Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e32322e3135342e302f32332d3332203d3e203536383736.roa
File: 3139332e32322e3135342e302f32332d3332203d3e203536383736.roa (raw, json)
Hash identifier: St2oX08nzVM4WwP8k9f5Y3eQqS4CDgoY6ALfVLr5qH0=
Subject key identifier: AD:07:96:A7:7D:82:AD:E4:2D:AB:A6:A2:19:70:0B:76:7A:68:41:D0
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 367036471311EC0F2D8F0A3CC54269E81D47DECA
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e32322e3135342e302f32332d3332203d3e203536383736.roa
Signing time: Fri 27 Dec 2024 11:47:36 +0000
ROA not before: Fri 27 Dec 2024 11:42:36 +0000
ROA not after: Fri 26 Dec 2025 11:47:36 +0000
asID: 56876
IP address blocks: 193.22.154.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:70:36:47:13:11:ec:0f:2d:8f:0a:3c:c5:42:69:e8:1d:47:de:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:36 2024 GMT
Not After : Dec 26 11:47:36 2025 GMT
Subject: CN=AD0796A77D82ADE42DABA6A219700B767A6841D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:27:50:90:c3:42:90:92:0f:2d:34:f7:61:44:
f1:bf:f9:fb:3f:ff:90:11:0c:37:62:5e:48:3c:e9:
a8:7a:d3:45:42:17:7e:19:15:8e:77:1d:ff:e5:b6:
ba:19:27:88:71:f9:2a:5a:a2:4e:c7:48:41:53:27:
02:3d:8f:18:87:0a:04:ec:f5:d9:9e:47:be:34:cc:
48:6e:74:99:80:c2:20:4b:84:15:a6:0c:d4:6b:b8:
57:86:f7:21:1d:59:54:73:0e:51:52:1a:87:d7:cf:
5e:ad:fb:80:0b:9d:c3:79:43:e4:40:1d:e0:4a:01:
05:d2:87:7c:a9:d4:fd:a7:96:9d:80:c5:94:6b:43:
ed:62:6e:7a:11:0b:11:c6:b6:6d:3a:c0:ea:f6:07:
30:02:33:97:8a:51:10:6e:6b:11:bc:a7:74:e0:ee:
2e:49:bf:9b:82:4f:89:04:c7:39:9e:db:66:f6:0d:
cf:5f:df:6b:b0:d5:93:97:20:59:8c:08:58:9d:3e:
83:2f:b3:02:f5:f7:b5:16:07:b3:19:f5:d2:8d:0d:
64:b3:a8:8c:39:d7:5e:83:1e:30:f6:fe:a9:b1:5e:
c3:2c:3f:b9:14:ec:af:f0:0e:4c:ee:c7:e8:10:0d:
c4:35:09:ea:43:67:a6:28:40:0b:e2:be:a8:aa:71:
b6:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:07:96:A7:7D:82:AD:E4:2D:AB:A6:A2:19:70:0B:76:7A:68:41:D0
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e32322e3135342e302f32332d3332203d3e203536383736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.154.0/23
Signature Algorithm: sha256WithRSAEncryption
08:db:08:1d:0b:d3:f0:77:b2:83:f1:f1:58:fc:0a:b2:3f:34:
fb:3a:8d:26:4d:a1:27:68:3e:3f:da:b4:29:6b:d8:7a:33:d9:
c2:90:67:61:5b:b8:f6:f1:39:bc:b2:8b:31:b6:d7:4a:97:f1:
fc:1b:57:27:20:9c:72:64:ce:86:4d:05:b2:b4:52:a6:58:72:
3e:d3:4d:a8:f8:6b:2a:6e:27:3c:a6:4b:73:7e:70:34:9a:29:
6f:3b:8a:df:e7:9b:f9:c2:7e:ae:ae:6d:7a:7a:6e:b2:33:a3:
4b:65:57:6d:ed:47:de:99:de:ac:7a:64:37:40:43:3e:7d:2d:
65:4d:bb:d3:e5:08:f6:25:38:ef:41:d8:05:2f:e2:77:21:e7:
89:d2:ae:14:3e:a9:89:6a:a7:73:02:87:b6:51:4f:46:39:f2:
27:9f:29:1c:a4:26:48:47:11:92:b1:77:29:00:ae:45:37:ff:
60:30:14:bc:53:10:15:58:ea:5f:8b:b7:97:5b:5b:6d:3d:4a:
20:25:45:f6:2f:15:a6:f0:15:66:ad:56:21:8d:3a:b7:bf:72:
40:8a:db:3c:17:a3:55:a6:c9:7c:a3:d6:c0:b3:a1:c7:99:11:
5f:e3:7a:dd:62:1f:2e:d0:b0:83:d7:68:d6:fe:0e:90:fb:ba:
bc:3f:c8:fc
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUNnA2RxMR7A8tjwo8xUJp6B1H3sowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzZaFw0yNTEyMjYxMTQ3MzZaMDMxMTAvBgNV
BAMTKEFEMDc5NkE3N0Q4MkFERTQyREFCQTZBMjE5NzAwQjc2N0E2ODQxRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXJ1CQw0KQkg8tNPdhRPG/+fs/
/5ARDDdiXkg86ah600VCF34ZFY53Hf/ltroZJ4hx+Spaok7HSEFTJwI9jxiHCgTs
9dmeR740zEhudJmAwiBLhBWmDNRruFeG9yEdWVRzDlFSGofXz16t+4ALncN5Q+RA
HeBKAQXSh3yp1P2nlp2AxZRrQ+1ibnoRCxHGtm06wOr2BzACM5eKURBuaxG8p3Tg
7i5Jv5uCT4kExzme22b2Dc9f32uw1ZOXIFmMCFidPoMvswL197UWB7MZ9dKNDWSz
qIw5116DHjD2/qmxXsMsP7kU7K/wDkzux+gQDcQ1CepDZ6YoQAvivqiqcbZ7AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUrQeWp32CreQtq6aiGXALdnpoQdAwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMyMzIy
ZTMxMzUzNDJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzYzODM3MzYucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHBFpowDQYJKoZIhvcNAQELBQADggEBAAjbCB0L0/B3soPx8Vj8CrI/NPs6
jSZNoSdoPj/atClr2Hoz2cKQZ2FbuPbxObyyizG210qX8fwbVycgnHJkzoZNBbK0
UqZYcj7TTaj4aypuJzymS3N+cDSaKW87it/nm/nCfq6ubXp6brIzo0tlV23tR96Z
3qx6ZDdAQz59LWVNu9PlCPYlOO9B2AUv4nch54nSrhQ+qYlqp3MCh7ZRT0Y58ief
KRykJkhHEZKxdykArkU3/2AwFLxTEBVY6l+Lt5dbW209SiAlRfYvFabwFWatViGN
Ore/ckCK2zwXo1WmyXyj1sCzoceZEV/jet1iHy7QsIPXaNb+DpD7urw/yPw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:51:23 2025 by rpki-client