Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135382e302f32332d3234203d3e203631333137.roa
File: 34352e31302e3135382e302f32332d3234203d3e203631333137.roa (raw, json)
Hash identifier: Pn0AnkfXBndZe2ZT1Y5RnWdP0/ABCcKEd9NX+VLE3U8=
Subject key identifier: 60:65:4F:87:44:14:28:36:41:01:E8:22:E3:07:A6:73:D8:8F:9E:8B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 66E24324EBC582A980D883376766E8453EE06FD8
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135382e302f32332d3234203d3e203631333137.roa
Signing time: Fri 27 Dec 2024 11:47:45 +0000
ROA not before: Fri 27 Dec 2024 11:42:45 +0000
ROA not after: Fri 26 Dec 2025 11:47:45 +0000
asID: 61317
IP address blocks: 45.10.158.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:e2:43:24:eb:c5:82:a9:80:d8:83:37:67:66:e8:45:3e:e0:6f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:45 2024 GMT
Not After : Dec 26 11:47:45 2025 GMT
Subject: CN=60654F87441428364101E822E307A673D88F9E8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0d:a1:c4:7b:c6:8b:51:bf:ab:4a:df:43:5f:
ff:b4:7d:7f:68:61:00:ad:0b:8f:80:32:8d:75:a2:
b2:f4:23:ee:73:e2:c0:5a:7a:79:dc:63:98:47:79:
ad:04:c3:93:8d:e7:f4:31:0f:be:41:28:55:f4:a2:
d2:0d:f6:d7:9c:8e:85:06:64:ae:6e:92:71:a2:38:
3d:00:28:34:c9:04:8e:9a:3e:88:c4:66:3a:c7:e7:
33:22:5b:18:0a:ab:1b:aa:43:30:62:ff:11:75:5d:
9d:87:e5:33:6d:16:b3:f5:a0:09:6a:ff:29:d1:5f:
72:cc:5a:3a:f4:4f:bd:2c:91:37:b8:06:0f:44:73:
85:92:c8:00:27:f6:be:de:c4:d2:5c:a7:d8:4f:b7:
ba:bb:e9:90:d9:2f:76:e3:3d:4a:87:af:8f:59:c3:
5e:08:17:ad:f1:17:da:f8:de:9a:5f:34:c5:c7:59:
9c:98:92:81:d5:2f:25:52:85:b5:36:cb:2d:51:00:
2d:8b:6d:4a:76:5c:cd:70:ec:70:5f:27:cd:47:64:
71:d5:f2:f8:05:2a:5a:e3:61:62:26:57:b6:8e:e2:
18:ac:37:3d:62:c9:09:91:b8:ea:0a:71:ab:f2:96:
c9:8d:20:b0:34:24:1c:09:df:aa:8e:b6:2e:38:39:
8f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:65:4F:87:44:14:28:36:41:01:E8:22:E3:07:A6:73:D8:8F:9E:8B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31302e3135382e302f32332d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.158.0/23
Signature Algorithm: sha256WithRSAEncryption
d5:51:42:b7:75:bb:90:cc:19:54:e7:58:86:03:c3:3d:e5:27:
14:84:ca:92:b0:99:47:16:4e:9a:26:ea:46:43:2a:c3:8f:5a:
06:9b:f1:9c:ce:4e:4d:ad:26:8e:28:63:d7:df:b3:6e:a2:8c:
f2:39:a7:ee:22:ed:ee:df:24:da:55:ff:c8:aa:93:3e:4e:38:
a8:a1:e3:29:1d:6d:1c:fc:e5:72:5a:d7:2c:af:fa:17:c1:fc:
76:9f:72:34:aa:1e:7d:6c:91:c3:32:f4:d9:8f:bf:15:9e:92:
c3:c2:32:7e:bd:cf:b6:75:67:3a:06:b3:60:59:c9:f5:5d:eb:
18:0c:60:68:89:8f:be:79:10:15:c9:49:f7:cc:5f:9e:02:d9:
2b:df:5d:d1:6b:fc:22:29:29:bd:73:74:8e:4d:7a:ee:54:71:
9b:da:ff:46:b6:99:3c:02:02:08:80:01:26:85:3e:04:32:36:
8a:9c:e4:4a:85:25:43:2d:14:66:29:93:22:f0:97:c8:d0:66:
40:5d:e3:df:80:0c:95:dc:62:e4:2e:c3:da:5f:46:10:13:f3:
6d:c9:25:e6:24:0c:b6:2d:46:2f:6d:a7:5f:ef:8a:05:0d:87:
8e:80:7b:57:93:f5:64:59:eb:09:e2:c6:77:76:4b:6e:99:3a:
67:33:c9:09
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUZuJDJOvFgqmA2IM3Z2boRT7gb9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyNDVaFw0yNTEyMjYxMTQ3NDVaMDMxMTAvBgNV
BAMTKDYwNjU0Rjg3NDQxNDI4MzY0MTAxRTgyMkUzMDdBNjczRDg4RjlFOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyDaHEe8aLUb+rSt9DX/+0fX9o
YQCtC4+AMo11orL0I+5z4sBaenncY5hHea0Ew5ON5/QxD75BKFX0otIN9tecjoUG
ZK5uknGiOD0AKDTJBI6aPojEZjrH5zMiWxgKqxuqQzBi/xF1XZ2H5TNtFrP1oAlq
/ynRX3LMWjr0T70skTe4Bg9Ec4WSyAAn9r7exNJcp9hPt7q76ZDZL3bjPUqHr49Z
w14IF63xF9r43ppfNMXHWZyYkoHVLyVShbU2yy1RAC2LbUp2XM1w7HBfJ81HZHHV
8vgFKlrjYWImV7aO4hisNz1iyQmRuOoKcavylsmNILA0JBwJ36qOti44OY89AgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUYGVPh0QUKDZBAegi4wemc9iPnoswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMwMmUz
MTM1MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBLQqeMA0GCSqGSIb3DQEBCwUAA4IBAQDVUUK3dbuQzBlU51iGA8M95ScUhMqS
sJlHFk6aJupGQyrDj1oGm/Gczk5NrSaOKGPX37NuoozyOafuIu3u3yTaVf/IqpM+
TjiooeMpHW0c/OVyWtcsr/oXwfx2n3I0qh59bJHDMvTZj78VnpLDwjJ+vc+2dWc6
BrNgWcn1XesYDGBoiY++eRAVyUn3zF+eAtkr313Ra/wiKSm9c3SOTXruVHGb2v9G
tpk8AgIIgAEmhT4EMjaKnORKhSVDLRRmKZMi8JfI0GZAXePfgAyV3GLkLsPaX0YQ
E/NtySXmJAy2LUYvbadf74oFDYeOgHtXk/VkWesJ4sZ3dktumTpnM8kJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:38:47 2025 by rpki-client