Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e33322e3137332e302f32342d3234203d3e20323031333431.roa
File: 3139332e33322e3137332e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: TQxjSP1Wn8L3X1hCbNNHvp0SKI2cFCFhT6xz0dQ07qo=
Subject key identifier: C2:09:28:BC:65:07:48:77:8D:07:AE:CF:CF:49:BD:C4:86:9B:C7:DB
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7D4B70BF9A4C4342C1AA97FE9A839455988719E4
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e33322e3137332e302f32342d3234203d3e20323031333431.roa
Signing time: Fri 27 Dec 2024 11:47:48 +0000
ROA not before: Fri 27 Dec 2024 11:42:48 +0000
ROA not after: Fri 26 Dec 2025 11:47:48 +0000
asID: 201341
IP address blocks: 193.32.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:4b:70:bf:9a:4c:43:42:c1:aa:97:fe:9a:83:94:55:98:87:19:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:48 2024 GMT
Not After : Dec 26 11:47:48 2025 GMT
Subject: CN=C20928BC650748778D07AECFCF49BDC4869BC7DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:19:34:7d:de:ac:36:8e:2e:4e:41:7f:cb:56:
b7:cb:28:60:5c:ae:dc:0c:31:37:a0:8e:b4:d0:f2:
21:cb:68:82:08:fd:38:1a:c4:4d:6f:3a:ec:be:e9:
cf:ea:d5:8c:7f:9f:07:e8:67:36:c2:16:5f:90:52:
c0:93:1a:78:d0:9c:dd:ad:c2:cd:79:5e:85:86:71:
f2:3d:07:e4:04:9f:cb:34:80:48:40:13:0d:5e:d1:
4b:b8:3e:92:93:38:9a:9e:05:df:f5:6e:14:2a:cf:
ae:cc:4b:8c:88:0b:80:44:dd:b7:fd:f4:ee:69:9d:
e5:fd:21:12:74:90:36:d3:84:9b:a4:bd:e5:0b:a6:
2e:88:e8:01:7c:fa:4f:56:bb:54:f0:77:4a:68:39:
a6:54:3d:5c:6e:8c:63:dd:32:f3:37:87:35:95:58:
49:e8:6e:df:1d:ba:60:5d:98:cb:d2:f2:65:2e:b8:
4c:80:dc:8c:29:4e:58:41:3e:0f:2a:b3:ae:7d:6c:
1b:c0:72:ac:f9:7d:90:8c:96:81:07:2b:39:fa:22:
08:67:91:e6:66:e8:4b:6b:13:67:05:bf:5e:64:e5:
0d:90:d5:b4:8f:b6:db:0e:73:5a:5b:cb:1a:4e:f6:
bd:e9:48:f2:85:c5:10:1d:7e:33:c6:12:66:5e:ab:
c0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:09:28:BC:65:07:48:77:8D:07:AE:CF:CF:49:BD:C4:86:9B:C7:DB
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e33322e3137332e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.173.0/24
Signature Algorithm: sha256WithRSAEncryption
31:d2:6c:df:bc:dd:27:6f:10:47:28:e5:80:1e:c9:2d:69:d4:
8e:d1:a3:3a:3c:4e:e5:0f:cf:16:8f:02:df:b1:ee:26:d8:c8:
d1:6f:30:f8:d4:96:2d:11:71:8f:be:38:6a:ef:08:e1:65:19:
bc:38:a5:5c:bc:af:60:c1:75:c8:58:64:6b:82:3c:80:2c:8d:
0b:9a:2b:80:6c:09:0d:98:df:bc:5c:81:9e:fa:81:c6:09:e4:
03:97:43:70:8e:bd:ee:b3:17:de:d1:46:b0:9d:bb:7c:03:6d:
44:c2:a3:bf:08:7e:23:dd:16:59:82:79:7b:7e:82:e1:6e:62:
33:67:0f:b2:2d:9d:dc:bc:5e:c5:2c:42:48:da:d0:42:c1:b0:
fb:27:0d:59:bc:16:56:06:7b:54:07:19:57:db:54:1e:6f:80:
ac:a3:9f:0a:37:62:15:59:d7:3b:3e:75:15:ac:c9:b8:33:47:
44:a9:4c:7d:9f:35:2b:bf:f7:67:46:05:d1:c1:2d:61:57:ea:
17:8f:24:36:3e:3c:53:8e:aa:20:ba:52:7e:a4:e5:81:5e:58:
b1:27:5b:73:56:03:5d:9a:e8:ad:00:18:df:b2:22:01:3f:78:
2b:78:16:4a:03:91:10:0d:5a:73:0b:ff:ba:11:f8:a3:0d:57:
8e:56:5f:ca
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfUtwv5pMQ0LBqpf+moOUVZiHGeQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyNDhaFw0yNTEyMjYxMTQ3NDhaMDMxMTAvBgNV
BAMTKEMyMDkyOEJDNjUwNzQ4Nzc4RDA3QUVDRkNGNDlCREM0ODY5QkM3REIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqGTR93qw2ji5OQX/LVrfLKGBc
rtwMMTegjrTQ8iHLaIII/TgaxE1vOuy+6c/q1Yx/nwfoZzbCFl+QUsCTGnjQnN2t
ws15XoWGcfI9B+QEn8s0gEhAEw1e0Uu4PpKTOJqeBd/1bhQqz67MS4yIC4BE3bf9
9O5pneX9IRJ0kDbThJukveULpi6I6AF8+k9Wu1Twd0poOaZUPVxujGPdMvM3hzWV
WEnobt8dumBdmMvS8mUuuEyA3IwpTlhBPg8qs659bBvAcqz5fZCMloEHKzn6Ighn
keZm6EtrE2cFv15k5Q2Q1bSPttsOc1pbyxpO9r3pSPKFxRAdfjPGEmZeq8A3AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUwgkovGUHSHeNB67Pz0m9xIabx9swHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTMzMzIy
ZTMxMzczMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMEgrTANBgkqhkiG9w0BAQsFAAOCAQEAMdJs37zdJ28QRyjlgB7JLWnU
jtGjOjxO5Q/PFo8C37HuJtjI0W8w+NSWLRFxj744au8I4WUZvDilXLyvYMF1yFhk
a4I8gCyNC5orgGwJDZjfvFyBnvqBxgnkA5dDcI697rMX3tFGsJ27fANtRMKjvwh+
I90WWYJ5e36C4W5iM2cPsi2d3LxexSxCSNrQQsGw+ycNWbwWVgZ7VAcZV9tUHm+A
rKOfCjdiFVnXOz51FazJuDNHRKlMfZ81K7/3Z0YF0cEtYVfqF48kNj48U46qILpS
fqTlgV5YsSdbc1YDXZrorQAY37IiAT94K3gWSgOREA1acwv/uhH4ow1XjlZfyg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:38:47 2025 by rpki-client