Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e32362e3231312e302f32342d3234203d3e20313336373837.roa
File: 3139342e32362e3231312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: OK3D7lB7JwYhpKRabVjWHlsUquuA6bn1BN6qXrj2+2E=
Subject key identifier: FC:0F:DC:D7:69:FA:BB:14:DC:10:76:62:8E:A9:B3:E9:C8:4E:0C:CF
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 211BF2939C1A2F41CCE748AC84F10EF0629DDE46
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e32362e3231312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 22 Dec 2023 07:26:31 +0000
ROA not before: Fri 22 Dec 2023 07:21:31 +0000
ROA not after: Fri 20 Dec 2024 07:26:31 +0000
asID: 136787
IP address blocks: 194.26.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:1b:f2:93:9c:1a:2f:41:cc:e7:48:ac:84:f1:0e:f0:62:9d:de:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 22 07:21:31 2023 GMT
Not After : Dec 20 07:26:31 2024 GMT
Subject: CN=FC0FDCD769FABB14DC1076628EA9B3E9C84E0CCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1e:53:10:b2:e2:df:1e:df:12:b6:09:b7:a8:
8a:3e:63:91:b2:0a:4e:61:15:aa:af:ca:cc:3f:b9:
8f:1d:50:6c:f3:d6:ff:d7:3b:17:98:3d:f1:f9:8d:
a4:c1:04:81:bd:5a:88:17:22:b1:c0:39:18:a6:e3:
f6:60:74:23:50:f2:4e:76:90:65:85:0b:a8:83:57:
3b:3e:36:6d:34:1f:ea:46:d0:5d:9b:db:77:f1:3a:
3e:71:d1:53:23:8f:7d:b2:e9:2b:50:e0:66:b0:41:
94:a3:09:8b:b7:84:f1:95:89:51:bd:44:b6:3c:8a:
16:f2:b7:77:b3:3d:56:c9:f1:28:27:e1:a5:aa:98:
d5:d4:12:88:20:88:71:3f:20:6c:41:c8:a2:5e:91:
10:b3:88:0c:d4:46:67:8b:d7:5d:28:da:47:fc:c8:
60:64:ee:53:23:18:78:54:5d:1c:a4:11:48:73:84:
a0:b6:98:5e:ac:28:0e:07:ed:f4:df:f9:b6:8d:bd:
43:49:8d:7a:03:36:76:98:5b:ff:32:45:84:cf:3c:
60:23:b7:65:ec:3e:5b:d7:e8:35:21:c1:b7:b5:af:
e8:31:ea:8d:d0:fd:6a:56:e1:b3:9d:b7:2e:24:22:
9a:c4:04:4d:6f:b1:82:8e:c4:5d:0b:cf:bf:a7:ab:
6b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:0F:DC:D7:69:FA:BB:14:DC:10:76:62:8E:A9:B3:E9:C8:4E:0C:CF
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e32362e3231312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.211.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:7b:19:5d:66:27:c3:80:c2:c6:ca:7d:20:6b:4e:96:0b:f6:
83:c5:46:8d:f8:83:db:da:4f:0e:a6:1b:b2:4a:ea:29:17:88:
dc:10:83:24:a2:0a:88:58:36:d6:38:92:1a:3f:91:d9:aa:09:
86:9f:22:e7:c9:f6:9f:d2:85:4d:50:96:6c:01:21:6b:ac:1c:
c8:87:ec:e7:35:7d:fa:38:be:2d:e7:cd:66:bb:d8:00:bd:e1:
20:51:f3:1d:52:82:60:d0:0b:c7:c8:33:4d:b8:3a:2d:ec:8c:
bc:a3:6f:28:5f:44:26:a6:a1:b6:0b:74:3c:ca:30:41:2b:01:
c8:20:90:44:c4:ef:5f:0c:bc:1a:ba:d5:8b:eb:5c:05:b3:cd:
35:0d:be:df:7e:c0:00:63:8d:44:d8:c5:b8:a1:3e:2b:f0:3e:
1f:ba:b5:ea:a1:1f:e1:cb:20:38:72:3c:c0:ef:8c:b1:eb:7b:
7e:b2:a4:f1:a3:e6:9e:cf:13:57:e5:50:37:03:24:79:e7:ca:
e9:83:87:36:d0:98:62:bb:d9:c7:56:44:79:ca:b8:1e:a5:92:
96:7e:8a:21:f9:d1:16:d6:38:7e:f2:61:d2:10:c2:e8:71:a5:
b0:ef:ea:59:88:88:1c:40:39:35:96:36:db:7c:59:00:9c:96:
23:e1:70:97
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUIRvyk5waL0HM50ishPEO8GKd3kYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yMzEyMjIwNzIxMzFaFw0yNDEyMjAwNzI2MzFaMDMxMTAvBgNV
BAMTKEZDMEZEQ0Q3NjlGQUJCMTREQzEwNzY2MjhFQTlCM0U5Qzg0RTBDQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEHlMQsuLfHt8Stgm3qIo+Y5Gy
Ck5hFaqvysw/uY8dUGzz1v/XOxeYPfH5jaTBBIG9WogXIrHAORim4/ZgdCNQ8k52
kGWFC6iDVzs+Nm00H+pG0F2b23fxOj5x0VMjj32y6StQ4GawQZSjCYu3hPGViVG9
RLY8ihbyt3ezPVbJ8Sgn4aWqmNXUEoggiHE/IGxByKJekRCziAzURmeL110o2kf8
yGBk7lMjGHhUXRykEUhzhKC2mF6sKA4H7fTf+baNvUNJjXoDNnaYW/8yRYTPPGAj
t2XsPlvX6DUhwbe1r+gx6o3Q/WpW4bOdty4kIprEBE1vsYKOxF0Lz7+nq2szAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU/A/c12n6uxTcEHZijqmz6chODM8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMyMzYy
ZTMyMzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMIa0zANBgkqhkiG9w0BAQsFAAOCAQEAo3sZXWYnw4DCxsp9IGtOlgv2
g8VGjfiD29pPDqYbskrqKReI3BCDJKIKiFg21jiSGj+R2aoJhp8i58n2n9KFTVCW
bAEha6wcyIfs5zV9+ji+LefNZrvYAL3hIFHzHVKCYNALx8gzTbg6LeyMvKNvKF9E
Jqahtgt0PMowQSsByCCQRMTvXwy8GrrVi+tcBbPNNQ2+337AAGONRNjFuKE+K/A+
H7q16qEf4csgOHI8wO+Mset7frKk8aPmns8TV+VQNwMkeefK6YOHNtCYYrvZx1ZE
ecq4HqWSln6KIfnRFtY4fvJh0hDC6HGlsO/qWYiIHEA5NZY223xZAJyWI+Fwlw==
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:57 2024 by rpki-client on console-ams.rpki-client.org