Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133322e3135382e302f32342d3332203d3e203531313637.roa
File: 34352e3133322e3135382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: lDTXcNO2b+l8uc3bm76KN1BiZBg5FMEsquj6OvsgIDU=
Subject key identifier: BF:86:6C:18:6B:FC:FA:05:59:6E:B5:A9:97:72:1D:B3:1F:42:66:CE
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2D99081D941D5DB6B72BE9ADA79D049E611940AA
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133322e3135382e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:25 +0000
ROA not before: Fri 27 Dec 2024 11:42:25 +0000
ROA not after: Fri 26 Dec 2025 11:47:25 +0000
asID: 51167
IP address blocks: 45.132.158.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 11:28:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:99:08:1d:94:1d:5d:b6:b7:2b:e9:ad:a7:9d:04:9e:61:19:40:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:25 2024 GMT
Not After : Dec 26 11:47:25 2025 GMT
Subject: CN=BF866C186BFCFA05596EB5A997721DB31F4266CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:29:3c:12:08:b2:ac:59:a4:4e:92:9d:a1:a5:
23:fd:34:c6:6d:67:eb:8b:1e:47:43:d5:d6:20:cd:
a8:e6:46:fc:4e:4a:21:9f:05:44:c0:20:fe:fd:b7:
3f:3f:b4:c1:f3:b3:5c:01:4a:d2:ca:af:6e:bb:ce:
9f:f7:a4:5d:b7:a7:a1:02:64:9b:83:8e:d6:48:a8:
5a:73:e1:ac:51:ae:b4:a8:45:62:88:da:b9:2f:54:
2e:7f:84:97:a7:cf:9c:8a:c1:49:72:8b:15:c8:6a:
dc:b5:04:f1:8d:75:d7:af:c3:58:52:4f:5f:30:a8:
fa:2c:ae:0d:db:7d:db:47:d8:a3:7c:eb:e2:3f:29:
de:eb:b7:e0:e8:42:11:30:d3:c2:46:a1:59:0a:06:
27:24:fa:4f:da:6d:12:e0:7f:25:99:61:e0:d8:ed:
b0:45:d6:f0:08:c3:ac:d8:21:81:30:28:1f:2d:de:
09:f6:87:de:12:b8:1d:2d:23:bb:79:18:99:cf:3e:
fb:d0:2b:21:c9:b9:7a:e5:a0:17:1d:29:bd:30:1e:
29:80:24:48:bb:f7:d7:5e:94:76:06:43:74:65:d8:
bd:84:4a:d8:21:41:ac:ac:4d:4f:17:89:ee:c0:5e:
b9:93:f3:d4:bf:f1:85:43:7d:1d:02:1d:d2:4e:c6:
10:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:86:6C:18:6B:FC:FA:05:59:6E:B5:A9:97:72:1D:B3:1F:42:66:CE
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133322e3135382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.158.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:48:fd:76:a2:f2:06:2b:95:4b:cf:4e:cf:d5:d6:86:e2:8b:
c2:d7:fe:f8:9e:48:86:a5:99:cb:0a:d4:6f:bb:0b:a5:08:99:
7c:6f:e6:bd:4a:92:09:37:b9:a1:dc:cc:49:d4:36:f7:5e:78:
97:c6:dd:a1:a8:68:b7:0d:7a:02:6c:94:38:be:2a:2b:54:4d:
e3:e7:c7:38:2d:47:d0:14:04:9e:b5:4d:c5:f2:33:23:d2:bf:
ad:9e:92:ff:f4:82:75:42:0f:b5:4c:05:ec:7d:f7:47:95:4f:
1c:49:7b:84:70:bc:1f:78:47:ca:36:a3:11:c5:9f:5d:7b:1e:
6d:c6:30:ba:5f:c6:bb:a4:bb:ad:ca:6e:c1:a2:32:a0:64:37:
dc:e9:73:01:cb:e5:bf:fc:bc:f6:1b:69:4d:fc:27:b6:26:a8:
44:8d:2d:69:0f:c0:85:7d:5a:39:d6:77:1c:20:7e:36:26:be:
de:ca:93:10:7b:bf:92:db:1e:5b:0e:ee:87:a4:0b:c3:1d:ab:
08:f8:32:50:98:93:5a:62:a7:a8:58:df:ce:fc:8a:2d:fd:6f:
19:e5:66:e8:ab:53:a3:1e:d2:88:75:67:e9:c5:ca:d7:93:68:
72:68:d0:71:87:45:1e:77:20:2f:91:4e:07:fe:b4:4f:52:29:
db:32:64:e6
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIULZkIHZQdXba3K+mtp50EnmEZQKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjVaFw0yNTEyMjYxMTQ3MjVaMDMxMTAvBgNV
BAMTKEJGODY2QzE4NkJGQ0ZBMDU1OTZFQjVBOTk3NzIxREIzMUY0MjY2Q0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyKTwSCLKsWaROkp2hpSP9NMZt
Z+uLHkdD1dYgzajmRvxOSiGfBUTAIP79tz8/tMHzs1wBStLKr267zp/3pF23p6EC
ZJuDjtZIqFpz4axRrrSoRWKI2rkvVC5/hJenz5yKwUlyixXIaty1BPGNddevw1hS
T18wqPosrg3bfdtH2KN86+I/Kd7rt+DoQhEw08JGoVkKBick+k/abRLgfyWZYeDY
7bBF1vAIw6zYIYEwKB8t3gn2h94SuB0tI7t5GJnPPvvQKyHJuXrloBcdKb0wHimA
JEi799delHYGQ3Rl2L2EStghQaysTU8Xie7AXrmT89S/8YVDfR0CHdJOxhCFAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUv4ZsGGv8+gVZbrWpl3Idsx9CZs4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzIy
ZTMxMzUzODJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAthJ4wDQYJKoZIhvcNAQELBQADggEBADpI/Xai8gYrlUvPTs/V1obii8LX
/vieSIalmcsK1G+7C6UImXxv5r1Kkgk3uaHczEnUNvdeeJfG3aGoaLcNegJslDi+
KitUTePnxzgtR9AUBJ61TcXyMyPSv62ekv/0gnVCD7VMBex990eVTxxJe4RwvB94
R8o2oxHFn117Hm3GMLpfxruku63KbsGiMqBkN9zpcwHL5b/8vPYbaU38J7YmqESN
LWkPwIV9WjnWdxwgfjYmvt7KkxB7v5LbHlsO7oekC8Mdqwj4MlCYk1pip6hY3878
ii39bxnlZuirU6Me0oh1Z+nFyteTaHJo0HGHRR53IC+RTgf+tE9SKdsyZOY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:59:25 2025 by rpki-client