Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e34382e3230342e302f32342d3234203d3e20313336373837.roa
File: 3139342e34382e3230342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: wBbnTnl5jy4PmfomQNDYN1LhOxeHLYzhQDhxtZCGW4s=
Subject key identifier: 7F:A7:4F:77:1D:D1:E5:19:7E:FF:54:AC:10:29:30:87:0E:A0:7A:67
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7ADF73E8023BBDD9CA7EA10CB23D0504B219158A
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e34382e3230342e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 21 Mar 2024 09:16:47 +0000
ROA not before: Thu 21 Mar 2024 09:11:47 +0000
ROA not after: Thu 20 Mar 2025 09:16:47 +0000
asID: 136787
IP address blocks: 194.48.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:df:73:e8:02:3b:bd:d9:ca:7e:a1:0c:b2:3d:05:04:b2:19:15:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Mar 21 09:11:47 2024 GMT
Not After : Mar 20 09:16:47 2025 GMT
Subject: CN=7FA74F771DD1E5197EFF54AC102930870EA07A67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:fe:ac:c0:db:66:c0:4f:c8:c8:82:24:16:
a6:8a:e5:33:4f:18:5b:32:d3:a0:e4:33:3c:76:07:
27:44:17:86:7e:49:cf:c6:37:7f:8b:7b:20:75:f7:
a3:f4:69:0b:58:1c:59:66:21:03:ab:85:cf:52:b8:
90:bf:a8:f2:bc:53:5f:0e:9e:93:38:49:48:ac:2e:
ca:32:61:57:8c:ad:88:9a:f1:67:6c:3f:38:0b:07:
4b:11:41:95:75:bf:f3:a2:9e:7e:36:fc:dc:18:f0:
e2:ff:8d:11:f8:59:99:76:96:26:56:37:32:3f:7b:
29:f5:67:21:87:7f:1e:e7:87:6d:4d:1c:16:8d:cb:
1c:8f:fb:a1:40:63:7d:0d:06:92:27:d9:4d:33:67:
67:88:aa:ea:42:90:7d:93:76:f0:1f:2a:77:8b:39:
46:36:a5:90:e3:b4:c0:03:59:29:62:6c:45:28:70:
89:4c:c2:06:47:7d:d2:ea:cc:fa:c6:72:93:1d:2a:
cc:3c:71:98:16:b5:91:49:f7:4e:72:2c:c3:dc:08:
b1:4d:c9:ef:98:4b:ba:37:71:5a:12:73:e4:1a:7c:
b3:63:19:d6:ee:79:24:b8:e3:f7:84:9c:03:c0:37:
54:53:d9:cb:4c:8f:ed:6b:38:22:43:26:bc:42:93:
55:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A7:4F:77:1D:D1:E5:19:7E:FF:54:AC:10:29:30:87:0E:A0:7A:67
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e34382e3230342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.204.0/24
Signature Algorithm: sha256WithRSAEncryption
21:e2:16:28:2f:0f:e0:9b:e8:60:02:2a:87:13:9d:85:2f:63:
71:cf:97:ff:02:94:47:62:ba:b8:27:66:dd:2b:af:7a:48:80:
6a:83:fd:b4:34:42:13:cd:20:9a:5a:22:00:34:91:71:a3:93:
4f:1f:9d:36:90:c0:4b:83:46:40:f0:79:c3:b0:d9:bd:cb:79:
3d:0b:c9:0d:ac:59:19:fa:d0:24:13:3e:7a:6d:82:49:e1:8c:
b5:23:23:96:59:3f:59:cb:d8:d5:ca:1d:24:9c:d0:66:c4:0d:
f6:94:1f:b1:62:27:2b:cf:43:6b:05:cc:4d:79:ef:5b:57:fc:
aa:bf:db:96:45:06:19:cb:bd:d0:c5:32:56:b7:47:4e:43:56:
70:b8:3d:84:5d:0c:b7:2a:ec:47:c4:0c:a5:16:6c:97:67:97:
2a:93:a6:cd:34:1c:9a:2e:bf:32:31:c3:81:c0:ac:c1:08:0c:
ba:ae:4a:7e:f7:41:04:fd:4c:db:ad:b5:4d:9e:c0:e6:ac:f5:
cd:e4:b2:82:69:be:0d:14:a1:85:b4:e8:de:59:40:ae:9b:d0:
09:15:d1:f8:02:dd:d8:cf:09:92:83:47:d0:3f:70:07:b6:d5:
90:89:cf:19:0c:ed:34:8d:65:49:7b:ca:3b:15:e1:9a:03:63:
48:e5:ec:9f
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUet9z6AI7vdnKfqEMsj0FBLIZFYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDAzMjEwOTExNDdaFw0yNTAzMjAwOTE2NDdaMDMxMTAvBgNV
BAMTKDdGQTc0Rjc3MUREMUU1MTk3RUZGNTRBQzEwMjkzMDg3MEVBMDdBNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Gv6swNtmwE/IyIIkFqaK5TNP
GFsy06DkMzx2BydEF4Z+Sc/GN3+LeyB196P0aQtYHFlmIQOrhc9SuJC/qPK8U18O
npM4SUisLsoyYVeMrYia8WdsPzgLB0sRQZV1v/Oinn42/NwY8OL/jRH4WZl2liZW
NzI/eyn1ZyGHfx7nh21NHBaNyxyP+6FAY30NBpIn2U0zZ2eIqupCkH2TdvAfKneL
OUY2pZDjtMADWSlibEUocIlMwgZHfdLqzPrGcpMdKsw8cZgWtZFJ905yLMPcCLFN
ye+YS7o3cVoSc+QafLNjGdbueSS44/eEnAPAN1RT2ctMj+1rOCJDJrxCk1VFAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUf6dPdx3R5Rl+/1SsECkwhw6gemcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTM0Mzgy
ZTMyMzAzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMIwzDANBgkqhkiG9w0BAQsFAAOCAQEAIeIWKC8P4JvoYAIqhxOdhS9j
cc+X/wKUR2K6uCdm3SuvekiAaoP9tDRCE80gmloiADSRcaOTTx+dNpDAS4NGQPB5
w7DZvct5PQvJDaxZGfrQJBM+em2CSeGMtSMjllk/WcvY1codJJzQZsQN9pQfsWIn
K89DawXMTXnvW1f8qr/blkUGGcu90MUyVrdHTkNWcLg9hF0MtyrsR8QMpRZsl2eX
KpOmzTQcmi6/MjHDgcCswQgMuq5KfvdBBP1M2621TZ7A5qz1zeSygmm+DRShhbTo
3llArpvQCRXR+ALd2M8JkoNH0D9wB7bVkInPGQztNI1lSXvKOxXhmgNjSOXsnw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org