Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36312e33312e302f32342d3332203d3e20313431393935.roa
File: 3139342e36312e33312e302f32342d3332203d3e20313431393935.roa (raw, json)
Hash identifier: qQZhb1gUtbo8fUXitF0L6vnMG3YvwGLVOpmYtxdIOAA=
Subject key identifier: 0C:70:DE:E6:CC:00:CC:76:7F:E2:90:CC:3B:58:A3:49:C0:AF:A1:55
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 564406409795194E61CFBE5784C0AF23DA0357AA
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36312e33312e302f32342d3332203d3e20313431393935.roa
Signing time: Fri 20 Dec 2024 15:23:32 +0000
ROA not before: Fri 20 Dec 2024 15:18:32 +0000
ROA not after: Fri 19 Dec 2025 15:23:32 +0000
asID: 141995
IP address blocks: 194.61.31.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 13:42:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:44:06:40:97:95:19:4e:61:cf:be:57:84:c0:af:23:da:03:57:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:32 2024 GMT
Not After : Dec 19 15:23:32 2025 GMT
Subject: CN=0C70DEE6CC00CC767FE290CC3B58A349C0AFA155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:38:25:cd:01:54:0b:c6:77:80:04:27:1f:d1:
d1:1b:a2:d2:9d:a1:9e:9c:a2:b1:27:4b:bf:0c:ea:
6c:3e:9c:4c:30:6b:c6:66:f8:10:ca:5e:de:5f:4d:
36:20:6d:61:aa:77:7d:1e:57:e5:68:b1:77:6a:3a:
14:82:77:88:a0:3c:2b:2c:db:47:1c:08:25:89:b1:
53:15:c8:61:26:ef:fc:05:99:76:62:0a:c6:dc:2f:
e7:cf:33:76:f8:bf:68:19:43:1f:30:ff:2f:5b:d5:
37:85:b4:fb:96:64:40:23:c8:6f:ae:de:f9:42:83:
f2:a5:3f:c1:4e:e3:89:da:d5:11:11:b2:c0:85:4c:
9d:b9:22:d0:fe:9c:d1:ee:79:62:c5:8a:98:91:f8:
19:8b:b6:27:03:00:98:a8:86:cf:1d:4c:a7:4a:53:
f9:1b:5e:f1:31:55:4e:0f:3e:14:24:8a:f0:d0:3b:
1f:2b:bf:fb:c8:e0:82:0d:cd:4f:2a:90:28:fb:71:
69:77:67:17:50:5e:e0:eb:9a:c2:3d:73:33:d4:2d:
bd:e9:02:89:76:58:bc:0c:a4:22:2d:1c:ed:dc:8f:
01:84:18:62:78:98:15:27:c6:eb:47:20:56:44:f8:
c9:0a:a4:91:a3:45:e1:7e:26:ed:e6:75:13:db:be:
17:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:70:DE:E6:CC:00:CC:76:7F:E2:90:CC:3B:58:A3:49:C0:AF:A1:55
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139342e36312e33312e302f32342d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.31.0/24
Signature Algorithm: sha256WithRSAEncryption
58:59:a6:02:f2:fd:e6:b6:b5:e4:27:b2:42:bf:58:ea:38:61:
25:fa:f2:05:77:da:95:61:e6:93:ad:4a:4f:6e:08:e9:2e:06:
fa:d3:2f:d7:83:bb:3c:8e:f6:5c:09:ca:10:af:8e:2c:cc:27:
a5:1b:38:f8:69:bb:94:f5:7d:55:38:15:18:d4:f3:90:a9:9b:
38:bb:6b:c7:e1:39:d4:11:5e:66:cd:6e:88:2a:0f:45:05:04:
aa:96:e8:80:d6:f1:c1:eb:4d:4f:31:01:d4:ce:d2:bf:c7:d2:
48:9a:96:c3:28:fd:b5:2f:2a:3f:c6:91:b7:cc:6b:0d:af:ad:
e9:71:6a:a2:1c:7e:09:93:c2:15:4e:c6:d7:b3:b1:78:29:d9:
62:0c:d7:0a:ad:5d:df:56:77:eb:d9:f3:ba:ff:ad:82:bc:23:
0f:a1:66:d2:14:45:ec:e8:7e:de:bb:f7:89:d9:00:ab:3c:41:
1b:41:6b:43:44:42:34:e4:ae:08:8b:d8:46:2e:63:2c:ae:36:
cf:5f:84:14:41:c3:eb:3c:4a:f9:fa:d0:0b:b9:e1:fd:99:da:
a8:3a:74:f7:f0:97:72:29:a7:15:d8:1d:ad:14:f0:0e:a8:65:
25:3b:16:39:55:d4:ad:7b:0a:24:6c:70:10:e7:ca:74:f7:b4:
47:00:3a:a0
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUVkQGQJeVGU5hz75XhMCvI9oDV6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzJaFw0yNTEyMTkxNTIzMzJaMDMxMTAvBgNV
BAMTKDBDNzBERUU2Q0MwMENDNzY3RkUyOTBDQzNCNThBMzQ5QzBBRkExNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgOCXNAVQLxneABCcf0dEbotKd
oZ6corEnS78M6mw+nEwwa8Zm+BDKXt5fTTYgbWGqd30eV+VosXdqOhSCd4igPCss
20ccCCWJsVMVyGEm7/wFmXZiCsbcL+fPM3b4v2gZQx8w/y9b1TeFtPuWZEAjyG+u
3vlCg/KlP8FO44na1RERssCFTJ25ItD+nNHueWLFipiR+BmLticDAJiohs8dTKdK
U/kbXvExVU4PPhQkivDQOx8rv/vI4IINzU8qkCj7cWl3ZxdQXuDrmsI9czPULb3p
Aol2WLwMpCItHO3cjwGEGGJ4mBUnxutHIFZE+MkKpJGjReF+Ju3mdRPbvhdJAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUDHDe5swAzHZ/4pDMO1ijScCvoVUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzQyZTM2MzEy
ZTMzMzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADCPR8wDQYJKoZIhvcNAQELBQADggEBAFhZpgLy/ea2teQnskK/WOo4YSX6
8gV32pVh5pOtSk9uCOkuBvrTL9eDuzyO9lwJyhCvjizMJ6UbOPhpu5T1fVU4FRjU
85Cpmzi7a8fhOdQRXmbNbogqD0UFBKqW6IDW8cHrTU8xAdTO0r/H0kialsMo/bUv
Kj/GkbfMaw2vrelxaqIcfgmTwhVOxtezsXgp2WIM1wqtXd9Wd+vZ87r/rYK8Iw+h
ZtIURezoft6794nZAKs8QRtBa0NEQjTkrgiL2EYuYyyuNs9fhBRBw+s8Svn60Au5
4f2Z2qg6dPfwl3IppxXYHa0U8A6oZSU7FjlV1K17CiRscBDnynT3tEcAOqA=
-----END CERTIFICATE-----
Generated at Sun Mar 9 02:41:17 2025 by rpki-client