not After : Dec 26 11:47:09 2025 GMT
Subject: CN=21D71A2ED43796313A1147EE30D719DB408C1C50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:53:23:ca:10:db:29:d9:ef:30:ba:24:b4:d6:
86:5b:78:c8:79:91:97:f1:40:40:63:28:2b:c3:b0:
ae:a3:96:90:e3:27:28:e5:a2:c4:11:a1:57:f1:ef:
d5:00:35:a7:6b:c4:aa:99:68:bf:c7:95:4f:0d:0a:
a6:24:5f:64:ac:22:e7:69:98:9e:df:3a:f3:67:08:
bd:85:f2:d3:2e:11:77:ad:cd:50:d2:f8:c6:17:fb:
6d:21:fa:ae:9b:91:a8:0c:78:48:66:7e:18:fe:8f:
6e:42:19:c6:5f:fa:a5:9c:7a:44:37:42:40:6d:4a:
71:38:6d:1c:c4:f1:08:8d:b9:ef:88:20:ac:cf:b4:
26:e9:7d:7f:fa:0a:3a:3e:b1:9a:a7:c1:1a:d2:5e:
d0:3e:ac:40:a9:66:96:3a:b8:b9:a5:d1:05:a3:a5:
21:9b:5f:3c:be:1a:ed:eb:1f:2b:40:f4:2f:20:fe:
3c:6b:99:93:cf:f1:47:6c:5a:72:f1:c7:68:4c:90:
6c:4f:a0:9a:21:b6:8c:ce:fa:5b:e6:59:df:87:ad:
ea:bd:83:44:ef:59:97:95:eb:17:d3:63:7b:06:8f:
8b:c8:12:58:1f:86:4d:73:24:ea:3f:30:66:ea:50:
16:e0:65:44:95:f9:94:58:4b:4a:84:9e:78:22:f6:
e5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D7:1A:2E:D4:37:96:31:3A:11:47:EE:30:D7:19:DB:40:8C:1C:50
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e3138372e3132392e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.129.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:4a:59:fb:02:c5:d1:e1:76:86:21:73:77:65:96:46:43:40:
d4:2f:75:10:c2:f3:41:a2:f4:b3:15:54:7b:7b:dc:da:01:8a:
f4:fa:23:ba:c7:31:dd:d6:bc:bb:56:ea:ca:04:f5:c3:d4:8a:
36:79:d6:41:1d:98:70:48:09:0b:18:9c:4f:bb:56:3a:a4:39:
6f:4b:98:91:2a:20:37:31:31:c8:54:f7:ba:b5:39:c4:9e:d2:
f5:e7:e4:db:fb:f6:3f:bf:ad:95:95:4a:84:97:ee:79:ed:e8:
31:b5:aa:01:c5:29:a7:d9:96:e7:aa:70:d8:d6:94:d1:c2:ee:
6a:b6:78:b6:74:f5:92:c1:cc:7d:26:41:29:8f:be:d2:f8:0d:
75:9f:79:38:78:a7:2f:de:87:6f:fd:a3:1d:a0:b2:48:cd:a0:
9d:65:b0:07:de:ac:b9:b5:92:8f:8f:56:11:ca:da:46:37:a0:
15:20:60:33:f5:9d:72:2e:fb:97:7a:13:ea:bd:7e:ba:4a:23:
d2:12:3b:02:e3:41:bf:96:55:c8:a1:0a:c2:1f:93:ea:57:75:
95:01:2e:94:32:5a:d8:ef:eb:73:aa:7d:14:51:a7:02:7e:05:
ec:e7:e9:7d:f4:b3:07:a2:f1:c9:74:a4:d8:b2:71:84:f7:ed:
a3:38:e6:e6
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUJUnNrjvq0ClJiAvW4I865nEKzrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMDlaFw0yNTEyMjYxMTQ3MDlaMDMxMTAvBgNV
BAMTKDIxRDcxQTJFRDQzNzk2MzEzQTExNDdFRTMwRDcxOURCNDA4QzFDNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaUyPKENsp2e8wuiS01oZbeMh5
kZfxQEBjKCvDsK6jlpDjJyjlosQRoVfx79UANadrxKqZaL/HlU8NCqYkX2SsIudp
mJ7fOvNnCL2F8tMuEXetzVDS+MYX+20h+q6bkagMeEhmfhj+j25CGcZf+qWcekQ3
QkBtSnE4bRzE8QiNue+IIKzPtCbpfX/6Cjo+sZqnwRrSXtA+rECpZpY6uLml0QWj
pSGbXzy+Gu3rHytA9C8g/jxrmZPP8UdsWnLxx2hMkGxPoJohtozO+lvmWd+Hreq9
g0TvWZeV6xfTY3sGj4vIElgfhk1zJOo/MGbqUBbgZUSV+ZRYS0qEnngi9uXFAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUIdcaLtQ3ljE6EUfuMNcZ20CMHFAwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMxMzgz
NzJlMzEzMjM5MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMG7gTANBgkqhkiG9w0BAQsFAAOCAQEAWkpZ+wLF0eF2hiFzd2WWRkNA
1C91EMLzQaL0sxVUe3vc2gGK9Pojuscx3da8u1bqygT1w9SKNnnWQR2YcEgJCxic
T7tWOqQ5b0uYkSogNzExyFT3urU5xJ7S9efk2/v2P7+tlZVKhJfuee3oMbWqAcUp
p9mW56pw2NaU0cLuarZ4tnT1ksHMfSZBKY++0vgNdZ95OHinL96Hb/2jHaCySM2g
nWWwB96subWSj49WEcraRjegFSBgM/Wdci77l3oT6r1+ukoj0hI7AuNBv5ZVyKEK
wh+T6ld1lQEulDJa2O/rc6p9FFGnAn4F7OfpffSzB6LxyXSk2LJxhPftozjm5g==
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:09:14 2025 by rpki-client