Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e35382e302f32342d3234203d3e203430363736.roa
File: 34352e31332e35382e302f32342d3234203d3e203430363736.roa (raw, json)
Hash identifier: 0TW5FqYPJGeuNp+zOj3Pgo+iF2oWnSGkEdg6/HTM5CU=
Subject key identifier: 60:03:5D:33:1C:CF:F4:46:28:02:2B:C7:6C:8A:03:03:95:E5:B2:BF
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7395BEE2DA9CF90C62810ED02EE73CB36B059E49
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e35382e302f32342d3234203d3e203430363736.roa
Signing time: Fri 27 Dec 2024 11:47:11 +0000
ROA not before: Fri 27 Dec 2024 11:42:11 +0000
ROA not after: Fri 26 Dec 2025 11:47:11 +0000
asID: 40676
IP address blocks: 45.13.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:95:be:e2:da:9c:f9:0c:62:81:0e:d0:2e:e7:3c:b3:6b:05:9e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:11 2024 GMT
Not After : Dec 26 11:47:11 2025 GMT
Subject: CN=60035D331CCFF44628022BC76C8A030395E5B2BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c4:49:f6:36:04:97:e3:4c:cd:63:b9:15:b6:
9a:10:7a:f6:38:62:31:71:2b:ec:58:75:bf:5d:d1:
e6:e5:82:5d:73:cf:4b:c6:78:20:05:de:3e:94:ec:
be:5e:ff:27:be:69:f0:20:f5:f4:5e:fc:1f:c7:69:
4d:99:51:23:be:78:f8:bb:7b:c3:a8:63:5e:38:4a:
c9:49:d0:d2:51:0f:04:8d:37:5f:0e:23:fc:2f:d8:
bf:b5:4a:1a:d1:58:2d:5b:5d:a2:00:09:bc:ff:5a:
82:20:a5:02:97:e7:70:10:2a:95:5b:25:c3:fc:30:
3c:b2:2e:70:46:44:7e:aa:97:f9:9c:e2:af:f8:a4:
9d:35:4b:e1:6a:a1:f0:53:e0:68:27:db:b8:4c:7c:
56:08:93:3f:5d:13:b1:dc:a9:70:fa:09:81:f5:ea:
a7:f2:f2:6f:ff:82:97:1a:fd:35:49:21:1e:1a:54:
5b:1b:58:20:cd:27:4c:a7:dd:85:5d:72:a9:09:de:
98:ed:98:2c:1c:08:55:0d:da:e1:9a:e3:d7:a0:a9:
3d:21:be:4b:1e:96:89:52:f7:cc:56:d2:6b:20:89:
ff:3a:57:43:33:c7:c9:bf:4e:d9:aa:a8:7c:fa:6f:
ea:25:01:7b:60:c2:a9:8c:2b:53:d2:66:d4:01:04:
c7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:03:5D:33:1C:CF:F4:46:28:02:2B:C7:6C:8A:03:03:95:E5:B2:BF
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e35382e302f32342d3234203d3e203430363736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.58.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:57:aa:b8:b2:a0:1f:b7:d7:46:38:1f:d9:20:5e:aa:f0:04:
46:49:3d:6a:96:97:78:c7:14:83:d9:58:80:83:63:8a:54:f6:
8b:d5:4c:1a:34:4e:5a:78:02:01:6c:57:21:cb:01:2f:2d:94:
1b:a0:f8:bc:26:50:f6:ba:ed:40:3f:cd:4f:c0:ed:2a:d7:9f:
72:73:9b:7d:d1:f5:44:81:11:f9:25:43:d1:b4:05:e4:a7:52:
d8:bf:e7:07:31:3c:a8:e0:42:ef:03:f7:76:e7:c4:e1:8c:18:
62:3d:94:81:54:c4:a9:05:16:10:63:3d:55:6f:c8:85:c4:f5:
7d:e6:46:4f:8c:37:e5:e9:c0:29:d0:e8:46:d9:a6:5b:8a:dd:
17:9a:6b:b6:67:41:0a:4c:29:bf:ce:df:5b:f5:f6:c8:b6:e3:
5a:6b:ae:aa:be:16:b3:84:8f:42:39:d6:27:3c:f5:15:b1:2b:
64:35:dc:e9:86:12:a6:5c:ca:cf:09:bc:5a:03:65:01:39:c5:
1d:51:62:99:d0:b0:20:73:e1:23:99:00:0f:0b:0e:9a:b5:d1:
11:01:d8:2c:b0:fc:3b:f8:5b:d7:d5:53:a7:1c:a4:79:f6:6f:
3a:52:d5:f6:3a:63:c9:be:a6:12:5d:55:55:3c:b4:22:f7:a2:
34:4e:e6:4b
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUc5W+4tqc+QxigQ7QLuc8s2sFnkkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTFaFw0yNTEyMjYxMTQ3MTFaMDMxMTAvBgNV
BAMTKDYwMDM1RDMzMUNDRkY0NDYyODAyMkJDNzZDOEEwMzAzOTVFNUIyQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2xEn2NgSX40zNY7kVtpoQevY4
YjFxK+xYdb9d0eblgl1zz0vGeCAF3j6U7L5e/ye+afAg9fRe/B/HaU2ZUSO+ePi7
e8OoY144SslJ0NJRDwSNN18OI/wv2L+1ShrRWC1bXaIACbz/WoIgpQKX53AQKpVb
JcP8MDyyLnBGRH6ql/mc4q/4pJ01S+FqofBT4Ggn27hMfFYIkz9dE7HcqXD6CYH1
6qfy8m//gpca/TVJIR4aVFsbWCDNJ0yn3YVdcqkJ3pjtmCwcCFUN2uGa49egqT0h
vkselolS98xW0msgif86V0Mzx8m/TtmqqHz6b+olAXtgwqmMK1PSZtQBBMdXAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUYANdMxzP9EYoAivHbIoDA5Xlsr8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMmUz
NTM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDM2MzczNi5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AC0NOjANBgkqhkiG9w0BAQsFAAOCAQEAi1equLKgH7fXRjgf2SBeqvAERkk9apaX
eMcUg9lYgINjilT2i9VMGjROWngCAWxXIcsBLy2UG6D4vCZQ9rrtQD/NT8DtKtef
cnObfdH1RIER+SVD0bQF5KdS2L/nBzE8qOBC7wP3dufE4YwYYj2UgVTEqQUWEGM9
VW/IhcT1feZGT4w35enAKdDoRtmmW4rdF5prtmdBCkwpv87fW/X2yLbjWmuuqr4W
s4SPQjnWJzz1FbErZDXc6YYSplzKzwm8WgNlATnFHVFimdCwIHPhI5kADwsOmrXR
EQHYLLD8O/hb19VTpxykefZvOlLV9jpjyb6mEl1VVTy0IveiNE7mSw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:29 2025 by rpki-client