Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/322e35382e37342e302f32342d3234203d3e20313336373837.roa
File: 322e35382e37342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: cFp21PcIbEUqxXFJCTRoITsGrsONWzYCgY7+KXXx7tA=
Subject key identifier: D3:E8:84:77:4B:FC:B8:CF:68:D6:2A:88:67:A1:3C:2A:B4:97:9D:CB
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2477DA8D977DDF1FC509FBD951E2F195A53574F2
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/322e35382e37342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:37 +0000
ROA not before: Fri 27 Dec 2024 11:42:37 +0000
ROA not after: Fri 26 Dec 2025 11:47:37 +0000
asID: 136787
IP address blocks: 2.58.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:77:da:8d:97:7d:df:1f:c5:09:fb:d9:51:e2:f1:95:a5:35:74:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:37 2024 GMT
Not After : Dec 26 11:47:37 2025 GMT
Subject: CN=D3E884774BFCB8CF68D62A8867A13C2AB4979DCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bb:7e:03:2f:7a:32:27:4e:d4:20:f5:98:78:
1f:d9:f5:19:d1:4d:e7:c9:f3:48:b2:82:52:09:b1:
45:62:c0:07:b8:c8:25:fb:34:ac:6d:b2:4b:7d:e2:
d7:02:0e:df:27:e1:f9:f5:a8:f3:74:68:46:ab:47:
3d:c1:30:07:fc:68:00:01:30:33:ff:7b:e2:7b:6e:
3c:b6:cc:d4:f4:d5:03:2c:c3:80:f3:9a:58:f0:9c:
43:2c:23:ee:7e:46:2e:e9:60:0c:4b:3a:46:83:44:
2d:2f:61:74:0e:34:a8:37:8d:50:02:9e:72:3a:5c:
0c:be:67:b2:95:2d:ec:bc:8e:48:e2:c8:81:66:69:
29:00:f2:39:05:1e:fe:75:f5:8b:33:30:28:d5:27:
78:95:1d:88:b8:47:06:e7:53:5b:19:87:f8:b1:4d:
ee:c4:d1:5e:f8:d6:3c:15:34:0e:d2:b5:6c:b4:b2:
1d:46:9e:20:70:36:dd:c4:3b:08:8f:c1:61:d8:10:
f8:3f:68:97:6f:e1:3c:6d:a2:08:42:5e:e7:48:30:
d9:4f:dc:ea:1c:06:2f:a8:49:8d:b8:82:a9:f2:04:
6f:2f:b4:79:91:92:36:d2:ae:f3:b7:ae:76:33:89:
3e:c8:22:2f:06:02:29:4c:6b:8f:0b:5b:49:70:e0:
84:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E8:84:77:4B:FC:B8:CF:68:D6:2A:88:67:A1:3C:2A:B4:97:9D:CB
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/322e35382e37342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.74.0/24
Signature Algorithm: sha256WithRSAEncryption
e3:0a:c3:28:62:cc:2e:65:0d:4b:a3:05:9d:a1:1d:73:e2:13:
60:35:12:07:67:bc:26:bf:71:2c:cf:da:74:38:b7:37:c8:f6:
bb:3f:35:e3:84:fb:16:24:aa:ac:11:3d:54:98:1b:f9:b6:36:
2f:1e:51:c2:07:9e:af:e4:91:8e:27:a6:4d:24:20:b0:ac:29:
7e:69:28:69:4d:32:e4:6e:64:3c:33:38:1d:d7:98:d8:d9:8d:
c0:42:a7:57:c3:43:30:d2:4f:b1:52:7e:cd:6e:13:bc:6b:c2:
f1:db:f9:17:f0:53:c0:2a:63:91:90:42:8d:d7:bf:46:fc:b2:
a9:d1:e6:8c:1a:b1:62:60:d0:81:2f:34:69:46:bc:e0:63:6c:
88:cc:43:9a:74:95:d8:6e:88:bc:36:a5:af:45:5b:db:6e:6e:
43:49:71:1b:7b:ad:b1:0e:f0:21:a6:b7:6f:06:79:3b:6a:a9:
8a:06:12:97:b1:df:81:c3:de:1b:a9:06:d8:14:9e:8a:ce:c4:
53:dd:fa:9d:75:f4:ad:02:2e:5d:18:f3:9b:13:35:c1:c4:c0:
6c:10:c4:cc:58:96:6a:cb:8f:86:5e:03:9f:a9:2d:ec:3d:6d:
9a:d3:93:74:f9:f4:a5:05:d5:4c:b4:8a:65:48:0b:93:78:b0:
26:25:5c:27
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUJHfajZd93x/FCfvZUeLxlaU1dPIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzdaFw0yNTEyMjYxMTQ3MzdaMDMxMTAvBgNV
BAMTKEQzRTg4NDc3NEJGQ0I4Q0Y2OEQ2MkE4ODY3QTEzQzJBQjQ5NzlEQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIu34DL3oyJ07UIPWYeB/Z9RnR
TefJ80iyglIJsUViwAe4yCX7NKxtskt94tcCDt8n4fn1qPN0aEarRz3BMAf8aAAB
MDP/e+J7bjy2zNT01QMsw4DzmljwnEMsI+5+Ri7pYAxLOkaDRC0vYXQONKg3jVAC
nnI6XAy+Z7KVLey8jkjiyIFmaSkA8jkFHv519YszMCjVJ3iVHYi4RwbnU1sZh/ix
Te7E0V741jwVNA7StWy0sh1GniBwNt3EOwiPwWHYEPg/aJdv4TxtoghCXudIMNlP
3OocBi+oSY24gqnyBG8vtHmRkjbSrvO3rnYziT7IIi8GAilMa48LW0lw4ITNAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU0+iEd0v8uM9o1iqIZ6E8KrSXncswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMjJlMzUzODJlMzcz
NDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AAI6SjANBgkqhkiG9w0BAQsFAAOCAQEA4wrDKGLMLmUNS6MFnaEdc+ITYDUSB2e8
Jr9xLM/adDi3N8j2uz8144T7FiSqrBE9VJgb+bY2Lx5Rwgeer+SRjiemTSQgsKwp
fmkoaU0y5G5kPDM4HdeY2NmNwEKnV8NDMNJPsVJ+zW4TvGvC8dv5F/BTwCpjkZBC
jde/RvyyqdHmjBqxYmDQgS80aUa84GNsiMxDmnSV2G6IvDalr0Vb225uQ0lxG3ut
sQ7wIaa3bwZ5O2qpigYSl7HfgcPeG6kG2BSeis7EU936nXX0rQIuXRjzmxM1wcTA
bBDEzFiWasuPhl4Dn6kt7D1tmtOTdPn0pQXVTLSKZUgLk3iwJiVcJw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:51:11 2025 by rpki-client