Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e35382e302f32342d3234203d3e20333937343233.roa
File: 34352e31332e35382e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier: muuoeBaWRBpR/ohUGeIpuuU/MD+X6OR2tqKOG9Vg9B8=
Subject key identifier: D9:A1:9D:41:C8:95:31:31:62:22:41:68:1C:9F:F0:07:2B:A8:E5:BC
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 726BDDD46D5A3157DF4E40D137848842FAD27D47
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e35382e302f32342d3234203d3e20333937343233.roa
Signing time: Fri 27 Dec 2024 11:47:19 +0000
ROA not before: Fri 27 Dec 2024 11:42:19 +0000
ROA not after: Fri 26 Dec 2025 11:47:19 +0000
asID: 397423
IP address blocks: 45.13.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:6b:dd:d4:6d:5a:31:57:df:4e:40:d1:37:84:88:42:fa:d2:7d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:19 2024 GMT
Not After : Dec 26 11:47:19 2025 GMT
Subject: CN=D9A19D41C8953131622241681C9FF0072BA8E5BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d7:bd:4d:b1:fa:89:fe:ce:2b:55:54:f2:14:
0d:1f:21:6d:cc:de:55:1d:7a:cb:fd:7f:25:72:f1:
a4:ad:02:e3:dc:61:48:32:01:79:40:6d:69:f1:1b:
ac:ed:04:8d:3c:9e:a7:ba:02:6f:a6:95:4c:fd:c7:
d4:1e:ec:23:65:8b:26:15:67:a5:bc:e4:b2:c1:ab:
71:20:cb:45:4b:2e:57:da:63:29:d8:21:25:15:49:
10:28:bc:3a:cf:26:a0:c3:1d:50:ef:27:d2:02:ab:
17:d4:71:73:a5:23:2b:85:2a:bd:5c:14:9f:de:f2:
f4:4a:62:a9:8e:af:b7:45:13:73:35:05:14:f7:9f:
cb:eb:ac:ae:a2:f8:8a:a1:a0:7e:a6:4d:01:36:99:
b5:de:c0:60:ec:59:c2:37:33:af:9b:d4:43:e7:d9:
60:93:7a:5b:8e:9c:52:8b:45:e3:53:28:ce:33:60:
d3:7a:9f:f1:79:e8:d9:70:13:f4:0b:44:65:5e:ac:
10:10:fe:0c:3a:a6:03:96:d5:de:55:9f:74:1d:5e:
53:78:49:13:e6:14:cd:0a:da:bb:38:ca:8f:4a:19:
ab:7f:f3:d0:d9:b1:ea:62:13:00:0c:17:8a:76:7b:
f4:39:ad:03:56:7e:2d:52:a8:d3:be:e3:e3:d1:38:
73:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A1:9D:41:C8:95:31:31:62:22:41:68:1C:9F:F0:07:2B:A8:E5:BC
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e35382e302f32342d3234203d3e20333937343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.58.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:79:9e:36:55:bf:c3:48:ec:19:29:b1:be:4e:6e:96:4a:2c:
7b:9e:9e:5b:7e:a0:e3:6a:06:c5:25:de:59:87:f9:38:22:0f:
50:ba:8d:f9:39:7d:c9:e7:be:78:81:33:96:fc:28:bf:9b:b7:
10:05:91:46:84:15:b2:4e:2b:02:12:5b:22:24:7a:2d:dc:69:
33:ca:87:10:5c:81:c0:8d:e7:25:09:60:00:54:b8:12:a9:31:
f8:30:f1:83:88:05:d0:7c:59:cd:30:70:68:5c:ca:92:08:52:
d2:84:97:22:e9:7a:7c:b1:34:96:e7:cc:66:36:36:61:76:d2:
85:f1:03:c2:f7:fc:27:6a:50:d9:61:46:37:72:c4:21:ac:2b:
ab:d3:7d:8d:d4:64:4b:93:67:5b:6b:e6:81:10:3c:33:4d:f7:
13:f3:6a:c6:49:d6:7a:62:79:f0:63:ce:2b:31:36:4d:aa:23:
97:89:47:c9:87:8e:fd:dc:24:c0:49:68:cd:d8:c2:1b:2f:6f:
94:ca:3f:26:45:3e:d0:53:eb:43:99:43:59:50:a7:0a:52:e9:
d6:a7:3f:56:66:88:97:05:36:9b:6d:75:ea:c8:93:71:0f:ed:
96:f5:25:33:09:d2:90:d8:5b:81:e2:af:0e:48:11:a2:01:80:
8a:05:71:cc
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUcmvd1G1aMVffTkDRN4SIQvrSfUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTlaFw0yNTEyMjYxMTQ3MTlaMDMxMTAvBgNV
BAMTKEQ5QTE5RDQxQzg5NTMxMzE2MjIyNDE2ODFDOUZGMDA3MkJBOEU1QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw171NsfqJ/s4rVVTyFA0fIW3M
3lUdesv9fyVy8aStAuPcYUgyAXlAbWnxG6ztBI08nqe6Am+mlUz9x9Qe7CNliyYV
Z6W85LLBq3Egy0VLLlfaYynYISUVSRAovDrPJqDDHVDvJ9ICqxfUcXOlIyuFKr1c
FJ/e8vRKYqmOr7dFE3M1BRT3n8vrrK6i+IqhoH6mTQE2mbXewGDsWcI3M6+b1EPn
2WCTeluOnFKLReNTKM4zYNN6n/F56NlwE/QLRGVerBAQ/gw6pgOW1d5Vn3QdXlN4
SRPmFM0K2rs4yo9KGat/89DZsepiEwAMF4p2e/Q5rQNWfi1SqNO+4+PROHMXAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU2aGdQciVMTFiIkFoHJ/wByuo5bwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMmUz
NTM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM3MzQzMjMzLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQALQ06MA0GCSqGSIb3DQEBCwUAA4IBAQBqeZ42Vb/DSOwZKbG+Tm6WSix7np5b
fqDjagbFJd5Zh/k4Ig9Quo35OX3J5754gTOW/Ci/m7cQBZFGhBWyTisCElsiJHot
3GkzyocQXIHAjeclCWAAVLgSqTH4MPGDiAXQfFnNMHBoXMqSCFLShJci6Xp8sTSW
58xmNjZhdtKF8QPC9/wnalDZYUY3csQhrCur032N1GRLk2dba+aBEDwzTfcT82rG
SdZ6YnnwY84rMTZNqiOXiUfJh4793CTASWjN2MIbL2+Uyj8mRT7QU+tDmUNZUKcK
UunWpz9WZoiXBTabbXXqyJNxD+2W9SUzCdKQ2FuB4q8OSBGiAYCKBXHM
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:09:00 2025 by rpki-client