Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e33352e31322e302f32332d3234203d3e20323033333830.roa
File: 3139342e33352e31322e302f32332d3234203d3e20323033333830.roa (raw, json)
Hash identifier: Ko3rEa4RMADqrSFfPOhptC50Aq3T/Qk67BIBJJjkEck=
Subject key identifier: 5A:E1:7E:75:C0:D1:F1:2C:37:7D:18:DA:DD:EE:DF:86:B9:34:4B:A5
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2B04E9B05E07FF7DE4C6D0E17D2B162FE7669E1D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e33352e31322e302f32332d3234203d3e20323033333830.roa
Signing time: Fri 27 Dec 2024 11:47:38 +0000
ROA not before: Fri 27 Dec 2024 11:42:38 +0000
ROA not after: Fri 26 Dec 2025 11:47:38 +0000
asID: 203380
IP address blocks: 194.35.12.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:04:e9:b0:5e:07:ff:7d:e4:c6:d0:e1:7d:2b:16:2f:e7:66:9e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:38 2024 GMT
Not After : Dec 26 11:47:38 2025 GMT
Subject: CN=5AE17E75C0D1F12C377D18DADDEEDF86B9344BA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:92:28:94:1d:c3:9f:50:aa:97:76:b4:fd:86:
e0:47:7f:69:f7:a0:2b:36:04:69:d6:20:0c:38:92:
d7:7e:3b:aa:5b:d7:da:0a:f8:23:ba:5a:d6:81:ac:
75:e1:9b:c8:18:76:33:da:50:58:52:7a:17:08:db:
f7:3e:ff:15:8a:db:f8:35:a9:e6:20:0e:e9:40:1e:
0c:42:ae:88:44:86:7e:31:ff:d0:ca:c0:55:63:83:
87:64:ac:c4:b3:28:bd:c6:2d:ea:0e:2d:76:d7:82:
ff:06:fe:25:5e:c0:04:e4:a5:76:a3:81:09:cb:1e:
74:d6:87:46:e7:4a:e3:14:f2:c5:26:9a:f2:52:2b:
04:50:f7:b3:2d:aa:62:f0:39:94:5e:9b:fe:ca:af:
b9:5b:0f:3f:c2:78:9e:3f:23:71:66:9a:49:34:67:
3f:e9:73:b3:de:41:26:bc:9b:1f:11:9a:1e:f9:3b:
c5:7b:ca:f6:5a:8c:46:fb:4f:0b:d8:75:38:70:24:
13:de:aa:0e:e5:c1:53:43:d8:f0:c8:9d:d9:ba:fd:
a2:74:7d:cb:92:30:59:80:45:6b:a6:f7:4f:c9:a6:
0e:19:10:2b:ea:38:d6:f6:33:ac:34:65:36:7d:a3:
30:aa:b3:40:97:e3:5f:d4:68:76:08:75:33:77:0c:
23:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E1:7E:75:C0:D1:F1:2C:37:7D:18:DA:DD:EE:DF:86:B9:34:4B:A5
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e33352e31322e302f32332d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.12.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:2e:fe:8c:5e:f2:12:8b:38:7a:a2:d7:26:f0:a4:0f:96:df:
2c:df:9b:ef:0d:8b:a3:73:60:28:19:25:ca:70:fa:05:8e:81:
42:c7:0a:10:d8:23:a0:c7:58:df:8c:fa:48:2f:90:7e:e6:c9:
fc:bb:13:c0:f3:0a:2d:0b:f5:00:b4:66:be:d7:c1:9a:cb:6f:
8d:7a:b7:9f:88:a1:f8:c1:40:0c:c0:59:f0:98:84:9d:e5:21:
b0:6e:ce:3b:ed:8e:7b:ab:8a:e3:2e:4c:81:5c:f7:e0:c8:c2:
e6:25:81:96:6c:fa:3a:b2:f5:eb:1d:f1:d2:5e:a7:a6:35:c6:
a7:f7:d2:fe:f6:08:26:c7:9e:57:fa:1d:e2:e0:b4:42:a0:c7:
6f:48:65:cb:1a:76:30:be:14:2b:9e:a4:74:b6:62:9b:8f:56:
cb:0d:0e:28:3f:33:72:fb:b7:90:2e:53:eb:93:7a:04:b9:b3:
4f:90:57:95:d0:ca:8c:23:35:fe:4f:32:16:2d:14:dd:fb:ee:
78:cb:5e:9d:59:2f:7b:53:e3:bf:76:84:50:04:da:f5:12:9d:
d1:37:64:8a:3e:9d:af:32:67:65:d8:40:74:a2:e8:92:67:6c:
1e:19:cb:b5:c3:7c:db:a3:fb:b8:2c:a7:ff:9b:03:e3:f3:5c:
e9:7a:dd:6e
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUKwTpsF4H/33kxtDhfSsWL+dmnh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzhaFw0yNTEyMjYxMTQ3MzhaMDMxMTAvBgNV
BAMTKDVBRTE3RTc1QzBEMUYxMkMzNzdEMThEQURERUVERjg2QjkzNDRCQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkkiiUHcOfUKqXdrT9huBHf2n3
oCs2BGnWIAw4ktd+O6pb19oK+CO6WtaBrHXhm8gYdjPaUFhSehcI2/c+/xWK2/g1
qeYgDulAHgxCrohEhn4x/9DKwFVjg4dkrMSzKL3GLeoOLXbXgv8G/iVewATkpXaj
gQnLHnTWh0bnSuMU8sUmmvJSKwRQ97MtqmLwOZRem/7Kr7lbDz/CeJ4/I3Fmmkk0
Zz/pc7PeQSa8mx8Rmh75O8V7yvZajEb7TwvYdThwJBPeqg7lwVND2PDIndm6/aJ0
fcuSMFmARWum90/Jpg4ZECvqONb2M6w0ZTZ9ozCqs0CX41/UaHYIdTN3DCODAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUWuF+dcDR8Sw3fRja3e7fhrk0S6UwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMzMzUy
ZTMxMzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjMwMzMzMzM4MzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHCIwwwDQYJKoZIhvcNAQELBQADggEBALIu/oxe8hKLOHqi1ybwpA+W3yzf
m+8Ni6NzYCgZJcpw+gWOgULHChDYI6DHWN+M+kgvkH7myfy7E8DzCi0L9QC0Zr7X
wZrLb416t5+IofjBQAzAWfCYhJ3lIbBuzjvtjnuriuMuTIFc9+DIwuYlgZZs+jqy
9esd8dJep6Y1xqf30v72CCbHnlf6HeLgtEKgx29IZcsadjC+FCuepHS2YpuPVssN
Dig/M3L7t5AuU+uTegS5s0+QV5XQyowjNf5PMhYtFN377njLXp1ZL3tT4792hFAE
2vUSndE3ZIo+na8yZ2XYQHSi6JJnbB4Zy7XDfNuj+7gsp/+bA+PzXOl63W4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:53:35 2025 by rpki-client