Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203538323132.roa
File: 33312e34302e3231322e302f32342d3234203d3e203538323132.roa (raw, json)
Hash identifier: CXves1lk0B7fGahTp1jBeTrhDFqLk4IFDRcq5iQ12KA=
Subject key identifier: 64:4A:64:98:8F:77:A1:C0:30:A0:A8:46:1D:66:95:7E:18:27:93:1F
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 249F8214B991F3A7FD9A87C21E1C2BC718B9D640
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203538323132.roa
Signing time: Fri 27 Dec 2024 11:47:18 +0000
ROA not before: Fri 27 Dec 2024 11:42:18 +0000
ROA not after: Fri 26 Dec 2025 11:47:18 +0000
asID: 58212
IP address blocks: 31.40.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 12:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:9f:82:14:b9:91:f3:a7:fd:9a:87:c2:1e:1c:2b:c7:18:b9:d6:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:18 2024 GMT
Not After : Dec 26 11:47:18 2025 GMT
Subject: CN=644A64988F77A1C030A0A8461D66957E1827931F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9a:84:27:fa:89:82:9d:ed:4b:73:87:54:19:
a0:5a:f2:fa:f3:b1:f5:6b:81:d1:5c:b6:e8:98:b4:
b7:a9:b3:c4:70:de:e6:3e:43:91:07:21:e7:20:50:
d5:a8:5d:12:b8:81:31:08:1b:00:33:96:7c:19:ea:
7a:09:be:97:90:7d:7a:b5:b2:1a:d0:8d:08:e7:42:
09:dd:b9:5e:2e:91:de:78:b7:5f:c5:c4:9e:5b:76:
12:d1:34:ed:97:fb:2d:23:56:37:7f:ac:32:ae:be:
c0:bd:b8:dc:ac:1b:9f:2b:d8:d3:9e:89:a5:bd:42:
f2:44:61:bb:5f:23:3d:7e:af:a6:52:38:2d:03:60:
6a:27:00:aa:cf:c2:a7:b4:20:1e:1c:30:07:cc:c5:
c5:9d:cd:3e:9b:3d:b6:59:dd:2e:ae:6c:b4:16:69:
6e:48:0c:bc:9c:2c:82:3c:51:02:ce:c4:f4:96:35:
15:90:6a:79:01:82:7f:b8:74:5d:6b:c3:f2:80:72:
e9:96:eb:14:af:21:ee:ef:4d:fc:21:f7:1a:c5:63:
1d:70:e3:f2:44:4c:9e:45:e6:e4:54:65:9e:bb:a1:
ed:96:c1:16:62:a3:c9:05:5f:94:ff:b4:c8:8f:5a:
07:d5:bb:76:86:e3:dc:cc:54:a8:bb:ac:ac:5a:df:
41:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:4A:64:98:8F:77:A1:C0:30:A0:A8:46:1D:66:95:7E:18:27:93:1F
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203538323132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.212.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b9:ff:ae:e5:3e:04:e8:bc:d1:75:a0:0c:1c:68:1f:7c:d9:
fb:7c:74:5d:6e:ff:57:3f:d0:93:b8:fd:83:b7:32:86:38:e5:
45:b0:fb:1e:96:b8:96:f7:38:c2:64:c9:ec:2c:33:ac:3f:5f:
b5:f9:a4:00:9d:94:3b:43:23:7c:bf:61:46:c8:82:52:c7:87:
e9:e1:b7:35:9c:33:bd:82:9a:af:c7:37:68:42:bc:35:62:bc:
c6:66:8e:7b:22:62:5a:1a:92:6b:d3:72:1b:6b:f3:17:09:91:
6e:8e:11:cd:20:09:79:fd:5e:39:35:5b:b1:93:82:20:b5:18:
c8:fd:1c:de:a1:db:63:dd:38:1a:40:43:2f:f0:12:d4:c5:71:
68:fa:35:aa:c2:2e:e4:f6:17:79:59:43:91:ed:ab:e9:3c:83:
d8:ef:7d:99:d5:41:87:53:58:e3:e5:cd:96:78:1a:f4:c3:e7:
a6:8e:a5:c8:18:3f:af:ac:43:a6:00:2c:eb:e5:c0:a1:a6:30:
0f:6e:55:0f:12:f8:8d:31:a5:92:db:56:a2:28:8d:ec:dc:1d:
1f:ec:50:72:a0:ea:d8:10:5a:b9:27:bf:09:9a:69:39:0c:c0:
12:72:14:41:88:ce:68:2a:7e:56:17:d9:23:f9:20:48:65:a7:
1b:8d:68:fa
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUJJ+CFLmR86f9mofCHhwrxxi51kAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMThaFw0yNTEyMjYxMTQ3MThaMDMxMTAvBgNV
BAMTKDY0NEE2NDk4OEY3N0ExQzAzMEEwQTg0NjFENjY5NTdFMTgyNzkzMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNmoQn+omCne1Lc4dUGaBa8vrz
sfVrgdFctuiYtLeps8Rw3uY+Q5EHIecgUNWoXRK4gTEIGwAzlnwZ6noJvpeQfXq1
shrQjQjnQgnduV4ukd54t1/FxJ5bdhLRNO2X+y0jVjd/rDKuvsC9uNysG58r2NOe
iaW9QvJEYbtfIz1+r6ZSOC0DYGonAKrPwqe0IB4cMAfMxcWdzT6bPbZZ3S6ubLQW
aW5IDLycLII8UQLOxPSWNRWQankBgn+4dF1rw/KAcumW6xSvIe7vTfwh9xrFYx1w
4/JETJ5F5uRUZZ67oe2WwRZio8kFX5T/tMiPWgfVu3aG49zMVKi7rKxa30GlAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUZEpkmI93ocAwoKhGHWaVfhgnkx8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzMxMmUzNDMwMmUz
MjMxMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzIzMTMyLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAHyjUMA0GCSqGSIb3DQEBCwUAA4IBAQAmuf+u5T4E6LzRdaAMHGgffNn7fHRd
bv9XP9CTuP2DtzKGOOVFsPselriW9zjCZMnsLDOsP1+1+aQAnZQ7QyN8v2FGyIJS
x4fp4bc1nDO9gpqvxzdoQrw1YrzGZo57ImJaGpJr03Iba/MXCZFujhHNIAl5/V45
NVuxk4IgtRjI/Rzeodtj3TgaQEMv8BLUxXFo+jWqwi7k9hd5WUOR7avpPIPY732Z
1UGHU1jj5c2WeBr0w+emjqXIGD+vrEOmACzr5cChpjAPblUPEviNMaWS21aiKI3s
3B0f7FByoOrYEFq5J78Jmmk5DMASchRBiM5oKn5WF9kj+SBIZacbjWj6
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:53:57 2025 by rpki-client