Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139322e302f32342d3332203d3e203430303231.roa
File: 34352e3133372e3139322e302f32342d3332203d3e203430303231.roa (raw, json)
Hash identifier: 4poRRtAV43x77H408GcquMcU+ApK/2nuMMjkIh5MY7E=
Subject key identifier: 43:D5:8B:19:86:37:B4:32:92:39:DC:24:36:94:4A:D5:CB:B4:34:D9
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6C214F472310EF53A4069E6E9A37FF3E6AA92F2B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139322e302f32342d3332203d3e203430303231.roa
Signing time: Fri 27 Dec 2024 11:47:22 +0000
ROA not before: Fri 27 Dec 2024 11:42:22 +0000
ROA not after: Fri 26 Dec 2025 11:47:22 +0000
asID: 40021
IP address blocks: 45.137.192.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:21:4f:47:23:10:ef:53:a4:06:9e:6e:9a:37:ff:3e:6a:a9:2f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:22 2024 GMT
Not After : Dec 26 11:47:22 2025 GMT
Subject: CN=43D58B198637B4329239DC2436944AD5CBB434D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:28:d8:0c:da:f6:99:95:ad:70:38:59:f2:9d:
35:12:c3:32:e3:c1:39:c6:bb:0e:15:31:59:dd:ca:
c1:e3:0a:34:b9:83:2d:e6:a0:71:7e:71:d6:39:dc:
97:d3:d3:8b:37:83:87:78:2c:9b:a3:92:2e:52:ee:
be:40:17:fc:9b:28:bc:2f:f9:b5:98:d0:b1:48:e8:
c2:e1:eb:0b:2b:22:a9:48:95:9d:ba:00:67:50:ce:
fa:cb:a5:2f:f4:fa:e4:af:06:da:7b:1d:ff:d9:a8:
b1:27:e2:3c:ea:85:f0:0f:26:44:da:f1:82:07:7e:
32:97:7d:ae:10:3b:40:48:a1:c6:48:77:fa:ca:92:
9a:b5:fd:b3:64:5d:08:82:2d:7c:f0:e3:57:bb:12:
41:9c:f8:ef:ff:af:75:80:dc:b5:0f:26:65:b8:ee:
f9:83:da:4f:e0:1c:2d:fd:03:c2:4b:84:23:bc:46:
bb:9e:4f:e2:6c:4d:2c:49:84:cd:5c:c0:26:48:15:
59:bb:4c:d5:dc:15:d8:c5:c8:15:67:3d:cc:eb:06:
a7:fc:f9:f1:6e:c9:68:74:2e:c4:6d:46:2d:cd:df:
be:7f:ed:20:62:ad:b1:87:f6:16:29:e0:49:01:36:
2d:82:c1:60:c9:fc:89:fe:0f:6c:be:0b:a7:46:cb:
9b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D5:8B:19:86:37:B4:32:92:39:DC:24:36:94:4A:D5:CB:B4:34:D9
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139322e302f32342d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.192.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:cc:10:03:55:d8:d8:b6:6c:7e:2a:1a:cc:a3:6d:c4:4f:09:
ef:fd:7f:24:e2:81:44:0e:a3:c1:67:f5:f1:93:91:f3:d0:c3:
e3:95:2c:86:d8:de:43:bb:eb:2b:d7:a4:14:98:ec:a4:c7:a8:
34:78:4a:05:77:97:a5:6e:66:e3:b4:ba:ac:94:56:d7:5b:ee:
f0:bf:31:ec:b7:72:d5:33:c1:1d:08:43:15:13:17:cc:ac:36:
36:26:6a:34:64:8b:e7:e4:24:51:d7:ea:98:7a:5b:92:85:3f:
23:95:ac:d8:4e:f0:b3:ac:d3:04:42:28:fd:66:59:b8:2a:a7:
54:1c:5b:95:3d:a9:4d:fd:1b:e1:b7:f4:55:78:3b:32:01:59:
74:94:19:7f:32:89:23:62:6d:ea:12:73:84:5b:90:f0:02:5c:
03:25:70:3f:40:f8:27:23:2b:e1:9c:17:4e:c3:4f:bb:39:3c:
c6:17:4e:f2:59:ac:bc:d3:97:08:1c:41:82:a8:54:1e:89:09:
b3:93:78:9f:77:af:b7:57:8f:a5:28:5d:60:67:6a:7e:32:6a:
24:83:69:27:31:ec:50:65:a1:56:af:b2:50:30:ad:18:7a:dc:
83:33:bf:60:fb:56:ca:4a:b9:f7:16:e7:32:eb:49:4a:62:87:
f4:34:e4:20
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUbCFPRyMQ71OkBp5umjf/PmqpLyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjJaFw0yNTEyMjYxMTQ3MjJaMDMxMTAvBgNV
BAMTKDQzRDU4QjE5ODYzN0I0MzI5MjM5REMyNDM2OTQ0QUQ1Q0JCNDM0RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZKNgM2vaZla1wOFnynTUSwzLj
wTnGuw4VMVndysHjCjS5gy3moHF+cdY53JfT04s3g4d4LJujki5S7r5AF/ybKLwv
+bWY0LFI6MLh6wsrIqlIlZ26AGdQzvrLpS/0+uSvBtp7Hf/ZqLEn4jzqhfAPJkTa
8YIHfjKXfa4QO0BIocZId/rKkpq1/bNkXQiCLXzw41e7EkGc+O//r3WA3LUPJmW4
7vmD2k/gHC39A8JLhCO8RrueT+JsTSxJhM1cwCZIFVm7TNXcFdjFyBVnPczrBqf8
+fFuyWh0LsRtRi3N375/7SBirbGH9hYp4EkBNi2CwWDJ/In+D2y+C6dGy5t7AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUQ9WLGYY3tDKSOdwkNpRK1cu0NNkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzcy
ZTMxMzkzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAticAwDQYJKoZIhvcNAQELBQADggEBAJvMEANV2Ni2bH4qGsyjbcRPCe/9
fyTigUQOo8Fn9fGTkfPQw+OVLIbY3kO76yvXpBSY7KTHqDR4SgV3l6VuZuO0uqyU
Vtdb7vC/Mey3ctUzwR0IQxUTF8ysNjYmajRki+fkJFHX6ph6W5KFPyOVrNhO8LOs
0wRCKP1mWbgqp1QcW5U9qU39G+G39FV4OzIBWXSUGX8yiSNibeoSc4RbkPACXAMl
cD9A+CcjK+GcF07DT7s5PMYXTvJZrLzTlwgcQYKoVB6JCbOTeJ93r7dXj6UoXWBn
an4yaiSDaScx7FBloVavslAwrRh63IMzv2D7VspKufcW5zLrSUpih/Q05CA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:27:44 2025 by rpki-client