Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3134302e302f32322d3232203d3e20323033303230.roa
File: 34352e3133372e3134302e302f32322d3232203d3e20323033303230.roa (raw, json)
Hash identifier: job02q4vzOS8zbSDeMgR+MuCdR+VbPUDAycV6rD+3ck=
Subject key identifier: 4D:2E:19:C7:49:2D:B3:0C:2F:95:CC:13:EC:A9:59:0E:2B:99:19:44
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1D876B91960EB8318558F7369206A8316F76FB9A
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3134302e302f32322d3232203d3e20323033303230.roa
Signing time: Fri 27 Dec 2024 11:47:17 +0000
ROA not before: Fri 27 Dec 2024 11:42:17 +0000
ROA not after: Fri 26 Dec 2025 11:47:17 +0000
asID: 203020
IP address blocks: 45.137.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:87:6b:91:96:0e:b8:31:85:58:f7:36:92:06:a8:31:6f:76:fb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:17 2024 GMT
Not After : Dec 26 11:47:17 2025 GMT
Subject: CN=4D2E19C7492DB30C2F95CC13ECA9590E2B991944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c4:f7:4e:f3:f5:0c:c9:eb:d9:53:95:36:6d:
53:13:1b:35:f1:8a:47:0d:ca:9c:2d:56:bc:a8:7e:
54:2e:19:48:32:4d:64:c5:b2:f2:c0:82:de:50:f5:
1d:dd:8b:9a:3c:bf:25:7c:bf:5d:c3:57:39:7a:7a:
99:22:d4:fa:2d:e8:6e:40:17:bf:4a:2e:d6:ff:d1:
6b:bf:be:03:72:2e:cd:f9:5b:95:bd:b9:80:68:35:
dd:df:8c:19:fe:f6:8e:87:de:f4:d1:56:62:8b:13:
f8:02:6a:4f:cd:4d:a1:b5:37:69:28:8d:4e:87:2d:
eb:97:0c:f6:b4:b2:84:a3:97:cd:d6:ad:2d:37:5e:
a0:c4:90:5d:68:61:07:39:e5:23:24:4c:87:30:2e:
a6:f3:e6:f4:74:ca:34:23:6a:fb:7c:1e:7c:8f:ad:
f3:31:c0:3a:0d:1d:1e:92:fe:0b:ee:96:14:8f:a8:
83:12:d7:a8:a8:1f:59:cd:2c:8f:69:bd:14:b3:76:
1f:df:cd:78:08:fb:b3:f9:f2:e9:6a:6a:e2:66:dd:
06:74:8e:a7:a6:91:01:f9:5f:ec:ec:35:c9:ad:cb:
ce:50:2d:ba:b7:99:7f:5f:bd:ae:96:08:c7:28:6d:
fb:5c:fb:fa:30:15:46:8a:72:92:47:e3:06:be:35:
30:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2E:19:C7:49:2D:B3:0C:2F:95:CC:13:EC:A9:59:0E:2B:99:19:44
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3134302e302f32322d3232203d3e20323033303230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.140.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:b2:88:e5:5d:2e:56:ca:99:37:87:08:2b:7b:82:54:8c:be:
2e:06:24:a2:9d:6d:05:8d:f2:5a:e6:dd:57:07:1c:99:d3:7c:
7e:4c:14:84:62:c8:35:07:87:ec:15:c7:c9:36:4d:72:db:dc:
3a:2a:20:a2:69:03:54:02:d8:eb:a0:4a:8f:d0:98:d4:05:77:
c3:0e:5e:01:ac:90:71:92:0d:39:97:39:c9:c9:ea:c4:16:83:
6f:2d:ed:75:22:d4:bf:f4:af:8e:04:49:dd:3c:52:f7:48:d9:
b9:0e:e2:ff:c5:b7:d3:7a:bb:64:e6:5d:c5:0b:98:a3:da:9b:
95:11:2d:74:e3:bb:c8:28:a4:0f:86:cd:76:c7:c8:5f:5f:aa:
b3:c5:9a:4e:ed:8f:10:9f:1f:2b:0c:bf:c9:c9:5b:2d:a9:f7:
08:12:10:76:a6:52:e0:69:49:fa:37:4a:34:6c:b7:d9:b9:f0:
2c:76:a8:ae:14:f7:26:9e:04:62:4f:31:50:58:99:4f:04:0d:
bf:d1:13:0d:7b:4a:5b:06:04:ed:0b:66:07:d1:25:63:50:43:
5e:b3:56:a9:5b:ac:e6:e7:38:16:b6:3b:2d:92:40:4d:d0:5a:
3a:f3:af:38:98:9a:9d:aa:18:d6:ae:46:b1:88:83:0f:b7:91:
2b:4c:8e:74
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUHYdrkZYOuDGFWPc2kgaoMW92+5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTdaFw0yNTEyMjYxMTQ3MTdaMDMxMTAvBgNV
BAMTKDREMkUxOUM3NDkyREIzMEMyRjk1Q0MxM0VDQTk1OTBFMkI5OTE5NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJxPdO8/UMyevZU5U2bVMTGzXx
ikcNypwtVryoflQuGUgyTWTFsvLAgt5Q9R3di5o8vyV8v13DVzl6epki1Pot6G5A
F79KLtb/0Wu/vgNyLs35W5W9uYBoNd3fjBn+9o6H3vTRVmKLE/gCak/NTaG1N2ko
jU6HLeuXDPa0soSjl83WrS03XqDEkF1oYQc55SMkTIcwLqbz5vR0yjQjavt8HnyP
rfMxwDoNHR6S/gvulhSPqIMS16ioH1nNLI9pvRSzdh/fzXgI+7P58ulqauJm3QZ0
jqemkQH5X+zsNcmty85QLbq3mX9fva6WCMcobftc+/owFUaKcpJH4wa+NTB3AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUTS4Zx0ktswwvlcwT7KlZDiuZGUQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzcy
ZTMxMzQzMDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzAzMzMwMzIzMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAi2JjDANBgkqhkiG9w0BAQsFAAOCAQEAv7KI5V0uVsqZN4cIK3uCVIy+
LgYkop1tBY3yWubdVwccmdN8fkwUhGLINQeH7BXHyTZNctvcOiogomkDVALY66BK
j9CY1AV3ww5eAayQcZINOZc5ycnqxBaDby3tdSLUv/SvjgRJ3TxS90jZuQ7i/8W3
03q7ZOZdxQuYo9qblREtdOO7yCikD4bNdsfIX1+qs8WaTu2PEJ8fKwy/yclbLan3
CBIQdqZS4GlJ+jdKNGy32bnwLHaorhT3Jp4EYk8xUFiZTwQNv9ETDXtKWwYE7Qtm
B9ElY1BDXrNWqVus5uc4FrY7LZJATdBaOvOvOJianaoY1q5GsYiDD7eRK0yOdA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:23 2025 by rpki-client