Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3131332e36372e302f32342d3332203d3e203531313637.roa
File: 3139342e3131332e36372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: mRZJrtwaqtGZFjUcgjfY0St7AYQKnPiqNypvg/BBhD0=
Subject key identifier: 0D:CB:D0:08:13:FD:F9:A5:43:44:A7:D1:B6:53:9A:38:21:EC:4B:3E
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 35582F7273763FD6D55758C712EC4EE4CF6606FA
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3131332e36372e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:38 +0000
ROA not before: Fri 27 Dec 2024 11:42:38 +0000
ROA not after: Fri 26 Dec 2025 11:47:38 +0000
asID: 51167
IP address blocks: 194.113.67.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:58:2f:72:73:76:3f:d6:d5:57:58:c7:12:ec:4e:e4:cf:66:06:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:38 2024 GMT
Not After : Dec 26 11:47:38 2025 GMT
Subject: CN=0DCBD00813FDF9A54344A7D1B6539A3821EC4B3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:00:fa:2d:69:96:c0:de:a4:ee:33:69:70:86:
60:c9:fc:e0:ac:54:2e:e6:37:26:86:24:17:36:71:
f0:30:ce:a7:67:cb:54:79:f1:ea:53:3c:bb:26:3b:
18:55:a6:53:f8:d8:04:94:b0:eb:ad:01:61:cd:a6:
51:60:83:96:d3:c8:20:c5:48:d7:45:4e:00:4e:63:
e8:3e:6f:2d:12:fb:9e:ad:a0:e5:b0:fc:b1:4e:d5:
cb:19:07:ee:59:81:24:45:78:e3:93:51:20:6f:18:
e2:a4:de:20:fe:54:5b:e2:69:b2:5a:ec:d8:1e:ca:
2f:f3:fc:15:fc:a2:29:fe:50:0f:93:7b:0e:ff:dd:
d7:c5:42:63:a6:58:7b:07:97:08:22:dd:06:f9:1a:
d2:ca:07:08:17:c0:73:54:a1:a3:9e:a3:ba:87:d1:
93:64:fa:11:b4:6b:57:0f:a8:74:c2:89:71:ff:4f:
c7:69:87:fa:e7:aa:7c:9c:7c:a7:41:e4:d9:f5:d4:
eb:a5:dc:85:fd:5f:14:84:aa:c7:35:4d:68:c9:6e:
01:15:7c:a9:f3:fb:89:d9:4b:bc:cc:ff:ce:8b:68:
5e:31:b6:e8:01:52:f2:b8:10:ba:5b:20:a4:5d:51:
6f:92:f3:d3:97:44:e1:15:26:73:af:78:75:12:b8:
87:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CB:D0:08:13:FD:F9:A5:43:44:A7:D1:B6:53:9A:38:21:EC:4B:3E
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3131332e36372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.67.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c2:f1:90:11:cd:e9:40:b0:c7:da:23:99:26:94:81:33:3d:
dc:72:d7:a2:ba:77:66:40:5f:3d:7f:61:a7:47:dc:b7:7e:ba:
e5:d1:b0:64:41:e6:c3:88:9f:ed:6a:84:32:12:3b:62:22:45:
26:f2:6c:26:06:98:36:7f:ad:cf:2f:9b:47:51:79:2d:e8:fb:
22:73:cf:f7:73:40:3a:fa:71:d7:42:cf:dc:36:63:cf:72:a0:
ae:64:0d:96:b7:94:ab:1a:35:db:67:35:b3:d3:b1:44:af:f8:
25:29:2f:af:01:01:97:76:05:92:aa:9d:c5:f5:e8:23:75:05:
92:59:e8:25:86:ef:61:5f:bc:00:ec:2c:fd:2e:46:c1:89:11:
b2:ae:3c:0c:f6:76:06:c2:87:6d:7b:ef:e1:b5:9c:67:96:c9:
19:a9:bf:d2:66:cb:c9:7e:5d:c5:56:c0:b3:27:da:a7:33:90:
33:f7:66:7b:8b:8d:59:bb:ff:80:73:8b:9a:df:49:9a:fa:9f:
df:d5:1d:d4:f2:19:6d:31:6e:c0:c1:5f:4f:11:a0:9e:0c:ec:
74:ea:99:ba:9a:d0:c3:54:a1:eb:eb:de:f6:6d:fd:34:b8:f7:
d1:0b:8a:4a:13:e5:d4:42:11:a2:af:16:be:72:b7:f5:b4:a2:
40:9c:06:e4
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUNVgvcnN2P9bVV1jHEuxO5M9mBvowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzhaFw0yNTEyMjYxMTQ3MzhaMDMxMTAvBgNV
BAMTKDBEQ0JEMDA4MTNGREY5QTU0MzQ0QTdEMUI2NTM5QTM4MjFFQzRCM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqAPotaZbA3qTuM2lwhmDJ/OCs
VC7mNyaGJBc2cfAwzqdny1R58epTPLsmOxhVplP42ASUsOutAWHNplFgg5bTyCDF
SNdFTgBOY+g+by0S+56toOWw/LFO1csZB+5ZgSRFeOOTUSBvGOKk3iD+VFviabJa
7Ngeyi/z/BX8oin+UA+Tew7/3dfFQmOmWHsHlwgi3Qb5GtLKBwgXwHNUoaOeo7qH
0ZNk+hG0a1cPqHTCiXH/T8dph/rnqnycfKdB5Nn11Oul3IX9XxSEqsc1TWjJbgEV
fKnz+4nZS7zM/86LaF4xtugBUvK4ELpbIKRdUW+S89OXROEVJnOveHUSuIcxAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUDcvQCBP9+aVDRKfRtlOaOCHsSz4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMxMzEz
MzJlMzYzNzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADCcUMwDQYJKoZIhvcNAQELBQADggEBAIHC8ZARzelAsMfaI5kmlIEzPdxy
16K6d2ZAXz1/YadH3Ld+uuXRsGRB5sOIn+1qhDISO2IiRSbybCYGmDZ/rc8vm0dR
eS3o+yJzz/dzQDr6cddCz9w2Y89yoK5kDZa3lKsaNdtnNbPTsUSv+CUpL68BAZd2
BZKqncX16CN1BZJZ6CWG72FfvADsLP0uRsGJEbKuPAz2dgbCh2177+G1nGeWyRmp
v9Jmy8l+XcVWwLMn2qczkDP3ZnuLjVm7/4Bzi5rfSZr6n9/VHdTyGW0xbsDBX08R
oJ4M7HTqmbqa0MNUoevr3vZt/TS499ELikoT5dRCEaKvFr5yt/W0okCcBuQ=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:09:14 2025 by rpki-client