Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34362e3234332e302f32342d3332203d3e203531313637.roa
File: 3139332e34362e3234332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: aDmr8kzjqrKhd4EXRZgR0WVq/h4WZuN1mMkccxXCGdQ=
Subject key identifier: BE:7D:74:45:DC:89:40:2B:27:8B:B4:72:16:13:08:5A:7B:2C:19:2A
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 77A894E0901C8406D792F31439226E7C247E169B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34362e3234332e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Dec 2024 15:23:36 +0000
ROA not before: Fri 20 Dec 2024 15:18:36 +0000
ROA not after: Fri 19 Dec 2025 15:23:36 +0000
asID: 51167
IP address blocks: 193.46.243.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a8:94:e0:90:1c:84:06:d7:92:f3:14:39:22:6e:7c:24:7e:16:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:36 2024 GMT
Not After : Dec 19 15:23:36 2025 GMT
Subject: CN=BE7D7445DC89402B278BB4721613085A7B2C192A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:20:d1:f5:27:68:bb:0a:49:12:f9:0d:a7:7a:
bc:49:f5:ac:46:e9:aa:a4:62:69:0c:5a:a0:49:d8:
57:d1:e4:3a:25:67:08:61:fe:75:68:47:ee:5a:f0:
1b:c0:87:75:7d:82:31:bc:d2:bd:ed:3d:13:9f:38:
7a:9b:1c:28:d7:99:bd:9c:a1:bf:8d:f6:4a:28:dc:
95:cc:eb:75:d6:61:8b:c1:8c:94:2e:f6:c3:1f:45:
f1:78:1a:16:41:2e:ae:b3:7d:7f:11:8a:5f:94:31:
33:02:5f:d5:bc:db:b5:78:79:20:e1:24:80:a7:a6:
01:80:68:49:b8:46:ff:74:e9:7a:5a:d4:a4:b2:bc:
f1:b5:3f:e3:de:8a:b1:0c:66:83:aa:74:75:b7:c7:
a4:97:f7:f8:0b:dc:25:b9:23:22:16:bd:92:52:10:
2e:b9:b7:18:22:5c:cf:6a:e3:dd:34:a0:0d:d2:9a:
fe:74:bc:ce:e4:86:c1:6e:75:07:49:3e:69:b0:bf:
d2:42:04:e0:c5:19:e6:41:36:6d:0f:99:49:eb:d5:
8a:b5:4f:03:3d:e1:aa:45:28:01:6d:d7:6d:ce:b0:
aa:d7:7e:35:e2:fe:c0:95:73:d5:bf:4f:9f:53:a1:
42:81:15:16:5a:92:7a:f0:f5:80:73:82:22:35:aa:
e3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7D:74:45:DC:89:40:2B:27:8B:B4:72:16:13:08:5A:7B:2C:19:2A
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139332e34362e3234332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:60:6c:b8:25:e1:b9:d3:7f:ef:50:ab:8d:de:d8:af:ee:3b:
0a:40:12:dd:05:28:aa:d8:bb:08:05:48:eb:0b:08:be:e7:22:
f3:20:43:cc:52:ed:46:38:35:96:1c:b4:0c:ef:a1:b2:7d:31:
14:b6:f9:38:81:9c:f9:43:96:5a:86:9d:ab:77:11:8c:70:04:
d4:8b:cb:da:45:cd:a7:cb:54:00:5b:ec:33:d3:bc:05:08:d7:
18:78:e9:14:8f:80:a4:16:16:ca:ea:80:e1:e1:02:1d:7b:a6:
19:e8:d2:2a:e9:b3:09:95:cf:54:31:dd:4f:d9:f9:17:e0:6a:
eb:fb:b8:66:8a:14:f4:8c:70:3e:e9:07:95:2e:cc:59:53:25:
26:6b:d8:23:45:cc:ff:09:0c:8b:e5:ae:d0:be:c3:eb:7b:02:
b4:2a:eb:01:f9:e9:d1:66:fb:4d:d1:0d:74:5e:73:62:45:64:
fb:99:3c:6d:70:db:ea:18:e3:c6:89:07:3b:6a:c6:16:ef:3b:
f5:54:59:ea:7d:e8:7f:05:7c:0f:33:12:4b:20:2b:52:67:8b:
8d:a4:78:ad:ca:e3:16:fe:6d:7e:89:29:89:c1:29:39:12:d2:
c3:58:6a:6a:70:48:d7:05:a4:06:77:de:c6:79:4e:ad:29:ad:
7c:6e:8b:24
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUd6iU4JAchAbXkvMUOSJufCR+FpswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzZaFw0yNTEyMTkxNTIzMzZaMDMxMTAvBgNV
BAMTKEJFN0Q3NDQ1REM4OTQwMkIyNzhCQjQ3MjE2MTMwODVBN0IyQzE5MkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeINH1J2i7CkkS+Q2nerxJ9axG
6aqkYmkMWqBJ2FfR5DolZwhh/nVoR+5a8BvAh3V9gjG80r3tPROfOHqbHCjXmb2c
ob+N9koo3JXM63XWYYvBjJQu9sMfRfF4GhZBLq6zfX8Ril+UMTMCX9W827V4eSDh
JICnpgGAaEm4Rv906Xpa1KSyvPG1P+PeirEMZoOqdHW3x6SX9/gL3CW5IyIWvZJS
EC65txgiXM9q4900oA3Smv50vM7khsFudQdJPmmwv9JCBODFGeZBNm0PmUnr1Yq1
TwM94apFKAFt123OsKrXfjXi/sCVc9W/T59ToUKBFRZaknrw9YBzgiI1quNXAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUvn10RdyJQCsni7RyFhMIWnssGSowHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzMyZTM0MzYy
ZTMyMzQzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADBLvMwDQYJKoZIhvcNAQELBQADggEBACtgbLgl4bnTf+9Qq43e2K/uOwpA
Et0FKKrYuwgFSOsLCL7nIvMgQ8xS7UY4NZYctAzvobJ9MRS2+TiBnPlDllqGnat3
EYxwBNSLy9pFzafLVABb7DPTvAUI1xh46RSPgKQWFsrqgOHhAh17phno0irpswmV
z1Qx3U/Z+Rfgauv7uGaKFPSMcD7pB5UuzFlTJSZr2CNFzP8JDIvlrtC+w+t7ArQq
6wH56dFm+03RDXRec2JFZPuZPG1w2+oY48aJBztqxhbvO/VUWep96H8FfA8zEksg
K1Jni42keK3K4xb+bX6JKYnBKTkS0sNYampwSNcFpAZ33sZ5Tq0prXxuiyQ=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:19:45 2025 by rpki-client