Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3233322e38372e302f32342d3234203d3e20313336373837.roa
File: 3231332e3233322e38372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ZPS6PGOiAb7X7nfN/mbhUgZMPE4NLSXSIq5qJhGZwOY=
Subject key identifier: 06:B0:1E:3F:DF:6B:6C:69:D3:25:9A:D4:48:51:06:1C:05:FE:16:D3
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4D8F52FB5EE293B3A7A1F892CD7A45644F7AF456
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3233322e38372e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:07 +0000
ROA not before: Fri 27 Dec 2024 11:42:07 +0000
ROA not after: Fri 26 Dec 2025 11:47:07 +0000
asID: 136787
IP address blocks: 213.232.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:8f:52:fb:5e:e2:93:b3:a7:a1:f8:92:cd:7a:45:64:4f:7a:f4:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:07 2024 GMT
Not After : Dec 26 11:47:07 2025 GMT
Subject: CN=06B01E3FDF6B6C69D3259AD44851061C05FE16D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0d:5a:01:13:6a:e5:f1:ff:c5:fd:76:5c:32:
ba:09:17:c6:45:45:b6:11:2b:7d:93:66:3e:23:80:
f6:60:1e:ae:3f:78:0c:cd:43:31:3f:74:1b:37:e3:
25:84:28:28:d8:a4:17:33:3d:74:61:29:55:73:d1:
bf:4d:d4:9c:b8:27:a0:f5:0b:f5:94:52:c2:31:98:
c2:37:9f:57:52:ee:c6:53:90:bb:8a:a0:65:9c:db:
c9:a6:03:86:25:27:44:84:f6:6a:c7:40:5b:d1:1d:
92:5b:2f:96:c2:e8:62:32:a8:ec:08:09:95:83:a4:
6a:99:7b:f2:48:43:91:3e:ed:41:35:40:df:7b:23:
b7:10:9a:b1:bf:9c:04:0d:3f:a4:4c:68:b3:8c:ab:
8c:69:d9:69:85:57:39:cf:cd:12:5d:fd:a1:15:0d:
11:b0:af:04:2a:27:86:b4:68:ad:ed:fc:b1:0a:9e:
e6:72:8e:fd:a9:b1:03:4e:63:5d:4a:7e:61:e6:0b:
ab:0e:c3:19:68:41:2a:6a:ac:71:5d:62:3b:03:47:
15:ac:13:a1:2d:fd:00:c8:83:ce:43:71:67:c1:97:
e0:99:11:aa:50:a6:df:48:6c:61:76:2f:f0:b1:42:
45:8f:85:d0:66:86:be:8d:0d:23:cc:79:87:6e:1e:
f2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B0:1E:3F:DF:6B:6C:69:D3:25:9A:D4:48:51:06:1C:05:FE:16:D3
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3233322e38372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.87.0/24
Signature Algorithm: sha256WithRSAEncryption
af:79:86:ed:79:a6:d6:5d:50:6d:88:90:94:c5:cd:ed:c2:a4:
33:43:f6:0a:ce:2a:c0:88:31:03:ab:55:31:97:6e:e2:5e:b5:
15:ab:04:53:e0:0a:df:13:d8:2a:95:9e:3d:ad:43:c9:84:27:
c4:36:cc:c3:ad:3a:5d:a0:ae:f6:3a:8f:7d:09:d1:17:2a:07:
f8:cb:c9:40:d8:f9:8c:24:4b:cd:df:af:d5:fe:39:c4:57:cd:
be:94:80:35:5c:eb:0f:1b:86:08:cd:bd:a7:12:66:dc:5b:63:
09:90:95:6a:1a:7e:91:a6:21:0a:e3:3a:61:3d:f1:10:70:2f:
41:00:0f:d3:e4:30:5c:04:1d:d7:3a:3f:13:1a:52:a5:2c:74:
41:c9:a9:ac:9b:47:07:54:ef:f0:02:df:5a:88:39:17:4e:18:
d2:12:47:e1:3d:62:a0:ce:25:42:ed:fb:92:63:f8:bb:c2:ec:
3d:34:31:9b:f5:b2:65:fa:64:29:0a:0a:50:79:c9:b2:90:be:
27:88:0c:45:1c:51:ed:8c:2b:df:48:a0:09:c0:05:6f:57:7e:
e6:bd:d7:df:f7:78:59:50:8f:06:66:21:eb:0c:06:8a:8b:28:
1e:7d:6f:31:1e:ee:6b:d0:23:52:c5:ac:19:6f:b3:8d:64:1e:
32:dc:37:dd
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUTY9S+17ik7OnofiSzXpFZE969FYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMDdaFw0yNTEyMjYxMTQ3MDdaMDMxMTAvBgNV
BAMTKDA2QjAxRTNGREY2QjZDNjlEMzI1OUFENDQ4NTEwNjFDMDVGRTE2RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3DVoBE2rl8f/F/XZcMroJF8ZF
RbYRK32TZj4jgPZgHq4/eAzNQzE/dBs34yWEKCjYpBczPXRhKVVz0b9N1Jy4J6D1
C/WUUsIxmMI3n1dS7sZTkLuKoGWc28mmA4YlJ0SE9mrHQFvRHZJbL5bC6GIyqOwI
CZWDpGqZe/JIQ5E+7UE1QN97I7cQmrG/nAQNP6RMaLOMq4xp2WmFVznPzRJd/aEV
DRGwrwQqJ4a0aK3t/LEKnuZyjv2psQNOY11KfmHmC6sOwxloQSpqrHFdYjsDRxWs
E6Et/QDIg85DcWfBl+CZEapQpt9IbGF2L/CxQkWPhdBmhr6NDSPMeYduHvLXAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUBrAeP99rbGnTJZrUSFEGHAX+FtMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMjMxMzMyZTMyMzMz
MjJlMzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEANXoVzANBgkqhkiG9w0BAQsFAAOCAQEAr3mG7Xmm1l1QbYiQlMXN7cKk
M0P2Cs4qwIgxA6tVMZdu4l61FasEU+AK3xPYKpWePa1DyYQnxDbMw606XaCu9jqP
fQnRFyoH+MvJQNj5jCRLzd+v1f45xFfNvpSANVzrDxuGCM29pxJm3FtjCZCVahp+
kaYhCuM6YT3xEHAvQQAP0+QwXAQd1zo/ExpSpSx0QcmprJtHB1Tv8ALfWog5F04Y
0hJH4T1ioM4lQu37kmP4u8LsPTQxm/WyZfpkKQoKUHnJspC+J4gMRRxR7Ywr30ig
CcAFb1d+5r3X3/d4WVCPBmYh6wwGiosoHn1vMR7ua9AjUsWsGW+zjWQeMtw33Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:28:35 2025 by rpki-client