Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203432383938.roa
File: 33312e34302e3231322e302f32342d3234203d3e203432383938.roa (raw, json)
Hash identifier: p4tgZjXSwQVuRZx5w5a7it38RcC9Dagd4M9HwELmsNQ=
Subject key identifier: CD:E3:57:CE:D7:6D:67:F3:15:D3:FA:66:8D:88:B4:D5:0C:02:CA:D9
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 24985464E14F2005C53459D1000422B11C492535
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203432383938.roa
Signing time: Fri 27 Dec 2024 11:47:25 +0000
ROA not before: Fri 27 Dec 2024 11:42:25 +0000
ROA not after: Fri 26 Dec 2025 11:47:25 +0000
asID: 42898
IP address blocks: 31.40.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:98:54:64:e1:4f:20:05:c5:34:59:d1:00:04:22:b1:1c:49:25:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:25 2024 GMT
Not After : Dec 26 11:47:25 2025 GMT
Subject: CN=CDE357CED76D67F315D3FA668D88B4D50C02CAD9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:84:dd:85:36:2c:6d:4d:26:18:bb:4e:42:f8:
31:0d:c1:23:e0:da:f7:d3:f3:dd:15:6b:2a:a2:c7:
fa:19:8c:6d:90:ca:a8:5f:ac:3b:4e:f1:3f:55:8f:
2b:cc:86:15:8e:f0:0a:92:2f:7a:71:ef:06:2c:fa:
d2:45:39:9e:30:9c:a9:69:8a:02:e6:b3:5e:2b:95:
d4:12:eb:63:5c:3a:c8:0a:f8:11:c3:ef:90:06:4c:
8d:61:b6:09:e8:45:11:e9:0c:7d:b8:c6:7d:83:66:
3f:b7:be:a9:4a:3e:68:2d:a7:94:e7:86:24:a2:ce:
57:02:de:68:13:85:78:fb:cf:f9:c8:c9:1e:7b:ca:
b9:b7:67:4d:17:0c:a2:a3:bd:3a:f0:9a:89:9c:b0:
53:d0:22:9a:26:dc:4d:1b:a9:fd:cc:08:8a:a7:c6:
d7:2e:9e:80:26:4f:fb:33:74:2c:85:82:39:33:f1:
f5:fd:65:00:86:9b:51:15:37:2e:03:d7:f0:af:cd:
2d:f8:d0:89:75:e4:51:9b:7a:07:cb:9a:75:80:7f:
ee:95:66:f0:cd:d3:f6:7d:74:b4:dc:d9:b0:d7:3b:
73:8c:1c:5c:ef:e7:f9:b7:0b:a7:51:1f:b4:19:65:
5e:ce:03:2f:04:9a:41:86:3d:9a:a0:19:7d:b8:e7:
00:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:E3:57:CE:D7:6D:67:F3:15:D3:FA:66:8D:88:B4:D5:0C:02:CA:D9
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203432383938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.212.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:91:de:30:0a:35:d1:45:d2:a2:5c:17:8d:6d:d3:4b:d1:5d:
d9:01:75:f5:c5:98:87:91:e3:e8:4c:1a:cb:05:61:bf:95:69:
a6:8d:06:0c:cb:44:ae:d8:fd:83:c9:4b:de:c9:86:7f:ab:98:
10:25:77:e0:98:6b:25:2d:58:3f:96:49:f7:4a:69:d1:cc:01:
c5:11:cd:91:51:a6:79:4f:01:6e:81:e5:8b:c0:54:0a:79:f4:
59:40:41:b3:d7:69:00:2d:04:3a:36:60:92:fa:d8:b8:62:1d:
7f:a7:a9:13:c0:2a:00:dd:55:1a:8b:72:5d:2f:a0:42:85:84:
54:df:0d:4b:62:79:3a:87:a3:b7:c3:81:78:06:78:6c:ed:2e:
1a:31:3c:10:a0:92:8c:a5:e1:ea:f0:05:ec:18:51:8e:14:75:
f2:63:a2:66:09:57:ca:fd:dd:41:57:13:88:ca:9d:02:1c:cd:
e8:e2:88:c9:ee:1b:39:aa:3d:bb:9d:30:5a:5a:8f:a3:6f:4f:
76:5e:7a:01:bf:93:04:04:dd:6e:a8:20:a2:4f:7c:22:c0:65:
5f:75:20:3f:d2:df:b9:f2:11:c9:ec:5e:95:64:ed:e6:95:b9:
23:c7:3c:f3:af:4b:7d:2c:ce:a9:13:be:e7:fc:59:1c:68:06:
bd:cd:59:7c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUJJhUZOFPIAXFNFnRAAQisRxJJTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjVaFw0yNTEyMjYxMTQ3MjVaMDMxMTAvBgNV
BAMTKENERTM1N0NFRDc2RDY3RjMxNUQzRkE2NjhEODhCNEQ1MEMwMkNBRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7hN2FNixtTSYYu05C+DENwSPg
2vfT890Vayqix/oZjG2QyqhfrDtO8T9VjyvMhhWO8AqSL3px7wYs+tJFOZ4wnKlp
igLms14rldQS62NcOsgK+BHD75AGTI1htgnoRRHpDH24xn2DZj+3vqlKPmgtp5Tn
hiSizlcC3mgThXj7z/nIyR57yrm3Z00XDKKjvTrwmomcsFPQIpom3E0bqf3MCIqn
xtcunoAmT/szdCyFgjkz8fX9ZQCGm1EVNy4D1/CvzS340Il15FGbegfLmnWAf+6V
ZvDN0/Z9dLTc2bDXO3OMHFzv5/m3C6dRH7QZZV7OAy8EmkGGPZqgGX245wBPAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUzeNXztdtZ/MV0/pmjYi01QwCytkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzMxMmUzNDMwMmUz
MjMxMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzgzOTM4LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAHyjUMA0GCSqGSIb3DQEBCwUAA4IBAQAakd4wCjXRRdKiXBeNbdNL0V3ZAXX1
xZiHkePoTBrLBWG/lWmmjQYMy0Su2P2DyUveyYZ/q5gQJXfgmGslLVg/lkn3SmnR
zAHFEc2RUaZ5TwFugeWLwFQKefRZQEGz12kALQQ6NmCS+ti4Yh1/p6kTwCoA3VUa
i3JdL6BChYRU3w1LYnk6h6O3w4F4Bnhs7S4aMTwQoJKMpeHq8AXsGFGOFHXyY6Jm
CVfK/d1BVxOIyp0CHM3o4ojJ7hs5qj27nTBaWo+jb092XnoBv5MEBN1uqCCiT3wi
wGVfdSA/0t+58hHJ7F6VZO3mlbkjxzzzr0t9LM6pE77n/FkcaAa9zVl8
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:40:57 2025 by rpki-client