Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39372e302f32342d3234203d3e20323034313730.roa
File: 3139332e34322e39372e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: dDlxMgz8muG0qA/44h0skMphXGx0xIN9jV+RA0/Xrcc=
Subject key identifier: EA:B1:F6:9B:51:0B:B1:AB:4A:2F:73:1A:19:02:78:92:36:72:5E:B6
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 41F4FAC53EE0A258CF31EEF69C45A6EE41F9F750
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39372e302f32342d3234203d3e20323034313730.roa
Signing time: Fri 27 Dec 2024 11:47:09 +0000
ROA not before: Fri 27 Dec 2024 11:42:09 +0000
ROA not after: Fri 26 Dec 2025 11:47:09 +0000
asID: 204170
IP address blocks: 193.42.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 02:18:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:f4:fa:c5:3e:e0:a2:58:cf:31:ee:f6:9c:45:a6:ee:41:f9:f7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:09 2024 GMT
Not After : Dec 26 11:47:09 2025 GMT
Subject: CN=EAB1F69B510BB1AB4A2F731A1902789236725EB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:62:bd:12:9b:d2:c4:6a:68:87:44:61:6e:f9:
a9:84:14:bb:e7:c5:d7:bb:fd:cb:64:ec:56:84:07:
23:59:ff:9f:59:00:b7:58:77:fc:16:16:46:8c:f7:
16:c0:14:7f:ac:74:86:42:6b:ba:8e:5f:0f:60:e1:
78:0b:68:3a:36:29:17:b2:d9:40:dd:24:9e:d0:8f:
4d:bc:fb:1c:92:56:78:a3:ba:a9:6b:7b:80:cf:1b:
e9:a1:05:1c:5c:41:df:d7:f6:c0:9a:d9:9e:f6:e2:
5f:95:9e:88:6a:8e:40:a0:aa:ee:53:e4:3b:49:11:
5f:4d:00:5d:fb:ae:60:5f:5e:0a:cf:d7:4e:bc:bc:
01:3d:9c:5f:5d:e5:b2:33:72:38:f3:79:4d:fe:5e:
ce:cf:48:35:6a:44:02:49:1f:c6:d0:da:cb:f5:d7:
f9:ef:fd:3d:9d:95:b2:46:f7:cb:ab:fb:10:57:3f:
2a:8c:7d:a3:a0:77:6e:cd:31:1e:c6:16:0d:16:e1:
44:79:b6:f4:05:2e:36:6c:e0:50:61:a5:c9:72:94:
23:5c:66:a2:d9:77:2b:e2:d4:57:c8:db:02:af:ed:
9c:95:02:f2:79:85:1e:3f:cd:c8:ee:20:99:30:02:
df:64:02:d7:d4:a9:7f:96:d4:07:28:d2:8d:99:2e:
a1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:B1:F6:9B:51:0B:B1:AB:4A:2F:73:1A:19:02:78:92:36:72:5E:B6
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34322e39372e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.97.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a0:0f:fd:82:b7:f6:25:44:13:44:e0:fc:fa:17:15:75:43:
5d:6e:b1:32:99:3f:2c:01:05:1a:2f:53:f2:4f:db:e6:6d:bf:
c8:c6:5f:ef:5b:18:90:34:f4:bb:46:05:bd:5d:ea:78:d0:32:
a5:bd:64:fb:89:a9:52:56:00:a6:84:ae:58:a9:4b:85:ec:38:
4a:7f:6f:bf:bf:d8:1d:7c:64:3c:8b:9c:19:d1:2a:19:25:5e:
bc:70:3b:55:ae:27:14:18:df:3a:f2:10:ff:41:5b:6b:dc:10:
1f:7b:53:70:cf:70:dc:bd:d6:fc:23:dc:e0:19:c9:5b:61:84:
81:35:e4:eb:9d:af:3c:e2:e2:29:a0:bc:80:ff:3a:42:37:a8:
5b:9d:b6:71:13:99:99:65:e0:ff:bd:53:ae:57:91:4b:07:97:
f6:21:9f:4f:3e:26:23:c7:4f:0f:0c:1c:e4:56:88:4b:8a:00:
9b:f7:76:b9:e4:56:39:8d:ce:7c:04:a3:ae:b1:47:0f:aa:20:
db:0b:9d:65:42:6a:a7:1d:fd:f2:83:68:b5:8c:77:f2:8d:5b:
82:da:69:b5:a0:44:00:8d:76:4d:c8:7f:01:05:f5:e8:2d:d0:
8c:9d:74:35:a6:2b:d1:49:64:88:4d:4e:80:89:e4:76:8d:59:
67:89:e7:7b
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUQfT6xT7goljPMe72nEWm7kH591AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMDlaFw0yNTEyMjYxMTQ3MDlaMDMxMTAvBgNV
BAMTKEVBQjFGNjlCNTEwQkIxQUI0QTJGNzMxQTE5MDI3ODkyMzY3MjVFQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIYr0Sm9LEamiHRGFu+amEFLvn
xde7/ctk7FaEByNZ/59ZALdYd/wWFkaM9xbAFH+sdIZCa7qOXw9g4XgLaDo2KRey
2UDdJJ7Qj028+xySVnijuqlre4DPG+mhBRxcQd/X9sCa2Z724l+VnohqjkCgqu5T
5DtJEV9NAF37rmBfXgrP1068vAE9nF9d5bIzcjjzeU3+Xs7PSDVqRAJJH8bQ2sv1
1/nv/T2dlbJG98ur+xBXPyqMfaOgd27NMR7GFg0W4UR5tvQFLjZs4FBhpclylCNc
ZqLZdyvi1FfI2wKv7ZyVAvJ5hR4/zcjuIJkwAt9kAtfUqX+W1Aco0o2ZLqHpAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU6rH2m1ELsatKL3MaGQJ4kjZyXrYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTM0MzIy
ZTM5MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADBKmEwDQYJKoZIhvcNAQELBQADggEBAHSgD/2Ct/YlRBNE4Pz6FxV1Q11u
sTKZPywBBRovU/JP2+Ztv8jGX+9bGJA09LtGBb1d6njQMqW9ZPuJqVJWAKaErlip
S4XsOEp/b7+/2B18ZDyLnBnRKhklXrxwO1WuJxQY3zryEP9BW2vcEB97U3DPcNy9
1vwj3OAZyVthhIE15Oudrzzi4imgvID/OkI3qFudtnETmZll4P+9U65XkUsHl/Yh
n08+JiPHTw8MHORWiEuKAJv3drnkVjmNznwEo66xRw+qINsLnWVCaqcd/fKDaLWM
d/KNW4LaabWgRACNdk3IfwEF9egt0IyddDWmK9FJZIhNToCJ5HaNWWeJ53s=
-----END CERTIFICATE-----
Generated at Wed Apr 9 11:33:16 2025 by rpki-client