Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e3233322e302f32342d3234203d3e20313336373837.roa
File: 34352e31332e3233322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 8RLoUHytKfZCkg52g7tfpBW6cb4HlEXfHQj/UKYrPtA=
Subject key identifier: B1:21:12:72:A5:EA:CE:48:2F:D1:E2:11:71:C3:AB:AC:C2:DB:AA:1B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1B1FD13E44B0DFD2A91429D10752E7C1F07A8909
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e3233322e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:42 +0000
ROA not before: Fri 27 Dec 2024 11:42:42 +0000
ROA not after: Fri 26 Dec 2025 11:47:42 +0000
asID: 136787
IP address blocks: 45.13.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:1f:d1:3e:44:b0:df:d2:a9:14:29:d1:07:52:e7:c1:f0:7a:89:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:42 2024 GMT
Not After : Dec 26 11:47:42 2025 GMT
Subject: CN=B1211272A5EACE482FD1E21171C3ABACC2DBAA1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cc:70:45:3d:ce:15:12:6f:3e:ec:9d:9d:72:
8b:e1:b8:4c:1c:f7:b0:b0:26:20:be:d9:50:65:0e:
45:b0:2d:2f:e7:38:c8:3a:0c:7b:cb:1e:ae:c6:94:
cf:9d:5c:7e:a6:94:25:f3:51:39:b8:87:a4:15:e1:
ec:cb:3f:66:46:fe:af:6c:79:36:5a:9b:4b:5b:a1:
b3:94:dc:9e:14:fd:a6:4a:ef:89:ae:30:6f:8e:6f:
78:3e:ba:b4:29:60:65:2a:a9:04:52:1c:1b:78:8b:
70:e6:60:99:b4:73:f5:a4:d5:b0:9a:49:61:44:59:
f6:24:e7:6d:cb:a9:7d:ee:11:c5:d3:e2:4b:7f:f7:
4b:4e:e5:08:52:fe:bc:94:0e:d3:61:45:e3:af:d0:
11:a6:4f:44:57:f0:fb:9a:22:17:84:41:be:eb:d7:
25:d8:cc:9b:4d:f2:07:3e:cf:7a:80:26:c2:66:d0:
d7:c7:27:a7:03:5e:b5:0f:48:df:86:d2:96:10:72:
23:20:01:59:fe:01:4e:48:de:a0:c2:bf:db:d5:62:
3b:71:91:4d:59:b8:58:0a:f7:24:71:ca:f0:dc:68:
fa:60:78:6f:37:cc:95:4e:3e:0c:5f:bc:30:6c:6b:
3c:fb:15:36:02:f3:f7:77:a3:74:03:4f:54:8b:6e:
73:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:21:12:72:A5:EA:CE:48:2F:D1:E2:11:71:C3:AB:AC:C2:DB:AA:1B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e3233322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.232.0/24
Signature Algorithm: sha256WithRSAEncryption
77:c5:aa:e1:fc:1c:4f:90:f7:5e:14:34:5d:7a:36:4e:65:46:
0a:98:31:12:0b:f6:f1:d9:4d:ac:5d:b1:b8:f4:75:ad:f6:0b:
53:f9:23:42:25:6e:3d:24:fd:4f:89:b4:4b:ea:ee:fe:ba:15:
b1:98:50:7b:1c:4e:0e:cf:1e:6d:75:6e:73:45:93:3a:46:20:
3c:44:e8:f0:86:de:0f:a4:12:21:57:e1:19:17:9c:fe:ac:ee:
92:eb:66:95:ea:3c:fd:78:25:db:43:fe:f2:b6:b7:a8:2d:ab:
ef:f1:91:57:1a:06:56:f7:06:7e:02:ec:56:07:f0:3b:ff:e2:
6c:81:a5:33:c8:76:bf:72:4e:66:56:cd:2c:fd:20:45:c3:fa:
a8:18:f9:40:81:d3:bf:fe:77:a8:9f:4e:55:a0:73:48:55:09:
41:b2:0b:bd:f8:b4:49:8d:03:8f:83:47:0b:ef:61:12:80:2d:
e5:96:d6:64:ff:7c:30:7c:7f:80:b9:6c:37:98:4e:c1:80:39:
35:2c:48:27:d4:47:b7:68:0f:dc:23:d8:ba:dc:35:19:81:6e:
44:0a:ae:aa:6a:e9:af:25:cf:0e:06:c1:8f:d4:9b:e9:1e:50:
0d:57:5f:54:b8:7c:bc:7d:c7:5f:94:b8:81:2d:97:b0:61:bb:
50:39:ea:80
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUGx/RPkSw39KpFCnRB1LnwfB6iQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyNDJaFw0yNTEyMjYxMTQ3NDJaMDMxMTAvBgNV
BAMTKEIxMjExMjcyQTVFQUNFNDgyRkQxRTIxMTcxQzNBQkFDQzJEQkFBMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGzHBFPc4VEm8+7J2dcovhuEwc
97CwJiC+2VBlDkWwLS/nOMg6DHvLHq7GlM+dXH6mlCXzUTm4h6QV4ezLP2ZG/q9s
eTZam0tbobOU3J4U/aZK74muMG+Ob3g+urQpYGUqqQRSHBt4i3DmYJm0c/Wk1bCa
SWFEWfYk523LqX3uEcXT4kt/90tO5QhS/ryUDtNhReOv0BGmT0RX8PuaIheEQb7r
1yXYzJtN8gc+z3qAJsJm0NfHJ6cDXrUPSN+G0pYQciMgAVn+AU5I3qDCv9vVYjtx
kU1ZuFgK9yRxyvDcaPpgeG83zJVOPgxfvDBsazz7FTYC8/d3o3QDT1SLbnOzAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUsSEScqXqzkgv0eIRccOrrMLbqhswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMmUz
MjMzMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtDegwDQYJKoZIhvcNAQELBQADggEBAHfFquH8HE+Q914UNF16Nk5lRgqY
MRIL9vHZTaxdsbj0da32C1P5I0Ilbj0k/U+JtEvq7v66FbGYUHscTg7PHm11bnNF
kzpGIDxE6PCG3g+kEiFX4RkXnP6s7pLrZpXqPP14JdtD/vK2t6gtq+/xkVcaBlb3
Bn4C7FYH8Dv/4myBpTPIdr9yTmZWzSz9IEXD+qgY+UCB07/+d6ifTlWgc0hVCUGy
C734tEmNA4+DRwvvYRKALeWW1mT/fDB8f4C5bDeYTsGAOTUsSCfUR7doD9wj2Lrc
NRmBbkQKrqpq6a8lzw4GwY/Um+keUA1XX1S4fLx9x1+UuIEtl7Bhu1A56oA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:43:54 2025 by rpki-client