Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135322e302f32342d3234203d3e20313336373837.roa
File: 34352e31302e3135322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: EagXW8/tnSr9a31f4FsiO9rNHCMCq9gSR816r5a2jzI=
Subject key identifier: 6D:AD:FC:4B:05:3C:EF:68:C4:EB:D0:A2:BD:38:31:3E:47:68:9F:EE
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 30F5A2358CE06ACE200C4D3194AB39ADAB6AFC3F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135322e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:20 +0000
ROA not before: Fri 27 Dec 2024 11:42:20 +0000
ROA not after: Fri 26 Dec 2025 11:47:20 +0000
asID: 136787
IP address blocks: 45.10.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:f5:a2:35:8c:e0:6a:ce:20:0c:4d:31:94:ab:39:ad:ab:6a:fc:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:20 2024 GMT
Not After : Dec 26 11:47:20 2025 GMT
Subject: CN=6DADFC4B053CEF68C4EBD0A2BD38313E47689FEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:df:d4:36:92:bd:91:9d:ca:c5:61:2f:2b:40:
69:d6:43:35:23:cb:9b:4f:ec:51:ee:05:0d:a2:ad:
6e:43:ef:6b:08:d7:38:43:77:bc:45:0b:0c:9e:3e:
76:c1:ca:fe:05:04:be:ea:ee:3a:c2:7f:d0:00:ef:
e6:07:91:35:52:d7:6d:a6:82:13:74:cb:4d:63:55:
9c:50:8e:18:b1:fb:62:e7:ef:14:fd:89:ff:87:6e:
4e:db:56:1e:0c:1b:4f:03:ae:f7:f2:ea:0a:d2:67:
0f:be:a3:ea:5f:cd:f5:3c:92:ab:da:7e:87:7f:f4:
e9:88:28:31:23:fd:4c:a9:a6:1d:9a:33:e6:85:ac:
5c:66:c4:a0:6f:d4:ab:61:68:2a:67:f6:10:91:15:
da:d1:7d:e4:ca:0b:dc:56:8b:75:80:e5:6b:8d:02:
f2:e4:14:ea:db:8a:3d:ab:ea:46:60:5c:f2:d4:fd:
0a:72:48:2b:54:81:9f:f0:27:97:b3:3f:82:43:39:
6a:40:fc:4e:4e:04:c8:9d:a3:95:12:45:3c:8d:7c:
e7:4e:4e:a6:5f:d0:7b:89:6f:f3:fa:4b:28:72:48:
80:56:2b:b8:72:fb:f5:a8:90:8a:47:f5:f5:06:02:
16:bb:74:79:fd:ef:9f:f1:52:91:d3:c7:3a:f2:7a:
cd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AD:FC:4B:05:3C:EF:68:C4:EB:D0:A2:BD:38:31:3E:47:68:9F:EE
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.152.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:59:5e:7a:ff:89:16:47:71:1f:96:ae:45:1c:39:e9:0c:09:
bb:21:02:00:08:a8:c1:7e:5d:de:7a:9e:c1:3f:a4:b5:39:07:
43:71:ee:49:31:39:ae:e8:a6:f8:04:05:05:18:0d:08:10:9f:
9a:1d:e5:86:cb:63:5f:f8:9b:9b:13:8f:cc:4e:69:d1:a9:26:
73:0a:20:64:c9:1c:49:34:4d:01:ec:c3:1c:71:6b:2f:04:c5:
47:ab:df:57:fd:ec:55:f1:e9:a7:5f:0a:78:84:e0:98:6a:4d:
bd:7c:78:2e:ad:7f:e3:a5:64:dd:e0:6d:34:f1:79:72:27:d3:
60:60:70:58:b7:1e:b7:bb:e5:db:30:16:7f:3f:97:0d:19:3f:
7f:ef:aa:86:86:5e:76:24:30:c0:97:0c:01:ba:d0:49:2b:97:
eb:95:a3:31:48:87:81:28:c4:01:be:9f:47:fa:2c:1a:59:99:
e0:3e:dc:07:bf:db:e3:3b:be:b1:20:14:5d:11:74:85:38:a0:
52:2d:ce:58:21:a1:17:ef:dc:4e:e5:63:cd:77:42:24:72:6f:
d6:5e:06:ec:de:a5:ec:10:00:be:38:a8:57:49:f6:5e:b4:05:
3f:c6:7e:c5:29:85:98:d4:5a:13:03:08:a0:87:dc:96:d2:5e:
02:96:f7:a4
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUMPWiNYzgas4gDE0xlKs5ratq/D8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjBaFw0yNTEyMjYxMTQ3MjBaMDMxMTAvBgNV
BAMTKDZEQURGQzRCMDUzQ0VGNjhDNEVCRDBBMkJEMzgzMTNFNDc2ODlGRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS39Q2kr2RncrFYS8rQGnWQzUj
y5tP7FHuBQ2irW5D72sI1zhDd7xFCwyePnbByv4FBL7q7jrCf9AA7+YHkTVS122m
ghN0y01jVZxQjhix+2Ln7xT9if+Hbk7bVh4MG08Drvfy6grSZw++o+pfzfU8kqva
fod/9OmIKDEj/Uypph2aM+aFrFxmxKBv1KthaCpn9hCRFdrRfeTKC9xWi3WA5WuN
AvLkFOrbij2r6kZgXPLU/QpySCtUgZ/wJ5ezP4JDOWpA/E5OBMido5USRTyNfOdO
TqZf0HuJb/P6SyhySIBWK7hy+/WokIpH9fUGAha7dHn975/xUpHTxzryes3bAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUba38SwU872jE69CivTgxPkdon+4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMwMmUz
MTM1MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtCpgwDQYJKoZIhvcNAQELBQADggEBAHpZXnr/iRZHcR+WrkUcOekMCbsh
AgAIqMF+Xd56nsE/pLU5B0Nx7kkxOa7opvgEBQUYDQgQn5od5YbLY1/4m5sTj8xO
adGpJnMKIGTJHEk0TQHswxxxay8ExUer31f97FXx6adfCniE4JhqTb18eC6tf+Ol
ZN3gbTTxeXIn02BgcFi3Hre75dswFn8/lw0ZP3/vqoaGXnYkMMCXDAG60Ekrl+uV
ozFIh4EoxAG+n0f6LBpZmeA+3Ae/2+M7vrEgFF0RdIU4oFItzlghoRfv3E7lY813
QiRyb9ZeBuzepewQAL44qFdJ9l60BT/GfsUphZjUWhMDCKCH3JbSXgKW96Q=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:54:16 2025 by rpki-client