Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133322e3234302e302f32322d3234203d3e203437353833.roa
File: 34352e3133322e3234302e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: dbRsV47G/U9a9WW/tqFc1PHNSP1oWQghv8t/myBKh9k=
Subject key identifier: 75:18:5B:37:68:08:8E:D6:1E:FC:80:79:2E:F8:FC:93:75:AD:9E:F9
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0696A1B35B26E8FC3F3A3B902AA50F112A7C0315
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133322e3234302e302f32322d3234203d3e203437353833.roa
Signing time: Fri 20 Dec 2024 15:23:38 +0000
ROA not before: Fri 20 Dec 2024 15:18:38 +0000
ROA not after: Fri 19 Dec 2025 15:23:38 +0000
asID: 47583
IP address blocks: 45.132.240.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:96:a1:b3:5b:26:e8:fc:3f:3a:3b:90:2a:a5:0f:11:2a:7c:03:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:38 2024 GMT
Not After : Dec 19 15:23:38 2025 GMT
Subject: CN=75185B3768088ED61EFC80792EF8FC9375AD9EF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ff:a7:14:86:47:94:e3:81:5b:44:ca:65:0b:
77:2f:6e:37:bd:ac:38:51:0d:4e:7e:a5:6b:3f:64:
ef:4e:12:64:d2:0d:99:ff:49:1f:8d:16:0b:93:60:
25:ce:02:c5:16:3e:9b:2b:e9:02:71:6d:2d:a3:41:
03:66:70:43:10:4c:fa:7c:5b:38:e4:6a:c3:9c:89:
22:39:14:90:ee:2c:39:36:04:56:c0:61:3f:19:1c:
47:1e:4c:5f:a9:c7:ba:89:fa:e5:bb:a8:b4:39:fe:
31:99:cd:08:91:cb:fa:55:43:b5:ff:70:5e:33:a4:
07:b2:b2:21:31:aa:4d:c3:35:2e:81:20:10:9a:d5:
ff:be:92:fd:ae:bc:b8:99:a9:f7:8c:e8:e0:7e:79:
9b:9f:5d:1f:6c:5c:23:75:9d:0f:00:6f:24:ec:95:
9b:e3:03:ba:88:f3:a7:82:b5:88:bc:31:ba:84:7c:
a2:39:47:68:67:58:ce:4d:d8:6d:ac:d3:83:a4:d5:
8d:31:15:44:a6:d1:5f:51:da:80:8e:de:db:9e:02:
42:cd:67:69:48:6d:8e:92:f7:aa:eb:e3:e0:bf:3b:
c1:2a:11:ed:02:99:e4:fc:d3:13:ac:f0:12:c1:f7:
03:42:52:6c:56:46:c0:db:22:fd:45:0e:24:14:69:
07:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:18:5B:37:68:08:8E:D6:1E:FC:80:79:2E:F8:FC:93:75:AD:9E:F9
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133322e3234302e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.240.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:d8:1f:99:9c:86:79:ed:a6:5d:4c:70:88:f1:c9:fd:ff:7c:
49:1e:81:ad:21:ee:e4:58:67:08:44:d2:ce:99:3d:a8:08:b1:
4e:cb:83:10:6c:c8:f2:b2:f0:14:ce:a5:77:7e:67:c5:dd:b0:
a9:a9:67:3b:d9:41:f7:30:c0:96:5d:5f:11:24:c5:71:8d:37:
c4:6a:fa:d4:ed:be:b9:28:ed:57:af:ad:75:d5:e7:da:ff:4f:
9a:b7:e5:08:37:5d:32:ce:78:84:76:78:a8:bc:60:7e:d6:30:
a0:f8:c7:f9:ab:72:3e:fa:1e:ca:f0:fa:da:0a:b8:c8:0f:1a:
e2:c8:fb:d3:ca:d6:0c:0c:a3:6c:28:46:ba:4c:c6:71:e4:75:
76:5d:ca:50:13:05:dc:8d:fb:53:7b:1f:b3:69:94:c8:b3:5e:
5a:aa:7f:62:f4:7c:eb:51:e9:2e:02:8d:40:8a:0e:a0:a6:4b:
07:6a:7c:7a:e7:f6:94:ef:23:70:19:10:59:07:e9:a7:07:32:
17:5e:69:65:a3:9a:a9:d0:8d:84:e6:e5:ad:d5:73:e4:57:bb:
7a:30:70:71:26:fb:1d:73:14:38:03:24:06:d2:5a:cc:67:38:
41:c1:9c:29:dd:f1:93:ec:15:0e:2f:38:1e:84:e5:a2:bc:25:
4b:71:53:69
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUBpahs1sm6Pw/OjuQKqUPESp8AxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzhaFw0yNTEyMTkxNTIzMzhaMDMxMTAvBgNV
BAMTKDc1MTg1QjM3NjgwODhFRDYxRUZDODA3OTJFRjhGQzkzNzVBRDlFRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDn/6cUhkeU44FbRMplC3cvbje9
rDhRDU5+pWs/ZO9OEmTSDZn/SR+NFguTYCXOAsUWPpsr6QJxbS2jQQNmcEMQTPp8
WzjkasOciSI5FJDuLDk2BFbAYT8ZHEceTF+px7qJ+uW7qLQ5/jGZzQiRy/pVQ7X/
cF4zpAeysiExqk3DNS6BIBCa1f++kv2uvLiZqfeM6OB+eZufXR9sXCN1nQ8AbyTs
lZvjA7qI86eCtYi8MbqEfKI5R2hnWM5N2G2s04Ok1Y0xFUSm0V9R2oCO3tueAkLN
Z2lIbY6S96rr4+C/O8EqEe0CmeT80xOs8BLB9wNCUmxWRsDbIv1FDiQUaQfPAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUdRhbN2gIjtYe/IB5Lvj8k3WtnvkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzIy
ZTMyMzQzMDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIthPAwDQYJKoZIhvcNAQELBQADggEBAM/YH5mchnntpl1McIjxyf3/fEke
ga0h7uRYZwhE0s6ZPagIsU7LgxBsyPKy8BTOpXd+Z8XdsKmpZzvZQfcwwJZdXxEk
xXGNN8Rq+tTtvrko7VevrXXV59r/T5q35Qg3XTLOeIR2eKi8YH7WMKD4x/mrcj76
Hsrw+toKuMgPGuLI+9PK1gwMo2woRrpMxnHkdXZdylATBdyN+1N7H7NplMizXlqq
f2L0fOtR6S4CjUCKDqCmSwdqfHrn9pTvI3AZEFkH6acHMhdeaWWjmqnQjYTm5a3V
c+RXu3owcHEm+x1zFDgDJAbSWsxnOEHBnCnd8ZPsFQ4vOB6E5aK8JUtxU2k=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:12:33 2025 by rpki-client