Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e35372e302f32342d3332203d3e203531313637.roa
File: 3139342e3234322e35372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 972t3/Ty2+1YmFsFdU6/tm0R22Vd3fSOjq1e33USzik=
Subject key identifier: F8:D5:CF:21:54:8A:6E:E5:15:22:2C:63:77:C1:FA:48:61:67:00:DA
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6841FBE7A774FD4834D8A2A40FBEE834F1806C86
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e35372e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:10 +0000
ROA not before: Fri 27 Dec 2024 11:42:10 +0000
ROA not after: Fri 26 Dec 2025 11:47:10 +0000
asID: 51167
IP address blocks: 194.242.57.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:41:fb:e7:a7:74:fd:48:34:d8:a2:a4:0f:be:e8:34:f1:80:6c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:10 2024 GMT
Not After : Dec 26 11:47:10 2025 GMT
Subject: CN=F8D5CF21548A6EE515222C6377C1FA48616700DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d9:6f:28:d7:39:b8:42:d2:db:67:42:0c:88:
d1:0f:25:84:26:8e:1e:94:d6:c9:74:2e:bc:4f:72:
22:da:72:52:ca:34:46:30:11:55:6b:5d:69:c7:e2:
a3:24:26:69:d8:f4:b9:88:ef:01:68:b3:a6:dd:47:
96:5f:90:03:34:90:f2:61:3f:83:6e:5a:9d:f9:2e:
85:d7:60:77:ff:c4:58:d7:a9:a3:54:3b:75:3e:97:
f6:7d:bf:73:a4:51:b7:d4:c7:e1:a5:95:74:cd:91:
f7:e3:9c:ec:f8:92:1d:bf:f4:cb:5f:3e:94:bd:af:
09:ed:e4:9f:dc:b8:09:b2:01:4f:4e:0b:c5:36:0f:
3b:49:94:5a:a5:9e:f5:8e:10:6c:0f:3f:10:d6:13:
bc:81:5c:43:c3:2a:55:32:77:fe:92:d4:95:66:c6:
4e:8a:fb:66:1f:6d:9e:5c:94:85:c2:86:4d:7b:38:
78:67:aa:f1:0e:51:8e:11:b6:9b:44:e1:ab:91:63:
21:3a:1f:1e:6e:ba:be:38:a5:52:f5:3c:4a:f8:2d:
03:c0:22:3c:b8:e7:76:af:91:90:ca:43:95:41:26:
05:ff:e0:bf:59:15:03:ec:c6:24:8c:7d:76:5d:1e:
81:06:ea:3e:b8:b7:23:e1:ae:73:31:ff:66:e5:e1:
6a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D5:CF:21:54:8A:6E:E5:15:22:2C:63:77:C1:FA:48:61:67:00:DA
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e3234322e35372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.242.57.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:f3:30:1a:8d:68:fd:1c:f8:7f:0a:d6:75:d8:27:b1:af:29:
c7:25:da:30:09:65:62:40:a5:ce:47:58:0d:f0:de:5d:aa:e7:
7c:bd:6f:42:40:a5:b9:7e:86:c3:80:4c:6c:88:c6:5d:db:88:
2a:f7:4d:4a:ff:21:64:e9:be:c4:a3:85:2d:d4:bb:22:6f:a6:
9f:5c:e5:ca:c7:30:84:76:be:59:de:9f:29:dc:fa:55:dd:a2:
f7:0b:02:b8:89:98:ba:ac:9c:37:ee:a1:9a:ce:c9:26:d5:2f:
aa:df:54:77:17:68:e1:c5:93:78:86:a4:e3:d6:e4:49:d9:a9:
6b:19:bd:af:c3:d8:0b:c3:11:a3:b6:28:bf:04:f5:18:1d:99:
fb:9b:cb:a8:bb:0e:14:02:a7:36:24:c6:d0:cd:0a:96:62:7e:
60:61:14:ee:a0:57:e6:b8:73:29:f1:ba:8d:40:c1:9a:da:b9:
6c:7c:84:d4:a2:5f:87:e0:02:d4:13:69:7a:37:0c:7e:47:fe:
d5:28:68:b5:5b:40:6b:6e:8b:9a:4c:15:3f:8b:d9:9d:79:9a:
1f:1f:db:a3:4f:7a:be:a6:b7:6c:fc:df:1b:be:cc:70:fd:06:
65:4d:9d:d3:2f:29:5b:1d:00:08:86:79:c8:ff:b1:fc:77:95:
3b:f1:4f:22
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUaEH756d0/Ug02KKkD77oNPGAbIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTBaFw0yNTEyMjYxMTQ3MTBaMDMxMTAvBgNV
BAMTKEY4RDVDRjIxNTQ4QTZFRTUxNTIyMkM2Mzc3QzFGQTQ4NjE2NzAwREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb2W8o1zm4QtLbZ0IMiNEPJYQm
jh6U1sl0LrxPciLaclLKNEYwEVVrXWnH4qMkJmnY9LmI7wFos6bdR5ZfkAM0kPJh
P4NuWp35LoXXYHf/xFjXqaNUO3U+l/Z9v3OkUbfUx+GllXTNkffjnOz4kh2/9Mtf
PpS9rwnt5J/cuAmyAU9OC8U2DztJlFqlnvWOEGwPPxDWE7yBXEPDKlUyd/6S1JVm
xk6K+2YfbZ5clIXChk17OHhnqvEOUY4RtptE4auRYyE6Hx5uur44pVL1PEr4LQPA
Ijy453avkZDKQ5VBJgX/4L9ZFQPsxiSMfXZdHoEG6j64tyPhrnMx/2bl4WrBAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU+NXPIVSKbuUVIixjd8H6SGFnANowHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMyMzQz
MjJlMzUzNzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADC8jkwDQYJKoZIhvcNAQELBQADggEBAJrzMBqNaP0c+H8K1nXYJ7GvKccl
2jAJZWJApc5HWA3w3l2q53y9b0JApbl+hsOATGyIxl3biCr3TUr/IWTpvsSjhS3U
uyJvpp9c5crHMIR2vlnenync+lXdovcLAriJmLqsnDfuoZrOySbVL6rfVHcXaOHF
k3iGpOPW5EnZqWsZva/D2AvDEaO2KL8E9Rgdmfuby6i7DhQCpzYkxtDNCpZifmBh
FO6gV+a4cynxuo1AwZrauWx8hNSiX4fgAtQTaXo3DH5H/tUoaLVbQGtui5pMFT+L
2Z15mh8f26NPer6mt2z83xu+zHD9BmVNndMvKVsdAAiGecj/sfx3lTvxTyI=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:05:58 2025 by rpki-client