Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36312e33302e302f32342d3234203d3e20313336373837.roa
File: 3139342e36312e33302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: FAtPjW83wiIoE+ImxMMRFGWxeIPxYyGc+jnYVU5FUiI=
Subject key identifier: 75:E9:67:72:34:71:10:65:48:69:16:A0:56:2B:56:E8:01:2B:A1:64
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7DBC59525F2162F15B34E24838D1CC17F7C8E3C6
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36312e33302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:26 +0000
ROA not before: Fri 20 Dec 2024 15:18:26 +0000
ROA not after: Fri 19 Dec 2025 15:23:26 +0000
asID: 136787
IP address blocks: 194.61.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:bc:59:52:5f:21:62:f1:5b:34:e2:48:38:d1:cc:17:f7:c8:e3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:26 2024 GMT
Not After : Dec 19 15:23:26 2025 GMT
Subject: CN=75E9677234711065486916A0562B56E8012BA164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ee:6f:16:d9:7f:47:ca:aa:ee:8f:50:c3:9e:
97:82:b0:2c:24:bc:4b:cd:7f:79:ad:cd:6a:50:75:
89:3d:ec:4e:f0:ed:a8:b4:3b:27:1e:94:86:ce:a9:
bd:3c:ec:f8:de:25:56:2f:72:73:68:5f:7f:61:e3:
0e:13:b7:3d:f6:80:86:2a:24:5c:f4:22:75:d5:4d:
50:c2:6f:a9:d8:fb:59:ec:44:15:30:3c:0b:b2:df:
08:77:a2:21:cb:f8:81:fd:f6:a6:f1:0a:d8:7a:be:
88:78:9a:63:38:a8:71:53:60:a8:d3:2c:a7:b1:64:
7f:a7:d3:96:53:62:36:78:cf:45:7b:b2:74:f7:d7:
16:bf:09:54:77:ec:7d:3e:46:78:47:ac:4b:75:f7:
04:40:5e:19:4f:0d:0d:05:0c:8e:07:77:be:3c:80:
52:ee:84:92:e8:51:96:d0:f0:d8:00:aa:c1:c7:09:
f8:ee:ce:01:0e:96:36:2e:bf:0f:d3:a8:07:7c:21:
75:56:f5:09:cd:fd:8b:22:4b:5d:9d:49:04:46:71:
45:83:95:99:83:fb:6f:14:f0:d9:d5:92:a3:03:ca:
9e:de:4a:98:c5:d8:d5:7d:88:fe:4d:31:de:05:62:
24:c1:60:2d:74:c6:9d:3b:ff:a3:45:30:15:04:8b:
71:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E9:67:72:34:71:10:65:48:69:16:A0:56:2B:56:E8:01:2B:A1:64
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36312e33302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.30.0/24
Signature Algorithm: sha256WithRSAEncryption
28:28:9c:fe:52:72:b7:2d:90:8a:f9:f8:b7:fb:e7:a7:bf:6c:
89:9e:8c:dc:a1:47:78:51:fa:6c:b3:39:16:d9:be:f6:01:70:
49:ce:7c:d5:ce:f9:e2:c3:51:6a:31:75:59:d5:3f:e6:9d:5d:
af:95:b9:60:ee:3f:fa:79:ca:ce:18:f3:fc:b8:a3:51:66:d2:
76:08:38:67:be:f6:6d:56:64:7f:b4:48:0d:2d:bf:35:af:c1:
56:89:c7:ac:88:7b:6a:42:3f:b7:94:32:75:9f:87:11:62:62:
63:9c:c0:c7:10:47:d5:e6:82:1a:60:cc:a9:d2:a3:bf:ad:11:
33:cb:27:36:f6:c4:98:f1:57:b7:9e:53:dc:a2:6f:36:ff:93:
58:ac:ec:3b:d8:19:3d:92:8d:5d:f4:ba:bf:a6:a0:60:97:72:
6e:27:c8:15:da:9b:4f:35:fe:1b:ec:ce:f0:0d:b9:c4:9a:c1:
98:2b:b9:fe:8d:ea:56:95:37:fa:3a:83:bf:c5:67:d2:de:6a:
1a:72:c6:00:ff:e4:07:67:97:1a:d3:0c:7d:9e:9b:99:1e:10:
ef:e9:8f:e6:c6:f1:d3:06:38:56:c2:6d:0a:ed:b8:8c:ff:ca:
6f:b8:9a:eb:4d:5b:c2:29:4c:7f:79:84:31:30:16:3e:e3:18:
6c:09:67:a5
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUfbxZUl8hYvFbNOJIONHMF/fI48YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MjZaFw0yNTEyMTkxNTIzMjZaMDMxMTAvBgNV
BAMTKDc1RTk2NzcyMzQ3MTEwNjU0ODY5MTZBMDU2MkI1NkU4MDEyQkExNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC67m8W2X9Hyqruj1DDnpeCsCwk
vEvNf3mtzWpQdYk97E7w7ai0OycelIbOqb087PjeJVYvcnNoX39h4w4Ttz32gIYq
JFz0InXVTVDCb6nY+1nsRBUwPAuy3wh3oiHL+IH99qbxCth6voh4mmM4qHFTYKjT
LKexZH+n05ZTYjZ4z0V7snT31xa/CVR37H0+RnhHrEt19wRAXhlPDQ0FDI4Hd748
gFLuhJLoUZbQ8NgAqsHHCfjuzgEOljYuvw/TqAd8IXVW9QnN/YsiS12dSQRGcUWD
lZmD+28U8NnVkqMDyp7eSpjF2NV9iP5NMd4FYiTBYC10xp07/6NFMBUEi3F7AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUdelncjRxEGVIaRagVitW6AEroWQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTM2MzEy
ZTMzMzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADCPR4wDQYJKoZIhvcNAQELBQADggEBACgonP5ScrctkIr5+Lf756e/bIme
jNyhR3hR+myzORbZvvYBcEnOfNXO+eLDUWoxdVnVP+adXa+VuWDuP/p5ys4Y8/y4
o1Fm0nYIOGe+9m1WZH+0SA0tvzWvwVaJx6yIe2pCP7eUMnWfhxFiYmOcwMcQR9Xm
ghpgzKnSo7+tETPLJzb2xJjxV7eeU9yibzb/k1is7DvYGT2SjV30ur+moGCXcm4n
yBXam081/hvszvANucSawZgruf6N6laVN/o6g7/FZ9LeahpyxgD/5AdnlxrTDH2e
m5keEO/pj+bG8dMGOFbCbQrtuIz/ym+4mutNW8IpTH95hDEwFj7jGGwJZ6U=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:46:04 2025 by rpki-client