Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3132392e33332e302f32342d3234203d3e20323036383034.roa
File: 34352e3132392e33332e302f32342d3234203d3e20323036383034.roa (raw, json)
Hash identifier: YKI6h5kcJ25FonNvKX3ekG0D7pcmrHkVzkpbTfRozPw=
Subject key identifier: 94:47:D2:3C:3D:BC:39:E8:60:6A:4C:D8:03:1B:13:87:BA:3F:88:D0
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2FE4399F714C1633A44F62E9AF87DD091885FE45
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3132392e33332e302f32342d3234203d3e20323036383034.roa
Signing time: Fri 27 Dec 2024 11:47:38 +0000
ROA not before: Fri 27 Dec 2024 11:42:38 +0000
ROA not after: Fri 26 Dec 2025 11:47:38 +0000
asID: 206804
IP address blocks: 45.129.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 09:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:e4:39:9f:71:4c:16:33:a4:4f:62:e9:af:87:dd:09:18:85:fe:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:38 2024 GMT
Not After : Dec 26 11:47:38 2025 GMT
Subject: CN=9447D23C3DBC39E8606A4CD8031B1387BA3F88D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4e:d6:b4:bb:52:db:ef:5c:6b:0d:3a:f9:4d:
0b:90:e5:85:9f:d2:8f:b7:d5:4c:cb:95:91:cd:23:
06:ff:dd:80:7f:8b:af:f7:54:05:6e:b3:60:ce:d2:
ed:1d:f6:68:94:f0:e1:a1:71:88:b0:3a:10:7d:41:
91:b0:7d:1c:88:4f:cb:92:97:59:7d:30:2d:78:8c:
3d:5d:32:75:fe:69:f5:a9:75:94:d7:7a:df:2c:de:
8c:b2:30:1f:b7:50:75:d2:a1:60:13:45:d2:59:0f:
d8:83:7e:4f:f0:3f:a5:68:f0:6f:78:f6:fd:c3:a6:
64:fb:3f:df:b3:ba:b4:e5:77:69:43:94:8f:6e:d7:
c7:60:ab:69:16:a0:15:77:b3:88:97:dd:61:30:8b:
c4:e3:7c:dc:c2:02:b2:0e:b3:d0:97:f5:00:34:19:
fd:eb:d1:66:d0:66:74:43:59:1d:05:17:c6:7a:58:
2f:6c:55:57:76:95:36:6e:29:2f:83:4f:19:13:36:
f6:23:c6:2a:ee:e2:f8:09:40:30:40:03:e9:37:25:
b6:63:ff:a0:29:70:03:b3:77:91:10:0d:67:86:45:
c9:31:ee:70:4d:79:fc:80:71:f4:29:3d:18:23:87:
e0:6a:19:bd:34:b9:04:8c:51:06:ef:75:0d:6f:88:
5b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:47:D2:3C:3D:BC:39:E8:60:6A:4C:D8:03:1B:13:87:BA:3F:88:D0
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3132392e33332e302f32342d3234203d3e20323036383034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.33.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f2:38:5e:e8:2f:31:95:46:77:af:5b:05:9a:89:85:4f:8d:
2e:4e:ce:ba:54:cb:20:17:ac:74:73:7a:8a:e4:5a:04:08:6f:
8d:56:2e:24:84:d8:f0:8d:f3:46:58:4e:90:d4:47:99:77:ac:
d0:d4:1b:26:bd:a8:1a:58:67:fe:93:a3:4a:68:f7:1c:68:8c:
e5:ca:1a:ae:72:40:c0:e0:6a:d6:ad:0c:4c:ca:49:4d:d7:70:
4d:f0:0c:78:fc:c0:a3:e1:2d:b3:bc:62:42:a3:9d:16:b1:26:
aa:00:58:4f:09:68:7a:7a:43:2b:8b:e7:0d:e5:30:6d:c2:23:
4c:a6:11:c5:f4:57:15:0b:3e:7a:df:15:80:b8:c5:5e:9d:0a:
3d:37:f5:1e:e6:e3:4e:35:5c:f5:92:0d:70:3e:64:fa:28:c0:
53:a9:56:5a:45:21:10:b9:6b:8d:ae:a2:3f:19:78:44:78:88:
04:9c:df:a6:ad:00:f9:c5:f3:9a:7c:43:8c:d2:fe:75:e1:08:
af:56:c9:5a:ea:60:97:c6:75:53:13:3b:64:94:d1:b2:52:e7:
1f:dd:2a:2a:d4:7b:82:87:e0:c1:08:0f:3d:15:55:1d:42:2e:
44:98:87:43:73:14:76:dd:ba:32:44:48:8a:75:4e:46:b6:3d:
cb:cc:9e:8b
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUL+Q5n3FMFjOkT2Lpr4fdCRiF/kUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzhaFw0yNTEyMjYxMTQ3MzhaMDMxMTAvBgNV
BAMTKDk0NDdEMjNDM0RCQzM5RTg2MDZBNENEODAzMUIxMzg3QkEzRjg4RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcTta0u1Lb71xrDTr5TQuQ5YWf
0o+31UzLlZHNIwb/3YB/i6/3VAVus2DO0u0d9miU8OGhcYiwOhB9QZGwfRyIT8uS
l1l9MC14jD1dMnX+afWpdZTXet8s3oyyMB+3UHXSoWATRdJZD9iDfk/wP6Vo8G94
9v3DpmT7P9+zurTld2lDlI9u18dgq2kWoBV3s4iX3WEwi8TjfNzCArIOs9CX9QA0
Gf3r0WbQZnRDWR0FF8Z6WC9sVVd2lTZuKS+DTxkTNvYjxiru4vgJQDBAA+k3JbZj
/6ApcAOzd5EQDWeGRckx7nBNefyAcfQpPRgjh+BqGb00uQSMUQbvdQ1viFunAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUlEfSPD28OehgakzYAxsTh7o/iNAwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMyMzky
ZTMzMzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzODMwMzQucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtgSEwDQYJKoZIhvcNAQELBQADggEBAAjyOF7oLzGVRnevWwWaiYVPjS5O
zrpUyyAXrHRzeorkWgQIb41WLiSE2PCN80ZYTpDUR5l3rNDUGya9qBpYZ/6To0po
9xxojOXKGq5yQMDgatatDEzKSU3XcE3wDHj8wKPhLbO8YkKjnRaxJqoAWE8JaHp6
QyuL5w3lMG3CI0ymEcX0VxULPnrfFYC4xV6dCj039R7m4041XPWSDXA+ZPoowFOp
VlpFIRC5a42uoj8ZeER4iASc36atAPnF85p8Q4zS/nXhCK9WyVrqYJfGdVMTO2SU
0bJS5x/dKirUe4KH4MEIDz0VVR1CLkSYh0NzFHbdujJESIp1Tka2PcvMnos=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:28 2025 by rpki-client