Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3134372e35382e302f32342d3332203d3e203531313637.roa
File: 3139342e3134372e35382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: Orxjw/lRehuaqhKrSaiFcB0z+I98y6v5wEwPuUx5UAY=
Subject key identifier: BA:FF:79:3B:EC:FE:5C:DE:A6:F3:40:15:31:73:D2:86:E0:0D:8E:59
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0129828A470D751A92B7FC35A4F663B155BE999B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3134372e35382e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:14 +0000
ROA not before: Fri 27 Dec 2024 11:42:14 +0000
ROA not after: Fri 26 Dec 2025 11:47:14 +0000
asID: 51167
IP address blocks: 194.147.58.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:29:82:8a:47:0d:75:1a:92:b7:fc:35:a4:f6:63:b1:55:be:99:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:14 2024 GMT
Not After : Dec 26 11:47:14 2025 GMT
Subject: CN=BAFF793BECFE5CDEA6F340153173D286E00D8E59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:72:11:5b:cb:f0:01:57:df:18:e1:bc:ad:0f:
f0:e4:ab:6e:b9:0b:17:e8:8d:3f:83:7c:49:c7:f3:
29:ed:c1:fa:cd:1b:60:f3:ac:b3:4f:92:59:0a:74:
9f:e9:54:29:28:b1:d5:01:03:5b:06:49:0d:0b:7a:
92:8c:80:0f:56:a2:75:65:23:73:73:40:15:da:51:
32:35:4a:b5:b7:ba:9f:93:44:42:36:ed:e3:55:99:
61:39:1c:02:44:4e:9e:f1:3a:d4:40:e2:e4:9e:eb:
25:7a:c4:61:70:2a:5a:41:65:a1:0b:bb:d7:d9:13:
ea:7a:30:a3:e7:aa:a7:25:98:39:82:75:61:68:6c:
f0:5e:1e:fd:57:7c:6a:60:c0:9a:26:32:4f:da:fb:
01:b7:98:14:9e:d6:30:0e:bc:a6:fd:e2:a9:d8:d4:
de:78:08:46:9f:a4:3d:be:30:9e:4b:2e:52:4b:ee:
ea:22:74:12:91:05:e2:49:ec:0c:77:9e:91:9d:31:
ac:fc:23:cb:23:c2:71:73:f5:cf:73:9c:6e:86:25:
e7:22:92:e9:c2:aa:01:7e:d8:74:41:95:fb:6a:1f:
f5:7e:28:7f:5a:ed:7e:ea:16:b1:ac:18:21:6e:1f:
74:84:b8:f1:1c:13:4d:a4:4b:0d:a2:e4:e1:56:fb:
4f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:FF:79:3B:EC:FE:5C:DE:A6:F3:40:15:31:73:D2:86:E0:0D:8E:59
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3134372e35382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.58.0/24
Signature Algorithm: sha256WithRSAEncryption
04:79:46:3b:56:a0:f2:9d:e8:50:e2:ac:40:f2:62:fd:a7:ba:
85:17:f3:0a:82:51:5c:a9:cc:d3:fe:74:09:ac:63:13:60:db:
86:9a:08:e8:d7:78:06:98:fd:a9:ec:ec:42:24:24:a7:4c:43:
8e:9c:46:c0:60:19:11:32:5e:46:c0:22:0e:d7:c3:00:83:4d:
a8:cc:a6:2f:0e:84:cf:68:38:a4:e9:05:ca:f5:5b:71:73:36:
aa:3c:d2:ae:a8:2a:af:e4:fb:42:d0:1c:44:42:ab:1c:76:0b:
ce:db:b2:93:7b:bc:c2:22:1d:30:10:dd:39:2a:a5:0e:6f:35:
1f:9a:5d:60:2b:ea:96:ea:d3:4d:7d:d2:1f:a3:9f:30:32:67:
47:e6:97:61:86:7f:15:09:29:22:58:7c:6a:cd:e1:d5:99:aa:
db:37:a4:36:26:72:1f:7c:40:52:e8:d2:cc:2f:9c:d2:21:09:
58:c0:4a:ed:86:77:a3:87:14:6e:6d:4b:b0:73:e1:9d:1d:cf:
d0:e7:40:65:72:b6:1e:29:a6:f8:2a:93:e1:69:72:c8:57:31:
5b:d1:d2:3d:12:60:b9:24:fe:0d:3e:78:f4:88:31:f7:a6:68:
8c:bb:00:a0:68:32:56:89:f8:f5:b9:b7:14:3a:b7:91:6e:7a:
36:b5:e0:2f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUASmCikcNdRqSt/w1pPZjsVW+mZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTRaFw0yNTEyMjYxMTQ3MTRaMDMxMTAvBgNV
BAMTKEJBRkY3OTNCRUNGRTVDREVBNkYzNDAxNTMxNzNEMjg2RTAwRDhFNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSchFby/ABV98Y4bytD/Dkq265
CxfojT+DfEnH8yntwfrNG2DzrLNPklkKdJ/pVCkosdUBA1sGSQ0LepKMgA9WonVl
I3NzQBXaUTI1SrW3up+TREI27eNVmWE5HAJETp7xOtRA4uSe6yV6xGFwKlpBZaEL
u9fZE+p6MKPnqqclmDmCdWFobPBeHv1XfGpgwJomMk/a+wG3mBSe1jAOvKb94qnY
1N54CEafpD2+MJ5LLlJL7uoidBKRBeJJ7Ax3npGdMaz8I8sjwnFz9c9znG6GJeci
kunCqgF+2HRBlftqH/V+KH9a7X7qFrGsGCFuH3SEuPEcE02kSw2i5OFW+0/HAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUuv95O+z+XN6m80AVMXPShuANjlkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMxMzQz
NzJlMzUzODJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADCkzowDQYJKoZIhvcNAQELBQADggEBAAR5RjtWoPKd6FDirEDyYv2nuoUX
8wqCUVypzNP+dAmsYxNg24aaCOjXeAaY/ans7EIkJKdMQ46cRsBgGREyXkbAIg7X
wwCDTajMpi8OhM9oOKTpBcr1W3FzNqo80q6oKq/k+0LQHERCqxx2C87bspN7vMIi
HTAQ3TkqpQ5vNR+aXWAr6pbq00190h+jnzAyZ0fml2GGfxUJKSJYfGrN4dWZqts3
pDYmch98QFLo0swvnNIhCVjASu2Gd6OHFG5tS7Bz4Z0dz9DnQGVyth4ppvgqk+Fp
cshXMVvR0j0SYLkk/g0+ePSIMfemaIy7AKBoMlaJ+PW5txQ6t5Fueja14C8=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:18:31 2025 by rpki-client