Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133322e3135362e302f32342d3234203d3e20313336373837.roa
File: 34352e3133322e3135362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: oDvvD0/aqbaJ17WLVqgV3Ealp/3HZ98K6FsLol8Ax9w=
Subject key identifier: D6:52:CD:ED:4C:81:6D:A7:DB:43:9D:F0:56:89:42:21:E6:DA:38:63
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 196070D46EF88DB3643A450472E4377C5BD963C5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133322e3135362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:08 +0000
ROA not before: Fri 27 Dec 2024 11:42:08 +0000
ROA not after: Fri 26 Dec 2025 11:47:08 +0000
asID: 136787
IP address blocks: 45.132.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:46:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:60:70:d4:6e:f8:8d:b3:64:3a:45:04:72:e4:37:7c:5b:d9:63:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:08 2024 GMT
Not After : Dec 26 11:47:08 2025 GMT
Subject: CN=D652CDED4C816DA7DB439DF056894221E6DA3863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:68:29:bb:ab:99:65:6e:b7:95:63:21:28:
1f:92:ad:3a:f9:43:bd:eb:a9:f4:58:d7:d1:37:1e:
1b:58:12:eb:dc:74:dc:8a:72:8d:a4:75:c6:30:92:
ab:34:6b:ce:85:2e:e3:eb:5c:58:78:fe:a4:d5:18:
18:0b:72:df:bd:b9:e1:bd:72:43:ac:68:c7:4a:a2:
bf:bc:fd:74:36:59:7a:c0:4f:b0:8b:c0:ed:be:89:
49:29:b4:bc:d8:ec:d4:74:ad:5d:4a:49:11:87:31:
1a:b0:0f:fa:8e:a3:5f:b8:1b:0f:16:61:90:71:7f:
ac:b0:d5:94:c9:1a:5b:25:d9:d0:34:aa:be:55:a2:
41:a6:af:0d:c1:9d:83:6c:0c:02:1b:63:0c:2e:bb:
20:22:39:8d:24:60:c6:d5:e3:30:bc:16:7d:f8:0c:
69:c7:bf:9d:60:e1:bf:bb:42:e9:b8:c8:d6:ad:62:
42:c7:15:6b:50:96:62:0e:69:45:fe:80:8b:be:3f:
64:f6:48:42:40:1a:8a:b2:e2:9f:4c:52:ad:36:8f:
3e:ff:8b:da:27:75:23:64:ff:90:cd:b9:3c:e8:ef:
36:ce:4c:d5:84:f5:e5:2c:c5:69:78:b4:02:a1:9e:
b2:c6:02:c9:f8:35:a0:50:34:92:7f:ca:31:10:36:
4d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:52:CD:ED:4C:81:6D:A7:DB:43:9D:F0:56:89:42:21:E6:DA:38:63
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133322e3135362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.156.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:a1:39:71:de:82:50:4d:40:15:7d:45:54:11:b0:0b:39:ae:
12:71:a4:b8:b6:a0:cf:75:92:e6:9e:eb:d8:3e:ad:cc:c8:84:
80:0c:0f:cd:2b:da:ae:14:64:db:93:a4:55:71:09:64:86:7c:
30:dc:a7:73:a1:fd:52:28:2e:ae:70:ee:e0:44:93:53:c8:02:
96:04:4a:fb:0d:7a:5e:35:8f:3a:96:64:c7:27:5b:74:b5:25:
62:0d:50:bd:cd:b0:0e:7c:16:b5:b5:f2:19:ba:c3:f1:eb:1d:
b2:90:93:7d:27:28:31:ec:15:d1:a2:a9:64:0e:4e:86:3d:f0:
72:f9:25:99:13:6d:78:3c:fa:1e:b3:cb:4c:c2:63:ea:7b:83:
82:5d:ad:7e:9c:8a:a6:d6:81:a6:31:80:f2:75:b5:82:8f:97:
f3:f3:cc:e5:af:1a:30:b6:18:64:af:4c:24:c9:fc:02:c6:a5:
44:23:28:e2:f3:1a:f9:db:50:26:2d:88:01:43:8a:68:94:0a:
1e:ee:71:3e:ea:a3:16:64:84:41:3b:fc:6d:d3:65:dc:cc:af:
c8:df:5e:cb:ab:fa:58:c4:88:3b:b7:ba:5c:3a:d3:e3:88:33:
9f:22:5f:96:58:17:ae:0f:f1:4d:71:c2:4e:04:c3:22:f5:6d:
f4:d2:ab:21
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUGWBw1G74jbNkOkUEcuQ3fFvZY8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMDhaFw0yNTEyMjYxMTQ3MDhaMDMxMTAvBgNV
BAMTKEQ2NTJDREVENEM4MTZEQTdEQjQzOURGMDU2ODk0MjIxRTZEQTM4NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp/2gpu6uZZW63lWMhKB+SrTr5
Q73rqfRY19E3HhtYEuvcdNyKco2kdcYwkqs0a86FLuPrXFh4/qTVGBgLct+9ueG9
ckOsaMdKor+8/XQ2WXrAT7CLwO2+iUkptLzY7NR0rV1KSRGHMRqwD/qOo1+4Gw8W
YZBxf6yw1ZTJGlsl2dA0qr5VokGmrw3BnYNsDAIbYwwuuyAiOY0kYMbV4zC8Fn34
DGnHv51g4b+7Qum4yNatYkLHFWtQlmIOaUX+gIu+P2T2SEJAGoqy4p9MUq02jz7/
i9ondSNk/5DNuTzo7zbOTNWE9eUsxWl4tAKhnrLGAsn4NaBQNJJ/yjEQNk27AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU1lLN7UyBbafbQ53wVolCIebaOGMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzIy
ZTMxMzUzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2EnDANBgkqhkiG9w0BAQsFAAOCAQEAp6E5cd6CUE1AFX1FVBGwCzmu
EnGkuLagz3WS5p7r2D6tzMiEgAwPzSvarhRk25OkVXEJZIZ8MNync6H9UigurnDu
4ESTU8gClgRK+w16XjWPOpZkxydbdLUlYg1Qvc2wDnwWtbXyGbrD8esdspCTfSco
MewV0aKpZA5Ohj3wcvklmRNteDz6HrPLTMJj6nuDgl2tfpyKptaBpjGA8nW1go+X
8/PM5a8aMLYYZK9MJMn8AsalRCMo4vMa+dtQJi2IAUOKaJQKHu5xPuqjFmSEQTv8
bdNl3MyvyN9ey6v6WMSIO7e6XDrT44gznyJfllgXrg/xTXHCTgTDIvVt9NKrIQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:52:18 2025 by rpki-client