Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231322e3130332e36302e302f32342d3234203d3e20313336373837.roa
File: 3231322e3130332e36302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: M1mRofaaJsTQ5E3eByBF1sAZxVBYRXONVYQcpFP+/JE=
Subject key identifier: F8:5B:61:79:72:48:77:0E:DD:8F:BD:AF:7C:93:B3:07:2F:A5:5D:73
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3F8008D100A1BE9DECD8DC77584518AD52F5FACE
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231322e3130332e36302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:16 +0000
ROA not before: Fri 27 Dec 2024 11:42:16 +0000
ROA not after: Fri 26 Dec 2025 11:47:16 +0000
asID: 136787
IP address blocks: 212.103.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:80:08:d1:00:a1:be:9d:ec:d8:dc:77:58:45:18:ad:52:f5:fa:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:16 2024 GMT
Not After : Dec 26 11:47:16 2025 GMT
Subject: CN=F85B61797248770EDD8FBDAF7C93B3072FA55D73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:44:6e:cd:ff:5d:30:29:92:66:b7:28:f1:ee:
fb:9e:59:4f:c6:6f:56:33:59:ff:40:e2:ea:a5:25:
ce:af:55:87:25:b0:3c:75:d1:a3:cf:cd:78:6e:c7:
42:62:ca:be:75:c2:e1:bd:5b:c6:ea:c1:71:79:22:
bd:c4:85:fe:2b:a8:af:92:92:4b:98:1c:4b:13:f7:
72:c5:67:63:6a:f6:14:98:f8:de:ca:df:bc:f0:d0:
d1:63:da:35:30:82:e3:17:61:f4:b2:49:45:0e:81:
09:44:be:a3:1d:9f:e0:6b:08:1f:ae:85:ed:b9:09:
10:3c:6d:09:2a:69:d0:88:3b:50:fb:82:9a:6c:2e:
e2:a8:5d:44:73:66:d7:e2:f2:ef:92:cc:bf:65:61:
b5:ae:82:83:69:fd:6a:e5:24:c2:a7:a1:fd:4b:dd:
b1:a5:32:a5:89:18:33:f4:6f:78:63:bb:c3:ab:4f:
08:e0:3a:7c:9e:e3:db:de:48:26:63:9f:9b:3e:b3:
06:84:a5:15:38:4d:0d:01:73:6c:b8:df:70:65:8e:
7d:a6:2e:4d:a8:0a:0a:d3:ce:38:dc:34:ce:c1:18:
79:aa:69:37:99:43:cc:38:62:2f:82:40:ca:5a:a8:
f7:b0:71:90:c5:55:8a:cd:d2:85:3e:27:fc:59:19:
fb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:5B:61:79:72:48:77:0E:DD:8F:BD:AF:7C:93:B3:07:2F:A5:5D:73
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231322e3130332e36302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.60.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:1a:81:30:7d:03:07:9f:3d:c1:5b:63:a9:c1:1e:97:e6:e8:
0e:e2:60:84:fe:9a:f8:77:43:0e:52:e2:c8:7c:a7:e3:c4:32:
bb:52:29:8c:59:f5:4f:90:cf:77:11:c4:0c:f0:8c:a4:b9:ef:
4a:69:1a:62:cd:fa:63:5e:0e:1a:c8:07:21:7e:17:b8:05:f0:
b5:42:19:36:41:a1:69:5e:84:ea:73:15:d9:93:e8:48:89:75:
f0:1c:cb:f8:71:7d:e1:84:69:04:90:d2:75:8c:67:17:8b:62:
1b:e3:2c:49:e2:e0:c4:0e:2a:a8:41:a5:35:80:7e:a4:b9:b5:
e4:89:7a:f3:13:fd:bc:66:ef:19:7c:28:e3:bd:b8:8e:77:fc:
a7:2d:1e:56:c7:79:57:21:45:25:40:be:1a:25:b9:f1:ae:ad:
ac:db:d2:7b:80:3c:3a:b2:3c:74:cc:03:e9:c4:b3:9d:19:b3:
aa:1c:c0:a4:d5:6e:64:6c:b7:2e:83:0b:5e:0d:90:53:a9:f2:
0f:c3:3c:a0:11:1d:90:5a:ed:e8:05:4d:c1:ff:46:82:12:15:
9b:14:14:ed:fe:7c:5c:3f:ba:03:32:a6:ed:1a:8c:63:30:96:
05:78:78:85:e4:19:03:5d:7e:f1:73:84:0c:0e:2b:b9:cd:04:
57:f2:89:ea
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUP4AI0QChvp3s2Nx3WEUYrVL1+s4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTZaFw0yNTEyMjYxMTQ3MTZaMDMxMTAvBgNV
BAMTKEY4NUI2MTc5NzI0ODc3MEVERDhGQkRBRjdDOTNCMzA3MkZBNTVENzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRRG7N/10wKZJmtyjx7vueWU/G
b1YzWf9A4uqlJc6vVYclsDx10aPPzXhux0Jiyr51wuG9W8bqwXF5Ir3Ehf4rqK+S
kkuYHEsT93LFZ2Nq9hSY+N7K37zw0NFj2jUwguMXYfSySUUOgQlEvqMdn+BrCB+u
he25CRA8bQkqadCIO1D7gppsLuKoXURzZtfi8u+SzL9lYbWugoNp/WrlJMKnof1L
3bGlMqWJGDP0b3hju8OrTwjgOnye49veSCZjn5s+swaEpRU4TQ0Bc2y433Bljn2m
Lk2oCgrTzjjcNM7BGHmqaTeZQ8w4Yi+CQMpaqPewcZDFVYrN0oU+J/xZGfvnAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU+FtheXJIdw7dj72vfJOzBy+lXXMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMjMxMzIyZTMxMzAz
MzJlMzYzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEANRnPDANBgkqhkiG9w0BAQsFAAOCAQEAoBqBMH0DB589wVtjqcEel+bo
DuJghP6a+HdDDlLiyHyn48Qyu1IpjFn1T5DPdxHEDPCMpLnvSmkaYs36Y14OGsgH
IX4XuAXwtUIZNkGhaV6E6nMV2ZPoSIl18BzL+HF94YRpBJDSdYxnF4tiG+MsSeLg
xA4qqEGlNYB+pLm15Il68xP9vGbvGXwo4724jnf8py0eVsd5VyFFJUC+GiW58a6t
rNvSe4A8OrI8dMwD6cSznRmzqhzApNVuZGy3LoMLXg2QU6nyD8M8oBEdkFrt6AVN
wf9GghIVmxQU7f58XD+6AzKm7RqMYzCWBXh4heQZA11+8XOEDA4ruc0EV/KJ6g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:03:17 2025 by rpki-client