Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3233322e38362e302f32342d3332203d3e20313336373837.roa
File: 3231332e3233322e38362e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: yRmBDhdJT8P3KclGiuQReDB3DzEwVYdM80lgk3/NnWU=
Subject key identifier: 67:EC:37:E1:6C:0C:9B:76:A0:4B:50:2A:98:DD:DB:36:7D:08:2D:7B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7C777ED56F90E45305EF14AF9E2EACF903CD2ABC
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3233322e38362e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:07 +0000
ROA not before: Fri 27 Dec 2024 11:42:07 +0000
ROA not after: Fri 26 Dec 2025 11:47:07 +0000
asID: 136787
IP address blocks: 213.232.86.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:46:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:77:7e:d5:6f:90:e4:53:05:ef:14:af:9e:2e:ac:f9:03:cd:2a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:07 2024 GMT
Not After : Dec 26 11:47:07 2025 GMT
Subject: CN=67EC37E16C0C9B76A04B502A98DDDB367D082D7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d4:87:12:40:02:ce:44:94:1c:5d:a5:39:9c:
34:e1:bf:d2:4a:4e:3c:ed:35:3f:b2:8b:c6:f1:af:
cb:e3:39:52:a2:57:66:86:a8:22:3a:74:2e:76:68:
22:ac:f9:ae:2d:8a:17:33:5e:18:8e:1f:18:58:d8:
d9:8d:ff:0c:e9:a4:e0:bd:ef:e9:19:64:ca:05:0d:
b1:34:4b:3b:2a:cf:05:3a:4c:1b:0a:74:f9:6a:a1:
42:48:57:3e:0e:fe:11:26:5c:90:f2:d3:27:7f:84:
9d:8f:3a:aa:11:7b:d9:f6:e1:fa:06:b7:bb:42:e7:
68:bb:87:42:21:24:90:53:79:13:42:50:b9:8f:5d:
cb:0f:37:32:77:d3:46:6b:f9:94:25:ac:17:ba:f9:
e8:be:a5:f5:1e:ec:25:7a:cb:54:73:35:97:a5:4f:
a8:3a:e7:37:92:d2:40:57:49:f8:c8:b6:b1:6a:cd:
a5:b5:d3:f5:cf:84:5c:2c:13:f9:7f:ef:aa:b3:b4:
bc:68:e2:02:85:dc:8f:5b:00:79:f7:ed:db:31:5b:
ae:c2:5a:9c:3d:ca:e9:55:69:f9:9c:8b:80:5f:76:
ec:62:e0:4b:e6:a4:19:07:57:50:f1:d1:2c:2c:9c:
bd:42:ae:39:f0:ff:8e:79:5c:25:c2:2e:f8:85:cd:
01:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EC:37:E1:6C:0C:9B:76:A0:4B:50:2A:98:DD:DB:36:7D:08:2D:7B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3233322e38362e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.86.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:d0:01:8a:6d:74:33:a7:14:47:83:a4:a0:df:10:46:20:c1:
3b:95:45:06:88:79:ac:a5:79:b0:3e:a9:d5:1a:50:10:1c:6f:
50:56:13:1a:fe:7a:54:22:0a:a4:99:25:7b:af:cd:19:7b:8e:
63:d5:60:5e:42:41:5d:b3:12:e3:c0:8a:63:44:8f:7c:52:a3:
c0:c6:76:ec:f0:4d:14:4e:d6:01:10:16:19:c9:71:88:bf:d3:
ed:fd:30:05:3f:09:c2:f2:89:78:0e:cc:b3:2c:b5:69:a5:f2:
69:63:82:4d:1c:ba:a6:57:f8:f2:3a:4b:b2:a9:02:92:ca:ef:
6c:ee:12:73:dc:94:7d:c5:b8:ef:50:ec:46:b6:48:e4:d7:52:
79:d5:6f:94:c2:79:01:4c:55:49:a3:b2:38:38:8f:9e:dd:c3:
55:f0:3d:4d:d3:3d:bc:86:94:31:7f:65:17:f8:af:93:bf:fe:
00:b6:42:a8:40:3f:b9:4d:fe:92:39:a8:96:df:46:63:90:d0:
11:54:70:b2:c6:4f:db:80:0d:65:d3:20:52:2a:5f:d4:c2:f2:
1e:a1:73:95:60:d5:0a:2c:fd:4a:2e:83:a0:38:c9:93:85:c2:
80:e2:bb:59:c1:5c:fd:13:8d:35:09:59:9f:ef:5f:0c:83:5d:
1b:88:ca:c8
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfHd+1W+Q5FMF7xSvni6s+QPNKrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMDdaFw0yNTEyMjYxMTQ3MDdaMDMxMTAvBgNV
BAMTKDY3RUMzN0UxNkMwQzlCNzZBMDRCNTAyQTk4REREQjM2N0QwODJEN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp1IcSQALORJQcXaU5nDThv9JK
TjztNT+yi8bxr8vjOVKiV2aGqCI6dC52aCKs+a4tihczXhiOHxhY2NmN/wzppOC9
7+kZZMoFDbE0SzsqzwU6TBsKdPlqoUJIVz4O/hEmXJDy0yd/hJ2POqoRe9n24foG
t7tC52i7h0IhJJBTeRNCULmPXcsPNzJ300Zr+ZQlrBe6+ei+pfUe7CV6y1RzNZel
T6g65zeS0kBXSfjItrFqzaW10/XPhFwsE/l/76qztLxo4gKF3I9bAHn37dsxW67C
Wpw9yulVafmci4Bfduxi4EvmpBkHV1Dx0SwsnL1Crjnw/455XCXCLviFzQHFAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUZ+w34WwMm3agS1AqmN3bNn0ILXswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMjMxMzMyZTMyMzMz
MjJlMzgzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEANXoVjANBgkqhkiG9w0BAQsFAAOCAQEAO9ABim10M6cUR4OkoN8QRiDB
O5VFBoh5rKV5sD6p1RpQEBxvUFYTGv56VCIKpJkle6/NGXuOY9VgXkJBXbMS48CK
Y0SPfFKjwMZ27PBNFE7WARAWGclxiL/T7f0wBT8JwvKJeA7Msyy1aaXyaWOCTRy6
plf48jpLsqkCksrvbO4Sc9yUfcW471DsRrZI5NdSedVvlMJ5AUxVSaOyODiPnt3D
VfA9TdM9vIaUMX9lF/ivk7/+ALZCqEA/uU3+kjmolt9GY5DQEVRwssZP24ANZdMg
Uipf1MLyHqFzlWDVCiz9Si6DoDjJk4XCgOK7WcFc/RONNQlZn+9fDINdG4jKyA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:59:46 2025 by rpki-client