Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e35392e3235352e302f32342d3234203d3e20313336373837.roa
File: 3139342e35392e3235352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Ca3OVwIztVbBftErkwUfz88A+R98FT7zbG8OtNw00IU=
Subject key identifier: B9:40:6D:9F:6E:3B:6F:91:FD:6F:40:05:B0:32:58:91:D1:29:78:6A
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 75C27C684DDA91AA958B2C7A200308FC318B97AF
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e35392e3235352e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:23 +0000
ROA not before: Fri 27 Dec 2024 11:42:23 +0000
ROA not after: Fri 26 Dec 2025 11:47:23 +0000
asID: 136787
IP address blocks: 194.59.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:c2:7c:68:4d:da:91:aa:95:8b:2c:7a:20:03:08:fc:31:8b:97:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:23 2024 GMT
Not After : Dec 26 11:47:23 2025 GMT
Subject: CN=B9406D9F6E3B6F91FD6F4005B0325891D129786A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4e:95:5c:fc:c7:55:5c:8e:61:f7:20:08:ed:
d6:50:bf:44:d2:03:15:bb:5f:12:7a:c9:91:a5:0e:
3f:39:f5:3a:8a:82:42:07:c8:31:95:6d:1a:df:4a:
61:a9:dd:cd:9e:53:d2:d7:24:4e:d6:ed:22:c5:28:
2a:83:d3:df:df:e0:aa:e2:38:6d:21:ea:51:97:4a:
4d:8b:2c:07:3c:32:0c:5b:8e:67:e1:28:2c:f5:22:
49:09:66:d0:5b:38:ab:e2:8a:e9:69:f9:ea:d5:fe:
7f:e3:0c:2a:c8:d0:1d:54:e6:bc:69:b0:c5:58:f2:
26:93:b5:07:92:43:66:b6:9d:d0:35:da:fe:8f:1c:
e3:4b:75:40:7f:a2:dd:94:6f:d1:2a:c1:26:35:14:
36:55:ee:f2:c8:45:6a:2c:bc:ce:69:80:11:a7:51:
a2:50:03:73:c2:b3:53:c1:61:cd:b8:47:2d:6f:2d:
e7:a4:1b:22:32:64:db:ab:ef:fa:3d:37:51:0d:52:
81:a2:51:28:79:da:bb:27:0c:88:db:23:99:3d:6e:
8b:b6:a0:d0:40:b6:3b:bc:40:91:ae:2b:ed:2c:f6:
c1:50:2e:f6:bb:b5:ba:19:d6:3c:54:8c:b6:53:6e:
88:76:be:08:f0:6d:f9:4a:74:a5:58:04:1c:9f:76:
44:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:40:6D:9F:6E:3B:6F:91:FD:6F:40:05:B0:32:58:91:D1:29:78:6A
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e35392e3235352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.255.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:f0:dc:d5:41:df:2b:95:f8:c5:a1:b7:d8:b1:26:3b:93:29:
00:4f:99:5b:e5:a4:91:7a:19:84:d5:5c:e5:fd:71:c4:cd:f7:
c6:35:9a:f1:b8:58:0c:d8:6e:b1:47:d5:86:03:51:2a:26:48:
fe:7b:10:b5:a5:df:df:49:b8:09:8e:52:69:5b:34:a8:f4:c9:
fb:1a:7a:90:41:96:a3:d2:bf:65:54:34:70:74:b6:55:03:50:
ee:76:30:8b:9a:ec:9d:1f:c0:66:2c:32:5d:ee:b8:0f:b2:36:
fc:1a:d8:1a:ea:d9:ed:a1:e5:60:94:9b:46:7a:9e:8b:2a:02:
71:dc:95:e7:ea:a4:dc:2b:c2:65:99:59:c8:c0:fd:7d:ef:3c:
6a:6e:20:93:9e:78:55:ff:7a:1a:04:cb:18:c7:e8:5e:ae:b5:
aa:e5:24:bf:5e:47:2d:2f:e2:91:8c:ff:e6:0e:f7:ae:e3:60:
16:4c:a1:a4:23:ab:75:a7:e1:47:94:5f:a4:d5:a7:db:96:44:
d2:8d:32:04:82:8b:72:27:c2:23:fc:04:ab:d6:ec:15:f7:de:
72:90:d6:fb:cc:b6:f0:a2:fe:d7:39:32:dd:7a:76:17:89:1c:
f6:19:1f:1d:3b:01:1b:db:4d:f4:86:8a:33:06:ab:bf:9f:b0:
ef:e0:8b:ce
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUdcJ8aE3akaqViyx6IAMI/DGLl68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjNaFw0yNTEyMjYxMTQ3MjNaMDMxMTAvBgNV
BAMTKEI5NDA2RDlGNkUzQjZGOTFGRDZGNDAwNUIwMzI1ODkxRDEyOTc4NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDITpVc/MdVXI5h9yAI7dZQv0TS
AxW7XxJ6yZGlDj859TqKgkIHyDGVbRrfSmGp3c2eU9LXJE7W7SLFKCqD09/f4Kri
OG0h6lGXSk2LLAc8MgxbjmfhKCz1IkkJZtBbOKviiulp+erV/n/jDCrI0B1U5rxp
sMVY8iaTtQeSQ2a2ndA12v6PHONLdUB/ot2Ub9EqwSY1FDZV7vLIRWosvM5pgBGn
UaJQA3PCs1PBYc24Ry1vLeekGyIyZNur7/o9N1ENUoGiUSh52rsnDIjbI5k9bou2
oNBAtju8QJGuK+0s9sFQLva7tboZ1jxUjLZTboh2vgjwbflKdKVYBByfdkQ7AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUuUBtn247b5H9b0AFsDJYkdEpeGowHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTM1Mzky
ZTMyMzUzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAMI7/zANBgkqhkiG9w0BAQsFAAOCAQEAPPDc1UHfK5X4xaG32LEmO5Mp
AE+ZW+WkkXoZhNVc5f1xxM33xjWa8bhYDNhusUfVhgNRKiZI/nsQtaXf30m4CY5S
aVs0qPTJ+xp6kEGWo9K/ZVQ0cHS2VQNQ7nYwi5rsnR/AZiwyXe64D7I2/BrYGurZ
7aHlYJSbRnqeiyoCcdyV5+qk3CvCZZlZyMD9fe88am4gk554Vf96GgTLGMfoXq61
quUkv15HLS/ikYz/5g73ruNgFkyhpCOrdafhR5RfpNWn25ZE0o0yBIKLcifCI/wE
q9bsFffecpDW+8y28KL+1zky3Xp2F4kc9hkfHTsBG9tN9IaKMwarv5+w7+CLzg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:01:58 2025 by rpki-client