Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231322e3130332e36332e302f32342d3234203d3e20313734.roa
File: 3231322e3130332e36332e302f32342d3234203d3e20313734.roa (raw, json)
Hash identifier: W3ijyL3UDmPwiOFdhwR6tK0Njoa3bfiKzhwloxOudqI=
Subject key identifier: 54:32:E6:E1:BD:B4:FF:D9:46:1E:12:F6:1A:15:6A:E2:AE:2D:E0:BF
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6CC082DAB956C1A34E841CB0CDA6AF85C5AAE236
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231322e3130332e36332e302f32342d3234203d3e20313734.roa
Signing time: Fri 27 Dec 2024 11:47:27 +0000
ROA not before: Fri 27 Dec 2024 11:42:27 +0000
ROA not after: Fri 26 Dec 2025 11:47:27 +0000
asID: 174
IP address blocks: 212.103.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:c0:82:da:b9:56:c1:a3:4e:84:1c:b0:cd:a6:af:85:c5:aa:e2:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:27 2024 GMT
Not After : Dec 26 11:47:27 2025 GMT
Subject: CN=5432E6E1BDB4FFD9461E12F61A156AE2AE2DE0BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b4:f2:1c:1e:cf:18:7e:b9:82:87:8d:80:6d:
c9:f6:b2:24:92:ff:7b:07:06:a0:fc:94:1c:1d:d1:
6b:de:a4:3f:5f:07:0c:b6:2e:75:8d:40:ab:d3:6d:
c5:e3:47:80:ab:5c:3e:d7:cb:5c:71:54:13:5f:34:
b7:65:cb:76:4b:a3:41:92:f0:06:62:12:24:e0:a5:
a9:66:db:e7:84:17:33:09:6f:63:24:ae:10:27:97:
52:b1:bd:d3:47:66:c0:2a:86:7e:31:29:e0:0b:96:
6b:7d:34:0e:bf:71:92:d5:47:e3:ea:97:90:ad:c3:
93:5f:5f:cd:60:19:4d:b8:5d:53:db:1a:78:bf:4b:
3e:f2:c5:60:9e:a3:63:77:6a:dd:4e:46:79:b7:31:
fc:a5:3f:a8:13:88:2d:4c:73:a7:a1:eb:09:0f:1f:
65:4b:92:b5:4b:5e:ef:bc:5f:ac:98:6a:28:c0:70:
28:51:1a:2a:3a:15:7e:f4:2a:84:0f:6d:94:ef:ab:
ff:9b:14:61:68:ce:6b:82:46:cf:ed:68:e8:17:f1:
0b:67:d7:c2:44:61:93:e8:c3:43:dc:eb:c5:db:14:
92:a6:c5:1e:f5:e7:c8:e2:9e:f9:0e:9d:04:c2:27:
46:8a:0c:38:32:e6:8a:45:45:84:ca:c6:db:08:8e:
7e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:32:E6:E1:BD:B4:FF:D9:46:1E:12:F6:1A:15:6A:E2:AE:2D:E0:BF
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231322e3130332e36332e302f32342d3234203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:04:1e:46:47:de:87:29:06:0b:ae:bf:49:5f:14:d3:4e:ce:
d1:0b:36:57:1d:e1:af:15:4f:fb:6e:17:79:ad:24:49:8e:8c:
2e:03:a0:ca:7a:a9:9b:ee:8d:be:26:99:99:e6:b6:e9:db:d3:
6e:03:73:b5:6a:08:9b:cc:1f:8b:95:91:32:3b:35:f2:04:fa:
ab:c8:a5:5f:e7:3e:8f:a6:6b:d7:ac:fe:3c:ca:df:37:f8:3e:
a0:22:be:15:ab:4d:cc:6f:ef:1b:01:3a:41:f9:96:47:c5:9e:
14:2a:af:f8:9b:96:94:59:00:3b:ea:ff:d5:9f:5f:12:6f:cd:
d0:f1:f9:b0:77:68:1c:f4:1a:a4:86:ea:0d:20:6b:78:d1:dc:
33:a3:42:28:f9:78:e0:97:95:19:fd:26:07:17:57:0e:7b:05:
a8:20:22:23:0a:d9:96:cb:83:f6:84:e6:5a:74:bc:37:c9:b6:
9d:61:68:d7:c4:07:42:01:8e:c7:85:4a:67:0e:9a:39:bd:c8:
c1:f6:d6:65:05:de:92:32:43:39:19:ae:5f:a9:4f:80:a8:45:
a3:29:2f:5e:42:48:a8:d1:62:9d:88:c2:e9:8c:29:55:3f:ce:
6d:10:76:38:c8:1e:27:98:cc:4a:3a:06:fa:4d:4e:b1:7c:ce:
99:8e:48:a4
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUbMCC2rlWwaNOhBywzaavhcWq4jYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjdaFw0yNTEyMjYxMTQ3MjdaMDMxMTAvBgNV
BAMTKDU0MzJFNkUxQkRCNEZGRDk0NjFFMTJGNjFBMTU2QUUyQUUyREUwQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6tPIcHs8YfrmCh42Abcn2siSS
/3sHBqD8lBwd0WvepD9fBwy2LnWNQKvTbcXjR4CrXD7Xy1xxVBNfNLdly3ZLo0GS
8AZiEiTgpalm2+eEFzMJb2MkrhAnl1KxvdNHZsAqhn4xKeALlmt9NA6/cZLVR+Pq
l5Ctw5NfX81gGU24XVPbGni/Sz7yxWCeo2N3at1ORnm3MfylP6gTiC1Mc6eh6wkP
H2VLkrVLXu+8X6yYaijAcChRGio6FX70KoQPbZTvq/+bFGFozmuCRs/taOgX8Qtn
18JEYZPow0Pc68XbFJKmxR7158jinvkOnQTCJ0aKDDgy5opFRYTKxtsIjn5zAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUVDLm4b20/9lGHhL2GhVq4q4t4L8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMjMxMzIyZTMxMzAz
MzJlMzYzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzczNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ANRnPzANBgkqhkiG9w0BAQsFAAOCAQEAPQQeRkfehykGC66/SV8U007O0Qs2Vx3h
rxVP+24Xea0kSY6MLgOgynqpm+6NviaZmea26dvTbgNztWoIm8wfi5WRMjs18gT6
q8ilX+c+j6Zr16z+PMrfN/g+oCK+FatNzG/vGwE6QfmWR8WeFCqv+JuWlFkAO+r/
1Z9fEm/N0PH5sHdoHPQapIbqDSBreNHcM6NCKPl44JeVGf0mBxdXDnsFqCAiIwrZ
lsuD9oTmWnS8N8m2nWFo18QHQgGOx4VKZw6aOb3IwfbWZQXekjJDORmuX6lPgKhF
oykvXkJIqNFinYjC6YwpVT/ObRB2OMgeJ5jMSjoG+k1OsXzOmY5IpA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:51:51 2025 by rpki-client