Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3233322e38352e302f32342d3332203d3e20313336373837.roa
File: 3231332e3233322e38352e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: kM+IU5Zzy6o3EQTWPpDktHNoFuXpkQZGLGGpvVCeoAc=
Subject key identifier: 65:02:BC:43:5A:3B:8B:0E:3F:26:12:33:A8:A4:9A:1A:E8:C6:BC:AE
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3179233FE05B593F629ED0588D351A31E279E02A
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3233322e38352e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:19 +0000
ROA not before: Fri 27 Dec 2024 11:42:19 +0000
ROA not after: Fri 26 Dec 2025 11:47:19 +0000
asID: 136787
IP address blocks: 213.232.85.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:79:23:3f:e0:5b:59:3f:62:9e:d0:58:8d:35:1a:31:e2:79:e0:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:19 2024 GMT
Not After : Dec 26 11:47:19 2025 GMT
Subject: CN=6502BC435A3B8B0E3F261233A8A49A1AE8C6BCAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:08:43:ba:a1:4d:9e:a9:45:22:64:1a:12:f1:
eb:9b:34:ca:47:0c:e2:2c:aa:fe:d4:88:0b:10:ec:
59:3e:8b:49:49:3d:06:71:91:7e:87:1d:56:5b:78:
46:e5:b9:41:dc:85:97:8d:ea:55:c3:5e:82:7f:9d:
49:04:3d:cf:72:b7:6f:39:cf:44:2d:66:c3:4d:f2:
3a:f7:9e:df:95:34:98:b4:9d:eb:74:df:6d:56:f1:
f9:dd:b2:eb:50:21:7b:50:e8:fd:d2:78:14:2c:ee:
cb:a8:cb:7f:81:59:70:7e:38:01:0f:70:eb:23:4e:
0f:21:13:8c:26:c7:f6:bf:e2:89:28:ae:fa:36:1d:
1c:a0:1c:67:98:f1:57:66:2d:09:be:4b:f3:28:c8:
f9:6d:9b:9c:35:7c:d5:7b:ec:c7:88:f3:61:88:d3:
37:4a:d4:a5:5b:2c:da:ad:fc:22:b2:a9:a4:94:08:
73:64:2a:9a:95:f5:32:11:c3:cd:0f:10:b5:e8:61:
d3:a9:1f:14:cc:15:98:e4:c8:26:da:66:4f:16:f3:
cf:e1:ba:0f:7a:43:d5:4e:0e:7a:d9:df:8e:da:e0:
2b:d9:54:98:d6:ec:2a:13:e9:c0:a0:48:d6:1e:52:
8a:79:83:2e:d3:7d:51:e9:09:ce:4b:bb:01:0a:29:
10:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:02:BC:43:5A:3B:8B:0E:3F:26:12:33:A8:A4:9A:1A:E8:C6:BC:AE
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3233322e38352e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.85.0/24
Signature Algorithm: sha256WithRSAEncryption
18:cd:ba:9d:9a:01:a3:28:30:ba:01:05:ed:ca:30:52:16:ef:
0f:d1:ea:a1:51:6d:1c:19:d7:19:17:d6:9f:7e:12:86:94:93:
dc:ee:69:17:c1:48:a3:d5:0d:d2:4f:3b:94:b4:ac:00:a6:1e:
24:ff:74:07:00:d7:55:01:38:c3:a9:92:b0:72:54:9a:bc:c6:
b5:68:45:31:a3:80:22:19:fc:e7:58:80:ca:38:d3:98:eb:13:
cb:3b:1b:14:de:0f:5f:8d:16:69:d6:b0:93:d9:85:41:39:0c:
4c:22:15:ee:7c:1b:cd:32:de:5a:12:ca:00:0c:3f:6a:a2:5f:
09:6d:71:ee:a7:a7:cd:03:cc:4b:cb:03:dc:4b:5e:44:37:04:
f1:b8:07:32:4a:86:3c:d6:3c:22:54:a5:14:85:92:30:e6:4e:
79:d0:4c:c7:a6:c5:83:bb:d2:77:e2:73:e3:24:88:62:0b:fd:
80:b3:a2:6f:ae:90:6f:83:62:16:43:71:c7:e2:8e:6a:86:df:
14:30:b1:67:d0:84:31:cb:d8:e0:a3:36:70:54:ba:99:b4:a8:
6a:ed:d6:4c:a8:cf:6b:90:16:f3:79:50:0d:84:a8:df:e2:50:
03:ae:bb:32:14:06:df:89:8b:04:ea:93:14:29:f4:59:9d:27:
32:34:35:28
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUMXkjP+BbWT9intBYjTUaMeJ54CowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTlaFw0yNTEyMjYxMTQ3MTlaMDMxMTAvBgNV
BAMTKDY1MDJCQzQzNUEzQjhCMEUzRjI2MTIzM0E4QTQ5QTFBRThDNkJDQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4CEO6oU2eqUUiZBoS8eubNMpH
DOIsqv7UiAsQ7Fk+i0lJPQZxkX6HHVZbeEbluUHchZeN6lXDXoJ/nUkEPc9yt285
z0QtZsNN8jr3nt+VNJi0net0321W8fndsutQIXtQ6P3SeBQs7suoy3+BWXB+OAEP
cOsjTg8hE4wmx/a/4okorvo2HRygHGeY8VdmLQm+S/MoyPltm5w1fNV77MeI82GI
0zdK1KVbLNqt/CKyqaSUCHNkKpqV9TIRw80PELXoYdOpHxTMFZjkyCbaZk8W88/h
ug96Q9VODnrZ347a4CvZVJjW7CoT6cCgSNYeUop5gy7TfVHpCc5LuwEKKRCpAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUZQK8Q1o7iw4/JhIzqKSaGujGvK4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMjMxMzMyZTMyMzMz
MjJlMzgzNTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEANXoVTANBgkqhkiG9w0BAQsFAAOCAQEAGM26nZoBoygwugEF7cowUhbv
D9HqoVFtHBnXGRfWn34ShpST3O5pF8FIo9UN0k87lLSsAKYeJP90BwDXVQE4w6mS
sHJUmrzGtWhFMaOAIhn851iAyjjTmOsTyzsbFN4PX40Wadawk9mFQTkMTCIV7nwb
zTLeWhLKAAw/aqJfCW1x7qenzQPMS8sD3EteRDcE8bgHMkqGPNY8IlSlFIWSMOZO
edBMx6bFg7vSd+Jz4ySIYgv9gLOib66Qb4NiFkNxx+KOaobfFDCxZ9CEMcvY4KM2
cFS6mbSoau3WTKjPa5AW83lQDYSo3+JQA667MhQG34mLBOqTFCn0WZ0nMjQ1KA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:40:18 2025 by rpki-client