Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e3233352e302f32342d3234203d3e20313437303439.roa
File: 34352e31332e3233352e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: 9qfmxZnc4xE8QDXkSo4DZu/lgtp3zTcunAgk03bjK7w=
Subject key identifier: FB:76:72:8E:3F:9A:D9:44:89:2F:0C:09:54:DB:AE:BF:04:F3:97:35
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 463BFF9472B77D2B10417D2D60C9A744E12CAC66
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e3233352e302f32342d3234203d3e20313437303439.roa
Signing time: Fri 27 Dec 2024 11:47:25 +0000
ROA not before: Fri 27 Dec 2024 11:42:25 +0000
ROA not after: Fri 26 Dec 2025 11:47:25 +0000
asID: 147049
IP address blocks: 45.13.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:3b:ff:94:72:b7:7d:2b:10:41:7d:2d:60:c9:a7:44:e1:2c:ac:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:25 2024 GMT
Not After : Dec 26 11:47:25 2025 GMT
Subject: CN=FB76728E3F9AD944892F0C0954DBAEBF04F39735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f6:f6:dc:8c:c7:3b:c9:36:0d:3e:75:6c:a4:
16:a2:80:8d:c5:1a:fe:fa:64:80:0c:a0:d3:b7:61:
e1:13:42:de:d1:2d:f8:12:24:e9:66:4c:2b:fd:3a:
db:73:bb:e9:11:d4:77:8c:87:f3:81:8f:28:53:b9:
9c:a5:b5:b5:76:d8:d8:70:14:15:14:82:52:e7:76:
ca:e2:6f:93:51:f8:aa:1e:0d:09:61:4a:4e:b8:29:
0a:66:4d:25:69:59:4b:c2:49:d7:ae:7e:d6:87:01:
4f:8d:52:a8:4f:34:14:31:0e:6b:38:cd:40:e8:0c:
fb:66:3b:4c:dc:5a:b8:4c:c3:59:41:e3:b7:c1:8d:
50:0e:7f:c4:e3:94:6f:14:b6:e9:ca:eb:05:54:28:
d5:da:b7:e1:24:6d:e6:53:cc:ff:f2:3d:61:c2:59:
5b:54:c2:66:af:f7:8c:d9:25:96:ff:17:a9:e4:da:
66:08:5c:e1:d6:8d:f0:78:28:7e:bd:06:f8:bd:16:
49:76:b8:1f:64:d5:fc:16:30:a3:b2:78:ee:af:09:
43:fa:eb:1a:f2:1f:dd:45:0b:a1:d0:b5:5e:9b:52:
a7:ef:7b:74:fd:d4:6c:23:da:b5:74:5e:a4:3e:ca:
1b:44:d0:fa:6c:2d:ec:2f:2d:16:2c:aa:57:7c:64:
80:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:76:72:8E:3F:9A:D9:44:89:2F:0C:09:54:DB:AE:BF:04:F3:97:35
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e3233352e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.235.0/24
Signature Algorithm: sha256WithRSAEncryption
36:cc:d1:72:74:51:83:34:6c:99:e2:b7:ba:5e:24:19:4d:c8:
43:24:03:81:5e:e9:f6:8f:81:3b:25:b3:b3:2a:6c:a2:85:22:
c0:62:04:25:7a:be:95:87:82:e2:89:dc:24:4b:74:fa:a8:1a:
ef:88:52:22:18:c1:ca:70:e2:6e:85:0d:32:f3:63:c9:50:0e:
70:2b:a0:86:af:de:7b:a7:ba:fd:63:69:8b:0f:96:fc:e3:41:
6b:7f:69:ac:ba:0e:6c:b2:09:fa:34:f7:99:52:38:1b:0e:dc:
e0:c8:73:31:9f:12:b2:85:a7:1a:1d:ee:1b:d7:a2:49:75:44:
77:cb:dc:85:d8:75:bb:87:c8:d8:81:8f:32:33:da:61:5d:3c:
d0:8f:b7:e5:ed:cc:1e:fa:7a:e2:0e:25:d5:14:6c:d5:a0:e1:
c2:97:70:30:66:ad:3d:49:d8:c5:58:41:94:4b:5d:40:05:bd:
28:a7:9e:38:39:dc:2a:be:0d:2e:af:83:8a:53:d4:3b:ce:f2:
75:db:0e:02:46:68:f8:66:93:d6:58:de:7b:af:71:4d:1d:d0:
9b:8b:d1:9f:f2:a6:a9:c3:94:a6:f9:03:f8:bb:9f:89:02:da:
8b:4f:ff:38:83:08:65:3e:7d:60:16:ee:e2:ac:5d:19:3a:24:
e1:a0:90:5b
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIURjv/lHK3fSsQQX0tYMmnROEsrGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjVaFw0yNTEyMjYxMTQ3MjVaMDMxMTAvBgNV
BAMTKEZCNzY3MjhFM0Y5QUQ5NDQ4OTJGMEMwOTU0REJBRUJGMDRGMzk3MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW9vbcjMc7yTYNPnVspBaigI3F
Gv76ZIAMoNO3YeETQt7RLfgSJOlmTCv9Ottzu+kR1HeMh/OBjyhTuZyltbV22Nhw
FBUUglLndsrib5NR+KoeDQlhSk64KQpmTSVpWUvCSdeuftaHAU+NUqhPNBQxDms4
zUDoDPtmO0zcWrhMw1lB47fBjVAOf8TjlG8UtunK6wVUKNXat+EkbeZTzP/yPWHC
WVtUwmav94zZJZb/F6nk2mYIXOHWjfB4KH69Bvi9Fkl2uB9k1fwWMKOyeO6vCUP6
6xryH91FC6HQtV6bUqfve3T91Gwj2rV0XqQ+yhtE0PpsLewvLRYsqld8ZIBDAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU+3Zyjj+a2USJLwwJVNuuvwTzlzUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMmUz
MjMzMzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM0Mzkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtDeswDQYJKoZIhvcNAQELBQADggEBADbM0XJ0UYM0bJnit7peJBlNyEMk
A4Fe6faPgTsls7MqbKKFIsBiBCV6vpWHguKJ3CRLdPqoGu+IUiIYwcpw4m6FDTLz
Y8lQDnAroIav3nunuv1jaYsPlvzjQWt/aay6DmyyCfo095lSOBsO3ODIczGfErKF
pxod7hvXokl1RHfL3IXYdbuHyNiBjzIz2mFdPNCPt+XtzB76euIOJdUUbNWg4cKX
cDBmrT1J2MVYQZRLXUAFvSinnjg53Cq+DS6vg4pT1DvO8nXbDgJGaPhmk9ZY3nuv
cU0d0JuL0Z/ypqnDlKb5A/i7n4kC2otP/ziDCGU+fWAW7uKsXRk6JOGgkFs=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:54:52 2025 by rpki-client