Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e33322e3137322e302f32342d3234203d3e20323031333431.roa
File: 3139332e33322e3137322e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: IXVUQy9lNj2GEJTUOuO9H0FPvmYhPwfo8CrSa9yOyK8=
Subject key identifier: 5C:12:31:3C:5D:18:58:C0:56:54:B7:B1:F5:E7:04:3B:2A:86:CF:77
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4FEE08BE9BEDC9AD9B47B58CD43468CA55EE2A77
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e33322e3137322e302f32342d3234203d3e20323031333431.roa
Signing time: Fri 27 Dec 2024 11:47:23 +0000
ROA not before: Fri 27 Dec 2024 11:42:23 +0000
ROA not after: Fri 26 Dec 2025 11:47:23 +0000
asID: 201341
IP address blocks: 193.32.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:ee:08:be:9b:ed:c9:ad:9b:47:b5:8c:d4:34:68:ca:55:ee:2a:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:23 2024 GMT
Not After : Dec 26 11:47:23 2025 GMT
Subject: CN=5C12313C5D1858C05654B7B1F5E7043B2A86CF77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:89:1d:ff:63:79:c5:df:b1:55:76:3e:6a:89:
f3:e8:a8:41:cd:2b:15:d1:79:2a:77:a3:b9:41:42:
3b:8e:0d:c4:82:b6:04:92:5d:29:3c:b5:8e:1d:ae:
0c:1f:f0:ad:62:44:e5:0f:02:46:c1:58:0c:26:5d:
57:e4:2d:7c:a9:f9:4e:70:69:71:58:05:42:82:47:
0d:54:24:2a:d0:0c:60:13:ad:a0:0b:45:e8:82:e8:
3a:1f:0c:90:8a:15:93:18:dc:38:69:cf:f0:23:3d:
5b:42:e4:63:0b:b7:c8:6d:fe:5f:c2:19:c1:0d:88:
73:e2:dd:88:99:9c:32:08:94:ed:71:54:ab:80:6c:
41:e7:79:a8:fd:d9:d6:fb:fb:57:02:8f:00:69:61:
40:db:89:ce:4a:e4:33:8c:96:ba:29:ed:52:c9:ea:
5c:fb:39:27:86:6b:c3:53:29:8c:7d:fe:11:01:d6:
f0:89:ee:d8:7a:04:b8:8a:0e:23:5b:f5:11:8e:71:
53:0a:02:a1:3d:04:41:26:94:7f:60:8b:83:43:39:
f4:2a:67:69:d1:9a:f4:d4:ec:fb:b9:0c:9b:39:48:
c9:30:f0:cc:08:b9:1d:be:e1:01:d9:96:02:33:2a:
21:85:76:78:e9:d7:ff:ca:6c:f3:9d:4e:fa:ad:cb:
6d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:12:31:3C:5D:18:58:C0:56:54:B7:B1:F5:E7:04:3B:2A:86:CF:77
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e33322e3137322e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.172.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:97:e4:bd:59:63:8a:fa:c0:73:5f:ab:51:f2:f9:af:a0:0a:
cd:96:7e:94:df:88:4d:7b:eb:ae:a3:5b:48:97:b4:19:d4:f3:
90:8b:fb:42:40:35:a1:db:aa:e0:8e:14:da:a1:b5:48:de:64:
e1:9d:0e:56:fd:1e:f4:3f:72:60:b1:34:df:2f:2b:18:f4:e3:
63:4f:bf:db:4f:bd:1b:69:e1:f9:be:f8:3f:ec:7c:d5:3f:42:
48:63:2b:f7:56:c1:41:a2:d4:af:b4:75:2b:bc:ba:df:91:4b:
57:a0:9d:6c:49:5b:a9:38:64:27:4d:be:68:cb:1b:32:4e:7a:
75:a9:5d:5b:d1:c9:ff:41:6b:b2:9f:6d:12:d2:44:19:26:ff:
c7:52:3b:99:dc:36:1f:a3:14:99:cd:78:24:43:54:07:62:64:
9b:c5:50:37:bb:e6:34:5e:fa:aa:8d:b0:e9:8a:d1:73:2f:55:
09:93:ed:46:69:76:9a:37:fd:e6:33:5b:f8:77:05:bf:49:7a:
dd:da:db:c5:62:2a:31:09:46:23:de:c9:cb:bc:cf:fe:23:7e:
03:f1:2f:77:39:ac:e3:b3:23:f4:87:79:fa:fc:94:5d:d5:5c:
68:f6:b6:b7:f1:b4:c2:6a:d1:57:32:22:4a:60:bc:5d:e4:13:
47:ce:c1:49
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUT+4Ivpvtya2bR7WM1DRoylXuKncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjNaFw0yNTEyMjYxMTQ3MjNaMDMxMTAvBgNV
BAMTKDVDMTIzMTNDNUQxODU4QzA1NjU0QjdCMUY1RTcwNDNCMkE4NkNGNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAiR3/Y3nF37FVdj5qifPoqEHN
KxXReSp3o7lBQjuODcSCtgSSXSk8tY4drgwf8K1iROUPAkbBWAwmXVfkLXyp+U5w
aXFYBUKCRw1UJCrQDGATraALReiC6DofDJCKFZMY3Dhpz/AjPVtC5GMLt8ht/l/C
GcENiHPi3YiZnDIIlO1xVKuAbEHneaj92db7+1cCjwBpYUDbic5K5DOMlrop7VLJ
6lz7OSeGa8NTKYx9/hEB1vCJ7th6BLiKDiNb9RGOcVMKAqE9BEEmlH9gi4NDOfQq
Z2nRmvTU7Pu5DJs5SMkw8MwIuR2+4QHZlgIzKiGFdnjp1//KbPOdTvqty23PAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUXBIxPF0YWMBWVLex9ecEOyqGz3cwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMzMzIy
ZTMxMzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMEgrDANBgkqhkiG9w0BAQsFAAOCAQEAxZfkvVljivrAc1+rUfL5r6AK
zZZ+lN+ITXvrrqNbSJe0GdTzkIv7QkA1oduq4I4U2qG1SN5k4Z0OVv0e9D9yYLE0
3y8rGPTjY0+/20+9G2nh+b74P+x81T9CSGMr91bBQaLUr7R1K7y635FLV6CdbElb
qThkJ02+aMsbMk56daldW9HJ/0Frsp9tEtJEGSb/x1I7mdw2H6MUmc14JENUB2Jk
m8VQN7vmNF76qo2w6YrRcy9VCZPtRml2mjf95jNb+HcFv0l63drbxWIqMQlGI97J
y7zP/iN+A/Evdzms47Mj9Id5+vyUXdVcaPa2t/G0wmrRVzIiSmC8XeQTR87BSQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:28:16 2025 by rpki-client