Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36312e32392e302f32342d3234203d3e20313336373837.roa
File: 3139342e36312e32392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: LLz7Q9NltOrb9JMP+bvk3tb5F6Ncb9S6mYteZ18cnD8=
Subject key identifier: 7C:14:A1:6E:40:20:41:89:14:64:7D:4B:87:E9:A0:BF:FF:7B:AA:B6
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4F7A7D1E12EB8D3C5BAC16132EFE064AABD2C53B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36312e32392e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:37 +0000
ROA not before: Fri 20 Dec 2024 15:18:37 +0000
ROA not after: Fri 19 Dec 2025 15:23:37 +0000
asID: 136787
IP address blocks: 194.61.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:7a:7d:1e:12:eb:8d:3c:5b:ac:16:13:2e:fe:06:4a:ab:d2:c5:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:37 2024 GMT
Not After : Dec 19 15:23:37 2025 GMT
Subject: CN=7C14A16E4020418914647D4B87E9A0BFFF7BAAB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fa:8d:7e:15:71:ff:3c:b0:75:78:c4:83:c2:
c6:02:4e:3c:8b:a9:d1:e5:d2:8b:d3:19:f2:47:09:
5e:6c:63:8d:e2:09:0f:c8:82:b6:21:e9:8e:95:09:
aa:35:91:fa:d7:7a:55:01:bd:3f:bd:54:87:92:21:
e2:e2:18:74:d5:4e:4f:d2:bd:ed:4e:34:87:4e:8c:
ba:56:fa:44:3d:66:10:5a:54:8a:41:e1:5a:cb:8f:
35:ed:6e:15:07:fc:85:00:1f:a3:96:0d:e2:f6:52:
01:91:09:30:50:6e:eb:12:04:68:7f:8b:fb:05:bc:
91:5f:6c:e1:77:80:a9:cc:d6:9d:e5:85:77:6c:1f:
7d:c0:f6:26:c5:b8:70:1b:4d:f8:67:4e:c0:20:2f:
ec:2c:d3:81:0b:b3:4f:89:31:ec:b5:c9:28:78:b2:
80:fa:d9:09:5c:5d:aa:30:8e:47:8a:6f:74:6c:dc:
51:51:73:bf:3c:7f:75:cb:9d:52:97:d0:a7:fb:40:
ad:6b:f4:8f:91:a5:ad:e4:5b:12:14:d7:d2:6f:01:
1b:9a:f4:9d:65:e8:c0:63:40:30:36:df:49:27:ae:
d8:3f:e0:10:62:63:bd:2f:81:79:af:18:ba:80:bc:
b2:94:68:34:3f:19:8f:b3:67:1d:94:08:94:60:55:
81:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:14:A1:6E:40:20:41:89:14:64:7D:4B:87:E9:A0:BF:FF:7B:AA:B6
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36312e32392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.29.0/24
Signature Algorithm: sha256WithRSAEncryption
32:99:f1:62:00:ef:f9:59:f2:af:ce:5d:70:ba:e9:8c:4a:e3:
cb:24:a6:e8:27:2d:bb:49:ab:59:12:74:31:6b:b2:9a:cc:d8:
9c:3a:bc:57:a0:af:68:27:49:a8:1d:22:b3:de:93:20:ec:2c:
9c:6e:02:7e:79:d1:4a:d6:82:f3:06:65:5f:da:6f:62:69:9b:
9d:25:56:56:ca:96:cc:78:b5:0d:a3:3f:51:d4:92:df:48:0b:
7c:73:ae:b8:24:8b:4a:f0:31:3f:52:b8:35:99:7e:3f:77:e8:
d2:3e:63:f8:4e:6a:33:d4:f9:8b:85:c4:40:12:13:ef:ae:f6:
aa:ba:6b:10:30:17:3a:e0:13:bc:00:9b:52:a9:2f:8b:85:41:
4b:4a:fa:50:84:ee:50:9c:af:32:23:f7:16:f1:87:a3:f0:91:
79:8c:60:25:15:d1:b2:15:f1:5c:c2:8c:cd:e6:ec:84:46:5d:
4b:db:ad:52:a8:7b:bc:b3:39:ec:a2:ee:33:9a:bc:7f:0c:26:
5b:48:72:a7:d8:e7:6f:10:ff:a3:69:bc:d1:f0:65:60:b1:08:
54:37:f8:27:eb:a8:7f:21:8f:df:22:e0:f2:6d:bb:5c:0f:d5:
c7:32:97:46:7d:fd:2a:cc:50:24:94:6b:a7:6f:49:ca:9d:1a:
99:b2:b2:84
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUT3p9HhLrjTxbrBYTLv4GSqvSxTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzdaFw0yNTEyMTkxNTIzMzdaMDMxMTAvBgNV
BAMTKDdDMTRBMTZFNDAyMDQxODkxNDY0N0Q0Qjg3RTlBMEJGRkY3QkFBQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs+o1+FXH/PLB1eMSDwsYCTjyL
qdHl0ovTGfJHCV5sY43iCQ/IgrYh6Y6VCao1kfrXelUBvT+9VIeSIeLiGHTVTk/S
ve1ONIdOjLpW+kQ9ZhBaVIpB4VrLjzXtbhUH/IUAH6OWDeL2UgGRCTBQbusSBGh/
i/sFvJFfbOF3gKnM1p3lhXdsH33A9ibFuHAbTfhnTsAgL+ws04ELs0+JMey1ySh4
soD62QlcXaowjkeKb3Rs3FFRc788f3XLnVKX0Kf7QK1r9I+Rpa3kWxIU19JvARua
9J1l6MBjQDA230knrtg/4BBiY70vgXmvGLqAvLKUaDQ/GY+zZx2UCJRgVYFpAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUfBShbkAgQYkUZH1Lh+mgv/97qrYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTM2MzEy
ZTMyMzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADCPR0wDQYJKoZIhvcNAQELBQADggEBADKZ8WIA7/lZ8q/OXXC66YxK48sk
pugnLbtJq1kSdDFrsprM2Jw6vFegr2gnSagdIrPekyDsLJxuAn550UrWgvMGZV/a
b2Jpm50lVlbKlsx4tQ2jP1HUkt9IC3xzrrgki0rwMT9SuDWZfj936NI+Y/hOajPU
+YuFxEASE++u9qq6axAwFzrgE7wAm1KpL4uFQUtK+lCE7lCcrzIj9xbxh6PwkXmM
YCUV0bIV8VzCjM3m7IRGXUvbrVKoe7yzOeyi7jOavH8MJltIcqfY528Q/6NpvNHw
ZWCxCFQ3+CfrqH8hj98i4PJtu1wP1ccyl0Z9/SrMUCSUa6dvScqdGpmysoQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:22:21 2025 by rpki-client