Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e33352e3132312e302f32342d3234203d3e20313336373837.roa
File: 3139342e33352e3132312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: c06z5IUQ8R8ZZF3qZ1RrrIAKo1+Old3SLWj+ACxY9+g=
Subject key identifier: 38:1A:66:02:05:31:9F:3A:FB:FB:59:F5:E6:7A:4D:33:26:A2:51:28
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 23C6834B27CC013581D6157F9286549C4D9AEDFC
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e33352e3132312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:46 +0000
ROA not before: Fri 27 Dec 2024 11:42:46 +0000
ROA not after: Fri 26 Dec 2025 11:47:46 +0000
asID: 136787
IP address blocks: 194.35.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:46:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:c6:83:4b:27:cc:01:35:81:d6:15:7f:92:86:54:9c:4d:9a:ed:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:46 2024 GMT
Not After : Dec 26 11:47:46 2025 GMT
Subject: CN=381A660205319F3AFBFB59F5E67A4D3326A25128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:1c:e0:a2:6c:ec:a5:3e:58:38:60:3e:cd:
cc:dc:ef:e8:c7:0d:67:cb:dc:c5:95:c2:45:64:41:
49:b4:1a:9d:03:a2:5b:17:17:23:17:ae:9a:5f:10:
ef:c0:5b:21:b6:2c:70:37:34:14:2a:79:00:40:03:
a7:cf:54:98:06:d8:ed:03:00:b5:25:e5:02:86:76:
86:be:d2:9a:d3:3c:36:0d:78:2b:96:4e:87:c0:0b:
d0:c4:3d:d2:c0:f3:4a:e7:b4:0c:ea:ba:56:d7:26:
9c:5f:1c:28:11:1c:c2:1c:2e:b6:6d:96:3d:68:25:
1c:3b:9c:ad:63:d5:ce:e6:37:6c:68:46:62:17:47:
6b:99:13:c9:da:f3:f8:61:49:65:a8:90:6d:2b:2c:
75:e7:d5:49:50:d4:2d:45:49:ea:76:94:bb:9b:5d:
73:88:9b:dc:39:62:3f:4e:53:a2:b1:b6:03:09:4c:
6f:e8:f5:38:4a:7d:b1:0a:47:b3:7d:66:68:f4:6a:
a1:14:bc:8e:f8:a6:bd:41:08:3b:ad:ce:0c:88:95:
70:72:e8:98:bb:c7:93:86:42:da:14:a8:30:12:91:
5f:32:c8:30:e4:8f:95:02:5e:0c:1d:95:b6:44:27:
96:6a:ba:25:0e:20:fc:a9:b2:9d:4d:bb:98:ec:d8:
58:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1A:66:02:05:31:9F:3A:FB:FB:59:F5:E6:7A:4D:33:26:A2:51:28
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e33352e3132312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.121.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:67:fc:15:e2:98:67:cb:7d:99:7c:a3:b6:84:f5:72:6e:5c:
23:e0:71:a8:44:19:3b:d5:ee:95:d2:c7:2d:df:88:ae:db:60:
f8:96:66:24:ee:69:58:cc:54:e8:b8:86:45:2e:e1:05:bd:75:
ca:93:1b:75:0d:ed:e6:c4:af:d2:6f:b2:2e:6e:5d:86:c0:db:
9e:6a:e5:0e:06:87:cc:14:10:30:6b:cd:29:85:3e:43:52:c6:
71:81:d5:75:07:51:aa:f9:b4:1e:c5:66:9a:1d:3c:15:0a:98:
35:62:4b:e7:c5:72:74:56:2e:18:4c:10:ae:21:88:cd:aa:d5:
98:fa:1a:69:8a:2d:fd:f1:74:51:00:a0:54:b1:cb:cc:b1:79:
56:bd:28:36:58:0b:8c:d4:1c:6a:8d:a1:26:5f:8b:db:07:72:
73:51:e0:23:a7:c3:0b:ef:e5:49:f8:53:db:cb:7c:d2:c3:71:
f4:cc:ae:49:4b:0d:a7:c9:9e:a4:a9:4f:cc:f2:47:72:19:07:
86:15:c7:d5:a4:68:bd:a4:61:43:7f:05:32:f7:d9:38:31:4a:
70:70:05:37:4e:6e:02:35:dd:d1:d0:40:71:83:9b:16:77:90:
09:6a:7d:b5:92:7f:49:5a:44:bc:15:3c:02:d8:54:78:b3:2f:
6f:b5:2e:68
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUI8aDSyfMATWB1hV/koZUnE2a7fwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyNDZaFw0yNTEyMjYxMTQ3NDZaMDMxMTAvBgNV
BAMTKDM4MUE2NjAyMDUzMTlGM0FGQkZCNTlGNUU2N0E0RDMzMjZBMjUxMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/QhzgomzspT5YOGA+zczc7+jH
DWfL3MWVwkVkQUm0Gp0DolsXFyMXrppfEO/AWyG2LHA3NBQqeQBAA6fPVJgG2O0D
ALUl5QKGdoa+0prTPDYNeCuWTofAC9DEPdLA80rntAzqulbXJpxfHCgRHMIcLrZt
lj1oJRw7nK1j1c7mN2xoRmIXR2uZE8na8/hhSWWokG0rLHXn1UlQ1C1FSep2lLub
XXOIm9w5Yj9OU6KxtgMJTG/o9ThKfbEKR7N9Zmj0aqEUvI74pr1BCDutzgyIlXBy
6Ji7x5OGQtoUqDASkV8yyDDkj5UCXgwdlbZEJ5ZquiUOIPypsp1Nu5js2FhvAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUOBpmAgUxnzr7+1n15npNMyaiUSgwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTMzMzUy
ZTMxMzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMIjeTANBgkqhkiG9w0BAQsFAAOCAQEAjWf8FeKYZ8t9mXyjtoT1cm5c
I+BxqEQZO9XuldLHLd+Irttg+JZmJO5pWMxU6LiGRS7hBb11ypMbdQ3t5sSv0m+y
Lm5dhsDbnmrlDgaHzBQQMGvNKYU+Q1LGcYHVdQdRqvm0HsVmmh08FQqYNWJL58Vy
dFYuGEwQriGIzarVmPoaaYot/fF0UQCgVLHLzLF5Vr0oNlgLjNQcao2hJl+L2wdy
c1HgI6fDC+/lSfhT28t80sNx9MyuSUsNp8mepKlPzPJHchkHhhXH1aRovaRhQ38F
MvfZODFKcHAFN05uAjXd0dBAcYObFneQCWp9tZJ/SVpEvBU8AthUeLMvb7UuaA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:55:01 2025 by rpki-client