Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33372e3134302e3234362e302f32342d3234203d3e20323031333431.roa
File: 33372e3134302e3234362e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: 5Og2gz4rXLfDAH1xmZXoYiIMdTs5aaWPdfpHDFnStG4=
Subject key identifier: 30:5D:8D:1D:79:4C:F6:37:B4:27:19:03:1E:51:CB:F7:4A:C1:24:64
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1D8516085A4958CC933F5C8C984B3E7D45AF14BF
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33372e3134302e3234362e302f32342d3234203d3e20323031333431.roa
Signing time: Thu 21 Nov 2024 16:44:20 +0000
ROA not before: Thu 21 Nov 2024 16:39:20 +0000
ROA not after: Thu 20 Nov 2025 16:44:20 +0000
asID: 201341
IP address blocks: 37.140.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:85:16:08:5a:49:58:cc:93:3f:5c:8c:98:4b:3e:7d:45:af:14:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 21 16:39:20 2024 GMT
Not After : Nov 20 16:44:20 2025 GMT
Subject: CN=305D8D1D794CF637B42719031E51CBF74AC12464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fe:b2:90:ce:1b:fd:91:e7:cf:1c:99:1a:50:
ec:b2:8d:5e:1f:b9:64:2f:4e:fe:29:c7:e1:89:42:
a2:f9:45:1a:0f:f5:47:50:74:4b:d5:be:9a:48:88:
93:14:d1:12:f4:d6:5f:11:e3:26:a7:43:72:fe:9f:
1d:93:e4:17:83:be:4b:86:00:a1:33:5b:2d:50:5c:
6b:a1:e0:d7:22:f8:34:a4:69:82:d3:c0:7c:7e:02:
d5:d0:e9:48:f1:24:90:ac:84:16:17:a4:93:41:91:
ef:0e:8e:8a:fa:ea:84:b8:9b:38:ba:92:f9:ed:f5:
f4:59:9e:e5:a3:7c:f2:3e:02:84:aa:56:fa:3b:3b:
fa:5a:79:19:ab:d7:bc:a4:cf:d8:dd:69:50:c1:08:
bb:1b:11:63:a3:2b:c3:9c:a8:3a:cb:6d:27:9f:d9:
a6:d1:95:5b:b4:9d:25:44:ac:44:0c:a4:d2:bf:d3:
43:ef:82:55:57:fb:a0:6e:aa:7b:1e:3a:af:bd:17:
7a:c7:71:3a:4e:75:bc:0b:9f:22:c6:af:31:2b:f0:
b9:c1:f9:f2:5f:56:ae:36:d7:c8:db:a9:eb:fa:25:
ae:d5:fe:3c:1e:e0:bf:f1:f9:c5:b2:74:90:79:d8:
e5:cc:6e:4e:7c:57:13:78:59:42:a5:11:95:8a:e0:
55:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:5D:8D:1D:79:4C:F6:37:B4:27:19:03:1E:51:CB:F7:4A:C1:24:64
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33372e3134302e3234362e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.246.0/24
Signature Algorithm: sha256WithRSAEncryption
04:66:6e:63:ac:20:c2:5a:90:36:51:7c:3e:fd:db:cc:ad:b2:
8d:03:f5:aa:b9:2f:89:0f:a6:a0:ce:1a:2f:16:19:1b:d9:ec:
a4:28:a3:a2:a3:be:4d:db:bf:3a:84:31:df:ed:18:b9:70:80:
9f:86:9f:e9:19:34:34:fa:b1:ce:3e:6b:23:be:c5:49:51:e6:
8c:5b:91:2d:64:fe:55:05:85:0d:95:31:e6:51:05:f7:50:ee:
18:7b:0e:85:9f:05:94:5f:58:5c:c5:ee:c1:98:76:a3:a9:54:
40:02:48:f0:90:8f:da:75:2b:16:ec:fa:c0:10:69:d9:92:85:
db:c3:48:e3:f2:43:05:01:10:f3:7b:04:43:a8:df:cd:62:12:
a0:7e:0a:be:c3:7b:43:9f:fd:3e:60:ee:40:3a:7d:e9:8d:98:
c7:39:90:bb:a5:7e:66:16:42:b4:93:d7:39:4c:b9:95:32:c5:
37:73:fa:ea:21:c2:5e:12:4f:11:3f:01:1c:b5:1a:ed:e5:f9:
3b:a7:83:00:9d:e5:f9:a4:45:71:8c:23:e5:cf:72:89:b0:2a:
59:c2:99:e7:d0:4a:c5:59:c6:4e:ca:6e:06:39:6e:5b:9c:9c:
37:2a:46:6e:7d:f0:4a:7b:c9:0a:ae:01:37:db:dd:2d:ad:3c:
51:40:a4:2e
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUHYUWCFpJWMyTP1yMmEs+fUWvFL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDExMjExNjM5MjBaFw0yNTExMjAxNjQ0MjBaMDMxMTAvBgNV
BAMTKDMwNUQ4RDFENzk0Q0Y2MzdCNDI3MTkwMzFFNTFDQkY3NEFDMTI0NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc/rKQzhv9kefPHJkaUOyyjV4f
uWQvTv4px+GJQqL5RRoP9UdQdEvVvppIiJMU0RL01l8R4yanQ3L+nx2T5BeDvkuG
AKEzWy1QXGuh4Nci+DSkaYLTwHx+AtXQ6UjxJJCshBYXpJNBke8Ojor66oS4mzi6
kvnt9fRZnuWjfPI+AoSqVvo7O/paeRmr17ykz9jdaVDBCLsbEWOjK8OcqDrLbSef
2abRlVu0nSVErEQMpNK/00PvglVX+6BuqnseOq+9F3rHcTpOdbwLnyLGrzEr8LnB
+fJfVq4218jbqev6Ja7V/jwe4L/x+cWydJB52OXMbk58VxN4WUKlEZWK4FWfAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUMF2NHXlM9je0JxkDHlHL90rBJGQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzM3MmUzMTM0MzAy
ZTMyMzQzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMTMzMzQzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEACWM9jANBgkqhkiG9w0BAQsFAAOCAQEABGZuY6wgwlqQNlF8Pv3bzK2y
jQP1qrkviQ+moM4aLxYZG9nspCijoqO+Tdu/OoQx3+0YuXCAn4af6Rk0NPqxzj5r
I77FSVHmjFuRLWT+VQWFDZUx5lEF91DuGHsOhZ8FlF9YXMXuwZh2o6lUQAJI8JCP
2nUrFuz6wBBp2ZKF28NI4/JDBQEQ83sEQ6jfzWISoH4KvsN7Q5/9PmDuQDp96Y2Y
xzmQu6V+ZhZCtJPXOUy5lTLFN3P66iHCXhJPET8BHLUa7eX5O6eDAJ3l+aRFcYwj
5c9yibAqWcKZ59BKxVnGTspuBjluW5ycNypGbn3wSnvJCq4BN9vdLa08UUCkLg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:21 2024 by rpki-client on console-ams.rpki-client.org