Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203431393434.roa
File: 33312e34302e3231322e302f32342d3234203d3e203431393434.roa (raw, json)
Hash identifier: vkzuxUwK3CChkPTPMO0q/IBGHey36brTqL+3jjN0D2I=
Subject key identifier: 73:E6:87:E7:FE:C7:5E:31:E2:95:ED:B5:EB:B2:47:2A:9E:2D:F4:F2
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2BE3ED99F0406E41EF4C9F827FF38CCEF0852EE4
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203431393434.roa
Signing time: Fri 27 Dec 2024 11:47:29 +0000
ROA not before: Fri 27 Dec 2024 11:42:29 +0000
ROA not after: Fri 26 Dec 2025 11:47:29 +0000
asID: 41944
IP address blocks: 31.40.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:e3:ed:99:f0:40:6e:41:ef:4c:9f:82:7f:f3:8c:ce:f0:85:2e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:29 2024 GMT
Not After : Dec 26 11:47:29 2025 GMT
Subject: CN=73E687E7FEC75E31E295EDB5EBB2472A9E2DF4F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:56:0b:ac:6c:a0:43:a0:2b:03:ab:87:6a:c8:
53:38:bc:be:44:74:fa:32:f0:52:72:cb:2a:97:c3:
19:86:3b:37:4e:f4:3f:27:c8:ed:83:42:cd:6d:9e:
d9:0a:6e:80:62:77:89:73:56:11:6f:41:44:f8:a8:
1e:c6:1e:bd:03:08:4c:af:83:33:16:37:60:37:ae:
65:2d:c0:1e:47:a3:4b:12:e6:13:3d:10:15:2b:07:
f5:a4:4c:0a:0d:0d:14:80:1c:4a:ca:65:32:3e:af:
d2:81:86:ef:f2:ed:48:9c:16:5c:8c:13:21:4a:c7:
14:91:7d:53:bb:10:13:f7:b0:74:19:93:cb:88:7b:
12:80:68:6c:ae:43:bf:24:1b:5a:a4:4a:65:25:c9:
df:81:f0:20:b1:a1:4d:03:83:2a:19:0a:1d:41:67:
57:a5:69:53:8d:c8:13:5f:49:0b:03:05:df:12:ee:
e5:41:58:16:3d:e3:1f:b7:b2:4b:c9:f9:38:2a:2e:
19:ab:78:a2:45:02:86:f3:ee:d1:85:47:9f:da:15:
e4:ee:2a:34:1c:c7:5b:5c:d1:c5:2e:cf:85:6d:07:
cb:3e:49:eb:bc:bd:af:f6:25:12:09:2c:36:31:1c:
e4:81:94:27:c6:a2:14:eb:75:74:8b:f5:34:34:57:
37:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E6:87:E7:FE:C7:5E:31:E2:95:ED:B5:EB:B2:47:2A:9E:2D:F4:F2
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203431393434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.212.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:f6:84:84:7e:9f:e7:d1:cc:49:0e:6a:50:cc:76:ab:e9:47:
ad:df:85:93:e7:68:bf:61:ef:27:15:c3:84:a8:37:37:90:5b:
1e:9d:e6:9c:64:8c:eb:a5:31:17:79:e5:89:ed:3e:13:f8:31:
3c:e8:b2:38:d7:28:03:3a:41:33:35:55:1d:d4:e7:dc:56:a7:
08:ad:be:ea:4b:66:5b:b2:52:8d:4f:cf:90:82:e5:c9:17:fe:
40:73:1b:6d:4b:17:96:d6:6a:70:91:6a:24:52:f1:85:e6:b5:
02:4a:ef:d8:83:40:c0:c3:99:8c:e0:ae:1b:84:14:c2:7c:5e:
90:43:c3:1f:b0:a2:c9:04:f6:60:c3:89:46:79:55:d9:85:60:
0f:32:f2:b0:0e:22:43:50:dc:41:7b:30:a1:b3:fa:20:12:e8:
a7:f5:e1:b3:3f:a0:c4:12:1a:b9:74:9e:26:89:3a:11:f5:9a:
22:a5:08:fe:27:1b:be:81:f8:11:f4:e3:81:57:2b:80:22:62:
ae:37:3f:47:3a:1f:4f:16:bd:88:57:98:1e:1f:41:54:35:d9:
8b:c0:fe:f2:d1:2f:85:9b:03:bf:e9:f7:e6:47:00:e3:eb:28:
63:08:6d:0d:39:6f:d3:d4:0e:de:33:c6:f8:e6:99:b9:38:88:
d7:80:8f:d0
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUK+PtmfBAbkHvTJ+Cf/OMzvCFLuQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjlaFw0yNTEyMjYxMTQ3MjlaMDMxMTAvBgNV
BAMTKDczRTY4N0U3RkVDNzVFMzFFMjk1RURCNUVCQjI0NzJBOUUyREY0RjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6VgusbKBDoCsDq4dqyFM4vL5E
dPoy8FJyyyqXwxmGOzdO9D8nyO2DQs1tntkKboBid4lzVhFvQUT4qB7GHr0DCEyv
gzMWN2A3rmUtwB5Ho0sS5hM9EBUrB/WkTAoNDRSAHErKZTI+r9KBhu/y7UicFlyM
EyFKxxSRfVO7EBP3sHQZk8uIexKAaGyuQ78kG1qkSmUlyd+B8CCxoU0DgyoZCh1B
Z1elaVONyBNfSQsDBd8S7uVBWBY94x+3skvJ+TgqLhmreKJFAobz7tGFR5/aFeTu
KjQcx1tc0cUuz4VtB8s+Seu8va/2JRIJLDYxHOSBlCfGohTrdXSL9TQ0VzeJAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUc+aH5/7HXjHile2167JHKp4t9PIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzMxMmUzNDMwMmUz
MjMxMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMxMzkzNDM0LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAHyjUMA0GCSqGSIb3DQEBCwUAA4IBAQAd9oSEfp/n0cxJDmpQzHar6Uet34WT
52i/Ye8nFcOEqDc3kFseneacZIzrpTEXeeWJ7T4T+DE86LI41ygDOkEzNVUd1Ofc
VqcIrb7qS2ZbslKNT8+QguXJF/5AcxttSxeW1mpwkWokUvGF5rUCSu/Yg0DAw5mM
4K4bhBTCfF6QQ8MfsKLJBPZgw4lGeVXZhWAPMvKwDiJDUNxBezChs/ogEuin9eGz
P6DEEhq5dJ4miToR9ZoipQj+Jxu+gfgR9OOBVyuAImKuNz9HOh9PFr2IV5geH0FU
NdmLwP7y0S+FmwO/6ffmRwDj6yhjCG0NOW/T1A7eM8b45pm5OIjXgI/Q
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:54:09 2025 by rpki-client