Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e32342e38352e302f32342d3234203d3e20323035363539.roa
File: 33312e32342e38352e302f32342d3234203d3e20323035363539.roa (raw, json)
Hash identifier: bHdXCk0KdrF1j+n56VZKLAN8LaMGmhxtYWZM1B5VcpU=
Subject key identifier: 97:5A:BD:49:FE:8A:64:E0:46:8D:E4:FF:42:F9:00:68:A1:97:F7:E1
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3E6F842EE3B3D04F1102742D302D050E4F5FAE12
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e32342e38352e302f32342d3234203d3e20323035363539.roa
Signing time: Fri 20 Dec 2024 12:56:24 +0000
ROA not before: Fri 20 Dec 2024 12:51:24 +0000
ROA not after: Fri 19 Dec 2025 12:56:24 +0000
asID: 205659
IP address blocks: 31.24.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:6f:84:2e:e3:b3:d0:4f:11:02:74:2d:30:2d:05:0e:4f:5f:ae:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 12:51:24 2024 GMT
Not After : Dec 19 12:56:24 2025 GMT
Subject: CN=975ABD49FE8A64E0468DE4FF42F90068A197F7E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:95:c8:6a:e6:ef:a5:55:b5:af:c1:f6:66:48:
9a:86:7a:47:14:69:26:71:8c:54:e8:3e:7b:2f:e0:
36:3e:00:21:6d:85:f8:58:09:5e:d3:37:69:29:9d:
11:93:6c:58:c7:df:d2:9d:e2:5e:e5:50:17:c4:4d:
22:74:dd:20:47:f2:e0:48:de:09:5d:c9:41:27:f0:
e9:8c:67:ba:95:c0:a8:04:5d:23:45:ab:4c:65:45:
eb:d5:0b:06:3d:6f:2a:f6:4c:0b:57:4e:78:1b:a8:
14:33:f6:72:b5:b1:70:6c:17:70:a9:93:d0:d6:b1:
34:01:3b:54:60:e0:cd:9d:92:17:66:cc:e2:92:09:
e8:af:d0:8b:36:4a:7c:74:b1:54:37:a8:f3:37:9a:
b6:7c:94:32:fc:31:94:79:ab:4a:b4:58:b9:50:c5:
f2:51:9d:54:2f:62:d0:04:01:aa:66:10:f4:71:66:
e7:57:66:f7:25:13:0f:87:16:c1:18:e8:bc:58:79:
ce:f9:d0:50:28:33:52:67:c5:3f:17:84:c2:66:cd:
2d:46:43:08:3a:ae:72:cd:d5:7f:00:f7:a6:17:98:
d6:e8:48:e1:95:f8:0d:7c:55:e6:d4:e1:fc:8f:1a:
9d:67:58:6c:d2:eb:4c:ec:5b:f6:48:cc:d0:e3:f2:
cf:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5A:BD:49:FE:8A:64:E0:46:8D:E4:FF:42:F9:00:68:A1:97:F7:E1
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e32342e38352e302f32342d3234203d3e20323035363539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.85.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:5f:05:97:98:4d:c2:cb:77:b6:15:08:52:5d:7d:c5:ad:ac:
d2:eb:2d:13:56:32:8b:e8:f7:30:4d:bd:c8:29:8b:19:e0:aa:
09:cd:6e:a8:dc:a8:84:ed:0c:b0:42:d3:b8:8e:d4:0e:92:99:
f2:4c:ca:a1:87:47:d5:18:52:d7:1b:e2:66:59:f9:03:c7:30:
c9:3a:85:da:2b:48:95:4a:29:fe:34:43:0f:06:05:8b:36:b3:
e6:db:2d:fc:76:5c:7b:bf:72:f4:9d:b6:73:c5:07:08:b8:c0:
84:35:c9:a1:c1:20:d8:d5:eb:0a:c2:4d:6b:5d:e4:b5:f9:cc:
e0:b9:1c:17:0b:ea:62:82:62:f1:0b:9e:81:4c:d8:b4:69:ea:
7a:7a:26:8e:ab:97:27:03:6b:71:b2:b8:da:bd:82:b6:f0:49:
f1:7b:2b:2d:b2:1c:0e:fd:48:aa:c9:25:8d:c7:5a:50:87:80:
58:ab:50:e5:80:8d:e2:d3:26:07:a7:a1:a2:cd:88:5a:96:25:
91:44:14:5b:7c:17:77:ae:81:d5:50:f0:81:d7:e5:66:8c:33:
6d:75:a7:72:ea:fe:d6:11:32:ad:3d:33:ad:fd:ef:3d:6e:eb:
57:17:be:07:90:8e:d0:a7:7c:cc:6c:8c:b4:b1:8d:ca:b2:97:
92:b8:40:93
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUPm+ELuOz0E8RAnQtMC0FDk9frhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxMjUxMjRaFw0yNTEyMTkxMjU2MjRaMDMxMTAvBgNV
BAMTKDk3NUFCRDQ5RkU4QTY0RTA0NjhERTRGRjQyRjkwMDY4QTE5N0Y3RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNlchq5u+lVbWvwfZmSJqGekcU
aSZxjFToPnsv4DY+ACFthfhYCV7TN2kpnRGTbFjH39Kd4l7lUBfETSJ03SBH8uBI
3gldyUEn8OmMZ7qVwKgEXSNFq0xlRevVCwY9byr2TAtXTngbqBQz9nK1sXBsF3Cp
k9DWsTQBO1Rg4M2dkhdmzOKSCeiv0Is2Snx0sVQ3qPM3mrZ8lDL8MZR5q0q0WLlQ
xfJRnVQvYtAEAapmEPRxZudXZvclEw+HFsEY6LxYec750FAoM1JnxT8XhMJmzS1G
Qwg6rnLN1X8A96YXmNboSOGV+A18VebU4fyPGp1nWGzS60zsW/ZIzNDj8s+3AgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUl1q9Sf6KZOBGjeT/QvkAaKGX9+EwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzMxMmUzMjM0MmUz
ODM1MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM1MzYzNTM5LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAHxhVMA0GCSqGSIb3DQEBCwUAA4IBAQChXwWXmE3Cy3e2FQhSXX3FrazS6y0T
VjKL6PcwTb3IKYsZ4KoJzW6o3KiE7QywQtO4jtQOkpnyTMqhh0fVGFLXG+JmWfkD
xzDJOoXaK0iVSin+NEMPBgWLNrPm2y38dlx7v3L0nbZzxQcIuMCENcmhwSDY1esK
wk1rXeS1+czguRwXC+pigmLxC56BTNi0aep6eiaOq5cnA2txsrjavYK28Enxeyst
shwO/UiqySWNx1pQh4BYq1DlgI3i0yYHp6GizYhaliWRRBRbfBd3roHVUPCB1+Vm
jDNtdady6v7WETKtPTOt/e89butXF74HkI7Qp3zMbIy0sY3KspeSuECT
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:48:54 2025 by rpki-client