Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e352e3135332e302f32342d3332203d3e20313431393935.roa
File: 3139342e352e3135332e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: d1YRAvknAxe4g+8Zh7zOH0SyPl7MnEyN7QdwITIBNGw=
Subject key identifier: 07:98:29:AA:50:31:C5:51:13:BE:1E:01:B4:61:2A:86:61:E2:89:77
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3DCBBCFD1CF7BFB5DEF351CD223D309A595E0E75
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e352e3135332e302f32342d3332203d3e20313431393935.roa
Signing time: Fri 20 Dec 2024 15:23:27 +0000
ROA not before: Fri 20 Dec 2024 15:18:27 +0000
ROA not after: Fri 19 Dec 2025 15:23:27 +0000
asID: 141995
IP address blocks: 194.5.153.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 13:42:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:cb:bc:fd:1c:f7:bf:b5:de:f3:51:cd:22:3d:30:9a:59:5e:0e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:27 2024 GMT
Not After : Dec 19 15:23:27 2025 GMT
Subject: CN=079829AA5031C55113BE1E01B4612A8661E28977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:70:96:df:76:fe:35:e4:f6:07:04:98:c2:d9:
d9:59:ed:9b:0f:93:76:23:fc:85:c2:04:1e:e6:87:
db:99:3f:16:d5:0a:45:85:9b:8b:56:61:fa:3b:a5:
e6:41:df:69:15:d0:c1:48:57:d4:14:9b:c3:4a:07:
55:7d:b7:8e:d3:91:a5:bd:df:c8:47:39:8d:a7:ed:
cf:a6:49:1f:6e:26:0a:4d:cf:d7:0a:b3:3e:40:67:
6e:7b:77:f6:48:ec:61:be:09:54:31:ca:a4:57:80:
05:6a:53:72:47:2a:0c:d7:66:0c:ea:95:8f:34:ba:
03:cd:96:fa:b9:68:58:0e:fd:12:d8:98:c6:50:d4:
47:14:35:91:45:73:a7:60:e7:09:d3:9e:d6:2d:4e:
0c:41:a0:8b:e8:ce:41:a2:e3:f2:e2:11:76:cc:84:
a6:ad:5e:a0:e4:ca:af:c6:7e:8b:0a:8a:e5:d8:f7:
01:e1:6e:2b:3a:7a:89:ab:74:78:b8:43:78:b2:56:
c1:f4:08:cc:90:c5:27:49:b4:06:06:b2:b2:ac:75:
e0:a9:03:ba:20:13:be:26:aa:cb:3b:2c:0b:3d:cd:
d4:9a:d8:7e:93:56:a4:f8:54:14:cb:6d:60:7a:e8:
85:59:77:10:e0:99:f0:d1:14:b2:6f:ad:4b:94:f9:
ac:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:98:29:AA:50:31:C5:51:13:BE:1E:01:B4:61:2A:86:61:E2:89:77
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e352e3135332e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.153.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:65:61:45:60:35:28:44:68:4f:7d:fb:74:b7:ff:04:68:6a:
7a:2f:cb:78:10:f9:37:9f:94:a1:d3:20:4e:38:f8:52:36:c6:
9a:98:b9:56:6c:00:f9:0b:69:5d:3d:8c:19:a2:a2:1a:13:ad:
49:4f:37:5b:a4:52:96:72:07:9f:e1:2c:43:a9:d7:90:ec:f8:
c8:65:99:a3:b8:98:77:1f:0d:06:b1:58:f4:3c:25:fb:a9:e1:
43:6f:7d:00:2b:ff:7c:72:18:7e:54:2b:7a:26:e8:40:e4:ab:
d3:78:a4:59:fb:bd:14:21:4e:a7:45:41:a5:42:37:ca:e7:c3:
a7:99:2e:3d:78:6e:f1:09:9c:03:e9:fa:d3:4d:39:e6:f7:a2:
ff:b2:c8:e3:8f:6f:de:25:3e:49:2f:b8:42:65:61:a8:f3:e2:
9d:78:ab:1f:37:97:27:f3:64:5f:76:54:77:c1:d9:bf:c0:d0:
26:ff:4a:42:03:45:b0:48:31:39:ab:51:fc:5d:cb:73:d8:e4:
ee:d0:b1:9c:bb:36:a3:73:19:3d:32:d3:60:82:27:5d:3f:20:
e6:4e:d6:8e:70:38:f0:e1:04:09:30:8d:90:a2:e6:63:17:ba:
59:64:7f:3d:79:ca:9c:96:70:67:1f:54:89:1e:85:4a:f6:ed:
9c:92:88:5c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUPcu8/Rz3v7Xe81HNIj0wmlleDnUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MjdaFw0yNTEyMTkxNTIzMjdaMDMxMTAvBgNV
BAMTKDA3OTgyOUFBNTAzMUM1NTExM0JFMUUwMUI0NjEyQTg2NjFFMjg5NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1cJbfdv415PYHBJjC2dlZ7ZsP
k3Yj/IXCBB7mh9uZPxbVCkWFm4tWYfo7peZB32kV0MFIV9QUm8NKB1V9t47TkaW9
38hHOY2n7c+mSR9uJgpNz9cKsz5AZ257d/ZI7GG+CVQxyqRXgAVqU3JHKgzXZgzq
lY80ugPNlvq5aFgO/RLYmMZQ1EcUNZFFc6dg5wnTntYtTgxBoIvozkGi4/LiEXbM
hKatXqDkyq/GfosKiuXY9wHhbis6eomrdHi4Q3iyVsH0CMyQxSdJtAYGsrKsdeCp
A7ogE74mqss7LAs9zdSa2H6TVqT4VBTLbWB66IVZdxDgmfDRFLJvrUuU+ax1AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUB5gpqlAxxVETvh4BtGEqhmHiiXcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTM1MmUz
MTM1MzMyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADCBZkwDQYJKoZIhvcNAQELBQADggEBAF1lYUVgNShEaE99+3S3/wRoanov
y3gQ+TeflKHTIE44+FI2xpqYuVZsAPkLaV09jBmiohoTrUlPN1ukUpZyB5/hLEOp
15Ds+MhlmaO4mHcfDQaxWPQ8Jfup4UNvfQAr/3xyGH5UK3om6EDkq9N4pFn7vRQh
TqdFQaVCN8rnw6eZLj14bvEJnAPp+tNNOeb3ov+yyOOPb94lPkkvuEJlYajz4p14
qx83lyfzZF92VHfB2b/A0Cb/SkIDRbBIMTmrUfxdy3PY5O7QsZy7NqNzGT0y02CC
J10/IOZO1o5wOPDhBAkwjZCi5mMXullkfz15ypyWcGcfVIkehUr27ZySiFw=
-----END CERTIFICATE-----
Generated at Sun Mar 9 02:55:16 2025 by rpki-client