Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36302e38372e302f32342d3332203d3e203531313637.roa
File: 3139342e36302e38372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: r8e8Ki+6dexvrm05qnIRXoaVZCPeMpsrFaCggPUkWK8=
Subject key identifier: F2:4E:34:51:2D:6B:55:E3:4F:A3:7F:59:86:77:9D:C5:71:C0:20:6B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3B80720C6196EC1D6A54E84A11600B54FBF862E5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36302e38372e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:17 +0000
ROA not before: Fri 27 Dec 2024 11:42:17 +0000
ROA not after: Fri 26 Dec 2025 11:47:17 +0000
asID: 51167
IP address blocks: 194.60.87.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:80:72:0c:61:96:ec:1d:6a:54:e8:4a:11:60:0b:54:fb:f8:62:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:17 2024 GMT
Not After : Dec 26 11:47:17 2025 GMT
Subject: CN=F24E34512D6B55E34FA37F5986779DC571C0206B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2c:ed:7e:e8:ff:1a:65:2f:7e:33:a6:35:f5:
95:1e:8f:ab:34:f9:75:0f:84:86:b2:d8:89:02:d2:
01:d4:1a:f0:c2:d2:bc:e1:ed:e4:b8:bb:e6:ee:29:
bd:81:90:a2:0d:46:a2:f1:15:4c:0b:a4:81:d6:a2:
2b:c4:d2:11:29:d2:80:14:1c:9a:aa:d6:e8:71:29:
9f:20:e4:23:e2:b1:06:98:64:fa:50:2e:84:08:2f:
21:ca:e9:d0:a1:fd:c9:f8:cc:00:02:35:d8:f8:c4:
bf:65:e4:c1:8c:d6:0b:b1:40:00:6c:6f:72:06:e2:
bb:57:4d:e9:b7:82:25:a2:dd:20:60:47:7f:ce:01:
e7:14:84:d2:4f:df:19:08:8c:ef:c0:30:3c:eb:62:
e0:43:c6:34:0f:1e:56:73:bb:6a:8d:ff:bc:2e:0c:
30:7d:1a:66:a5:b8:93:5e:78:4f:7c:d6:39:b1:db:
b7:48:7c:c7:46:3a:4e:53:13:04:c2:16:7f:eb:84:
fb:fa:d9:b2:27:b7:29:e2:9e:a8:8e:94:85:25:87:
9c:e2:05:12:52:85:15:61:12:a6:07:39:64:05:2e:
aa:d1:6b:ce:8f:82:74:27:b8:c3:9b:9e:92:a9:d9:
41:42:c7:eb:06:56:57:e9:2c:3b:7a:ec:db:21:a2:
12:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4E:34:51:2D:6B:55:E3:4F:A3:7F:59:86:77:9D:C5:71:C0:20:6B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36302e38372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.87.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:be:b6:43:0c:29:46:c0:b5:53:53:1c:ad:45:21:5d:66:c1:
33:ad:c9:57:fa:a1:49:08:4b:b8:82:cf:f2:40:23:aa:96:cc:
6f:ce:d9:52:ee:ed:e4:84:4e:bf:72:3a:2f:7e:6a:a8:be:f1:
80:a0:60:58:5a:8f:c3:7b:0d:21:e3:0c:b5:9c:0b:9f:de:2b:
a6:14:e3:a8:ec:4a:2f:1c:cd:b1:29:a5:d6:88:97:a2:75:93:
cd:07:21:15:23:72:e3:87:0a:f5:5a:cd:41:33:e7:ba:70:cc:
7b:76:67:3b:0f:ae:e5:bc:96:76:0a:51:b9:ef:05:78:6c:dc:
43:ed:b0:dc:db:c9:6c:90:12:1d:23:0e:87:6c:e4:43:a0:79:
15:09:1c:67:42:c5:5f:ff:68:8c:9a:dc:16:0a:13:be:35:14:
9a:f1:4f:e9:86:21:8e:63:91:bf:c6:20:c4:dc:b4:da:30:70:
be:84:eb:57:06:4d:d9:e4:0b:4a:35:91:45:ad:09:20:d5:12:
e1:3c:eb:f6:98:61:36:47:70:21:95:0b:1d:d4:b5:7f:46:29:
30:e2:90:52:f0:e7:68:e7:3b:c3:37:4f:1b:2d:4e:b5:9b:79:
7a:11:2d:27:cd:fb:f4:6c:2b:de:76:c5:25:1b:dc:e6:d6:19:
ea:a5:e9:0e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUO4ByDGGW7B1qVOhKEWALVPv4YuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTdaFw0yNTEyMjYxMTQ3MTdaMDMxMTAvBgNV
BAMTKEYyNEUzNDUxMkQ2QjU1RTM0RkEzN0Y1OTg2Nzc5REM1NzFDMDIwNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlLO1+6P8aZS9+M6Y19ZUej6s0
+XUPhIay2IkC0gHUGvDC0rzh7eS4u+buKb2BkKINRqLxFUwLpIHWoivE0hEp0oAU
HJqq1uhxKZ8g5CPisQaYZPpQLoQILyHK6dCh/cn4zAACNdj4xL9l5MGM1guxQABs
b3IG4rtXTem3giWi3SBgR3/OAecUhNJP3xkIjO/AMDzrYuBDxjQPHlZzu2qN/7wu
DDB9GmaluJNeeE981jmx27dIfMdGOk5TEwTCFn/rhPv62bIntyninqiOlIUlh5zi
BRJShRVhEqYHOWQFLqrRa86PgnQnuMObnpKp2UFCx+sGVlfpLDt67NshohJpAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU8k40US1rVeNPo39ZhnedxXHAIGswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTM2MzAy
ZTM4MzcyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAwjxXMA0GCSqGSIb3DQEBCwUAA4IBAQAvvrZDDClGwLVTUxytRSFdZsEzrclX
+qFJCEu4gs/yQCOqlsxvztlS7u3khE6/cjovfmqovvGAoGBYWo/Dew0h4wy1nAuf
3iumFOOo7EovHM2xKaXWiJeidZPNByEVI3Ljhwr1Ws1BM+e6cMx7dmc7D67lvJZ2
ClG57wV4bNxD7bDc28lskBIdIw6HbORDoHkVCRxnQsVf/2iMmtwWChO+NRSa8U/p
hiGOY5G/xiDE3LTaMHC+hOtXBk3Z5AtKNZFFrQkg1RLhPOv2mGE2R3AhlQsd1LV/
Rikw4pBS8Odo5zvDN08bLU61m3l6ES0nzfv0bCvedsUlG9zm1hnqpekO
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:03:24 2025 by rpki-client