Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3132392e33352e302f32342d3234203d3e20313336373837.roa
File: 34352e3132392e33352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Fztl6kbSAfZsRhZqauYEIBVIlxOdMkavavYh2aLg2kM=
Subject key identifier: 7D:A8:6B:2A:99:28:8A:EB:B3:0B:99:DB:B2:63:F4:1D:A0:83:29:32
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 264E4A69BB189D63A88127CE1BA3119888DAA826
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3132392e33352e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:21 +0000
ROA not before: Fri 27 Dec 2024 11:42:21 +0000
ROA not after: Fri 26 Dec 2025 11:47:21 +0000
asID: 136787
IP address blocks: 45.129.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 02:18:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:4e:4a:69:bb:18:9d:63:a8:81:27:ce:1b:a3:11:98:88:da:a8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:21 2024 GMT
Not After : Dec 26 11:47:21 2025 GMT
Subject: CN=7DA86B2A99288AEBB30B99DBB263F41DA0832932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:28:91:68:e0:4d:d2:e3:26:4a:d6:20:46:40:
8d:51:84:e5:cf:8c:02:c2:6b:9d:8a:75:5c:dc:61:
19:57:dd:8f:fe:f0:d4:2a:1d:cd:1c:c0:6b:43:d3:
10:03:5f:51:1b:6f:f2:d9:76:e8:7a:5d:ef:a6:4a:
89:15:26:6f:1a:c5:87:72:16:17:6d:72:86:08:e9:
70:0c:0a:8b:a1:ab:07:5b:80:6d:e7:b0:99:5e:14:
95:de:63:34:c8:1d:d3:12:aa:97:6e:a1:36:7d:dc:
5e:12:4f:b7:66:00:87:9f:d1:d8:f1:4d:03:60:e5:
9a:53:76:67:11:4e:11:a8:5f:3e:0d:c5:19:72:5a:
8d:76:43:99:cf:ba:39:55:2f:66:bf:8b:65:86:91:
5d:d9:c3:6a:6b:23:53:b5:4f:5e:1e:1b:fc:02:96:
95:05:19:a3:9c:0b:06:ba:f7:8b:ce:f7:ce:15:67:
28:14:9f:75:08:a2:69:75:19:ea:4a:1d:99:29:2e:
53:68:ab:71:30:c9:7d:59:7b:d8:1f:58:2a:db:44:
c2:d8:cd:75:b7:10:d5:61:13:27:78:f2:e8:01:3d:
88:36:df:10:7b:29:3b:23:83:5a:28:40:35:27:52:
db:cf:ae:ec:b7:8a:be:3f:84:08:e6:8c:7f:70:f5:
8e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A8:6B:2A:99:28:8A:EB:B3:0B:99:DB:B2:63:F4:1D:A0:83:29:32
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3132392e33352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.35.0/24
Signature Algorithm: sha256WithRSAEncryption
97:59:52:ca:b8:b3:73:9c:33:d9:22:71:82:7a:04:e4:d6:62:
e5:f0:16:b4:00:fc:5a:72:f7:81:02:84:ec:6f:56:42:6f:72:
c1:01:42:7f:49:ec:e1:e9:3a:54:39:cd:e2:65:4a:f5:77:c2:
28:52:82:27:56:58:57:f4:72:58:65:91:fe:74:7c:1b:c0:3c:
be:9a:47:a2:94:17:d8:2f:0d:e5:54:fd:53:eb:55:d5:70:b3:
6f:9e:b6:3b:27:9d:22:62:48:fa:bb:2e:55:5a:02:3a:03:5a:
e2:31:c6:0b:de:bb:b8:98:a0:6c:12:40:a0:e3:2c:1d:fc:b9:
4b:c5:17:a3:1e:dc:2f:97:e8:30:7f:96:a7:67:2e:3b:a5:2e:
ac:9a:ff:61:7f:0c:21:c4:ee:5b:dc:49:2f:54:ed:80:cd:51:
0a:28:37:27:06:c3:fc:28:5c:db:1b:26:af:76:d0:c5:9d:60:
6b:0c:c4:1e:50:34:b5:11:0b:1a:bf:1a:01:7d:7e:34:83:5c:
8d:88:11:14:23:76:af:c6:15:15:d2:d2:27:84:07:e8:9b:2a:
4d:5d:e4:68:51:39:d5:e6:87:4f:5a:f3:a8:6a:3e:ed:c9:b7:
b5:27:20:59:c6:58:b6:ad:be:e8:85:df:25:92:24:55:e8:37:
6e:59:6d:7c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUJk5KabsYnWOogSfOG6MRmIjaqCYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjFaFw0yNTEyMjYxMTQ3MjFaMDMxMTAvBgNV
BAMTKDdEQTg2QjJBOTkyODhBRUJCMzBCOTlEQkIyNjNGNDFEQTA4MzI5MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/KJFo4E3S4yZK1iBGQI1RhOXP
jALCa52KdVzcYRlX3Y/+8NQqHc0cwGtD0xADX1Ebb/LZduh6Xe+mSokVJm8axYdy
FhdtcoYI6XAMCouhqwdbgG3nsJleFJXeYzTIHdMSqpduoTZ93F4ST7dmAIef0djx
TQNg5ZpTdmcRThGoXz4NxRlyWo12Q5nPujlVL2a/i2WGkV3Zw2prI1O1T14eG/wC
lpUFGaOcCwa694vO984VZygUn3UIoml1GepKHZkpLlNoq3EwyX1Ze9gfWCrbRMLY
zXW3ENVhEyd48ugBPYg23xB7KTsjg1ooQDUnUtvPruy3ir4/hAjmjH9w9Y45AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUfahrKpkoiuuzC5nbsmP0HaCDKTIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMyMzky
ZTMzMzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtgSMwDQYJKoZIhvcNAQELBQADggEBAJdZUsq4s3OcM9kicYJ6BOTWYuXw
FrQA/Fpy94EChOxvVkJvcsEBQn9J7OHpOlQ5zeJlSvV3wihSgidWWFf0clhlkf50
fBvAPL6aR6KUF9gvDeVU/VPrVdVws2+etjsnnSJiSPq7LlVaAjoDWuIxxgveu7iY
oGwSQKDjLB38uUvFF6Me3C+X6DB/lqdnLjulLqya/2F/DCHE7lvcSS9U7YDNUQoo
NycGw/woXNsbJq920MWdYGsMxB5QNLURCxq/GgF9fjSDXI2IERQjdq/GFRXS0ieE
B+ibKk1d5GhROdXmh09a86hqPu3Jt7UnIFnGWLatvuiF3yWSJFXoN25ZbXw=
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:40:11 2025 by rpki-client