Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e35362e302f32332d3234203d3e20323034313730.roa
File: 34352e31332e35362e302f32332d3234203d3e20323034313730.roa (raw, json)
Hash identifier: WrCtnvTF+uGtKTlkbIsou6Rmw2iAWonMf34Jz9mPWQg=
Subject key identifier: 4D:DB:05:0A:51:D3:05:57:97:75:AC:B4:C2:B8:26:60:9B:22:7B:16
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 55F96FB81A9A2AE159F5F095CDA828D7B01B1390
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e35362e302f32332d3234203d3e20323034313730.roa
Signing time: Fri 27 Dec 2024 11:47:45 +0000
ROA not before: Fri 27 Dec 2024 11:42:45 +0000
ROA not after: Fri 26 Dec 2025 11:47:45 +0000
asID: 204170
IP address blocks: 45.13.56.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:f9:6f:b8:1a:9a:2a:e1:59:f5:f0:95:cd:a8:28:d7:b0:1b:13:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:45 2024 GMT
Not After : Dec 26 11:47:45 2025 GMT
Subject: CN=4DDB050A51D305579775ACB4C2B826609B227B16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3e:f0:ed:bf:02:26:30:4b:7e:89:b6:d7:42:
d8:ed:19:c6:c3:7c:77:be:39:d7:c4:54:69:46:35:
9e:75:b3:46:fe:a2:78:ab:c3:fe:2a:93:1d:ae:01:
97:dd:e1:92:e7:a3:7e:72:9c:a1:05:50:33:e2:1d:
07:43:27:36:d9:32:e7:a1:31:5b:0c:36:39:8f:4b:
ed:af:1b:88:73:5a:fd:9c:7f:a6:7d:d2:a3:f8:de:
02:92:d2:ea:0b:73:0e:98:e0:41:cd:dc:2a:5f:50:
b7:bc:a1:69:37:ac:59:4f:f6:c7:31:c6:6d:c2:6a:
e3:86:49:e3:5e:3a:79:b0:96:42:68:25:a3:08:64:
9c:94:07:41:35:68:a4:ae:98:f1:c9:77:2c:c2:eb:
b6:ac:60:96:f4:2e:72:95:1c:60:05:9a:5b:50:ab:
91:5c:52:54:70:86:de:25:8e:02:9c:70:e5:d9:49:
9a:75:6b:f7:3e:26:35:c1:48:1f:53:b0:ec:c1:91:
6f:39:17:0b:62:bd:b1:f9:05:8c:11:0f:7c:0e:30:
0c:e3:d4:65:e6:61:4a:5c:2d:a1:e1:2b:7c:dd:64:
e2:46:da:cb:70:13:1a:2a:74:f2:6a:24:94:21:20:
2d:c3:2a:84:87:48:2d:10:6f:76:c3:17:41:4e:a0:
b8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DB:05:0A:51:D3:05:57:97:75:AC:B4:C2:B8:26:60:9B:22:7B:16
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e35362e302f32332d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.56.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:ab:8b:3b:0c:c6:7b:79:00:fd:28:71:b9:73:e9:81:fc:36:
c5:97:2d:77:e0:e7:6d:b5:e5:eb:7d:86:f9:d1:2e:6b:d4:41:
e2:da:97:16:65:49:eb:e1:0b:7b:65:e8:9c:d3:50:65:eb:55:
53:29:26:66:3c:89:69:eb:80:50:cc:d9:ac:c7:a8:29:5a:a1:
af:a9:2b:27:38:63:e6:c3:d8:d5:b7:0c:51:36:db:28:52:f0:
52:57:d3:5f:bd:80:de:6a:01:1f:51:81:1e:b3:51:63:a3:b3:
44:71:23:fd:4f:e3:2f:2a:13:fe:64:39:1a:74:13:9d:f5:81:
f3:7e:8e:f4:46:f2:5e:59:ae:dc:23:54:9d:eb:bb:52:59:67:
11:24:fe:fe:21:ff:7c:c3:6a:20:68:f8:97:4f:1e:50:be:b8:
45:a7:00:d4:d5:9d:a8:6a:01:ee:19:d5:df:1e:da:2a:15:2e:
fd:ef:04:d5:26:80:ca:60:e1:1d:6a:18:26:e8:ba:8a:89:aa:
28:a6:cd:99:a5:0a:0b:e1:4e:f8:2b:c6:70:c5:c9:22:5e:8c:
40:4b:01:13:58:5c:3e:ac:d8:5c:d3:a0:11:91:e3:bd:17:df:
f5:c1:4f:e7:77:94:a7:4f:f2:14:18:5d:41:71:ac:3f:c3:aa:
87:81:77:59
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUVflvuBqaKuFZ9fCVzago17AbE5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyNDVaFw0yNTEyMjYxMTQ3NDVaMDMxMTAvBgNV
BAMTKDREREIwNTBBNTFEMzA1NTc5Nzc1QUNCNEMyQjgyNjYwOUIyMjdCMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdPvDtvwImMEt+ibbXQtjtGcbD
fHe+OdfEVGlGNZ51s0b+onirw/4qkx2uAZfd4ZLno35ynKEFUDPiHQdDJzbZMueh
MVsMNjmPS+2vG4hzWv2cf6Z90qP43gKS0uoLcw6Y4EHN3CpfULe8oWk3rFlP9scx
xm3CauOGSeNeOnmwlkJoJaMIZJyUB0E1aKSumPHJdyzC67asYJb0LnKVHGAFmltQ
q5FcUlRwht4ljgKccOXZSZp1a/c+JjXBSB9TsOzBkW85FwtivbH5BYwRD3wOMAzj
1GXmYUpcLaHhK3zdZOJG2stwExoqdPJqJJQhIC3DKoSHSC0Qb3bDF0FOoLjlAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUTdsFClHTBVeXday0wrgmYJsiexYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMmUz
NTM2MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBLQ04MA0GCSqGSIb3DQEBCwUAA4IBAQCqq4s7DMZ7eQD9KHG5c+mB/DbFly13
4OdtteXrfYb50S5r1EHi2pcWZUnr4Qt7Zeic01Bl61VTKSZmPIlp64BQzNmsx6gp
WqGvqSsnOGPmw9jVtwxRNtsoUvBSV9NfvYDeagEfUYEes1Fjo7NEcSP9T+MvKhP+
ZDkadBOd9YHzfo70RvJeWa7cI1Sd67tSWWcRJP7+If98w2ogaPiXTx5QvrhFpwDU
1Z2oagHuGdXfHtoqFS797wTVJoDKYOEdahgm6LqKiaoops2ZpQoL4U74K8Zwxcki
XoxASwETWFw+rNhc06ARkeO9F9/1wU/nd5SnT/IUGF1Bcaw/w6qHgXdZ
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:07:35 2025 by rpki-client