Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139332e302f32342d3234203d3e20383334.roa
File: 34352e3133372e3139332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 7/zPlu4mni/KinwHKc9hzuHvXmv0eaNFEElnH3xGdmc=
Subject key identifier: 7D:62:BA:F3:7F:B8:05:28:66:75:34:36:48:51:4E:77:4D:5A:20:AC
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3A7F3D99E9BDBED4C273F8A790E601DB4AA4BC07
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139332e302f32342d3234203d3e20383334.roa
Signing time: Fri 27 Dec 2024 11:47:28 +0000
ROA not before: Fri 27 Dec 2024 11:42:28 +0000
ROA not after: Fri 26 Dec 2025 11:47:28 +0000
asID: 834
IP address blocks: 45.137.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:7f:3d:99:e9:bd:be:d4:c2:73:f8:a7:90:e6:01:db:4a:a4:bc:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:28 2024 GMT
Not After : Dec 26 11:47:28 2025 GMT
Subject: CN=7D62BAF37FB805286675343648514E774D5A20AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fd:fc:6c:69:fe:28:a5:8b:77:85:1e:fb:40:
c2:12:09:d4:ed:c3:53:ac:70:e6:e3:54:d8:70:c1:
08:9a:5b:47:2c:c2:38:0c:60:79:f7:ea:f6:f0:80:
ea:44:a7:22:04:e9:12:13:47:fd:5f:a6:3d:eb:99:
30:1c:91:4b:4c:f3:5d:3e:30:e7:4e:d7:8c:88:9b:
89:3d:fb:4f:09:da:1c:f9:cf:ad:3b:99:3f:05:c6:
92:51:c2:4a:a5:44:b9:c1:64:34:14:a9:4c:54:fd:
ee:00:39:d5:30:7f:51:6f:9a:8b:e1:b0:cc:f1:2e:
0c:b0:83:9b:c0:96:7b:e9:7e:b9:34:81:b9:fa:30:
5c:72:4b:24:5a:03:52:0c:62:94:2d:7b:41:db:5a:
f5:f6:fa:d4:03:90:4a:5e:ca:a3:ca:de:b5:48:68:
0e:ae:8d:bd:66:ad:77:8f:1b:fc:8b:da:f4:c1:ef:
c8:b0:bc:c5:8b:6b:72:ed:81:a6:b9:7a:2d:94:ba:
46:ec:7b:07:2e:3d:e1:68:08:3f:ce:8d:7f:32:67:
be:22:64:3a:1f:76:11:da:e6:ac:95:35:f8:a5:01:
b7:1c:8c:97:9b:61:33:5a:97:73:3c:09:5e:06:0f:
05:af:32:be:e1:30:5e:c6:6c:98:8d:bf:65:ce:e1:
b4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:62:BA:F3:7F:B8:05:28:66:75:34:36:48:51:4E:77:4D:5A:20:AC
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.193.0/24
Signature Algorithm: sha256WithRSAEncryption
89:49:b8:3c:0c:9e:42:56:f0:0a:54:1d:bc:62:e7:72:6f:62:
36:2a:96:df:d9:51:fe:33:e5:5f:6d:34:40:31:9e:71:18:10:
d8:cb:4a:02:e3:15:74:6a:11:a7:91:d3:37:8f:f8:a2:43:28:
28:81:ae:7e:ac:50:5f:90:93:81:11:63:b9:40:70:c7:6f:99:
b4:d7:bb:d1:10:e4:a8:ca:2b:6f:91:78:68:57:5b:3e:ca:7f:
b7:b9:80:99:76:5c:f3:a7:eb:a6:c7:ac:25:c5:a3:d2:e4:e2:
13:41:a8:d0:bb:c5:47:de:2c:99:ca:7a:59:80:d6:14:e2:c2:
b8:c2:ea:68:12:c1:19:9d:9f:46:82:1e:79:8f:65:3f:4d:b7:
54:08:f3:df:96:76:7b:de:af:26:90:b7:bc:ce:98:8a:d2:71:
ac:5b:76:3d:79:70:38:dc:07:db:3e:79:a4:7e:8e:7f:8d:0a:
bf:3a:37:da:02:41:02:c1:8d:8b:99:cf:bd:5d:ce:1c:38:22:
af:fd:7d:44:ea:20:59:66:9f:4e:ed:04:9c:0b:71:20:2b:a1:
66:60:04:ce:a2:26:ad:c4:9e:59:02:a8:52:13:81:b4:8f:b5:
8a:7b:17:6e:57:1f:9e:4a:8f:a8:ed:4b:2e:1f:44:c9:4b:a6:
fd:dc:f6:fc
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUOn89mem9vtTCc/inkOYB20qkvAcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjhaFw0yNTEyMjYxMTQ3MjhaMDMxMTAvBgNV
BAMTKDdENjJCQUYzN0ZCODA1Mjg2Njc1MzQzNjQ4NTE0RTc3NEQ1QTIwQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp/fxsaf4opYt3hR77QMISCdTt
w1OscObjVNhwwQiaW0cswjgMYHn36vbwgOpEpyIE6RITR/1fpj3rmTAckUtM810+
MOdO14yIm4k9+08J2hz5z607mT8FxpJRwkqlRLnBZDQUqUxU/e4AOdUwf1Fvmovh
sMzxLgywg5vAlnvpfrk0gbn6MFxySyRaA1IMYpQte0HbWvX2+tQDkEpeyqPK3rVI
aA6ujb1mrXePG/yL2vTB78iwvMWLa3Ltgaa5ei2UukbsewcuPeFoCD/OjX8yZ74i
ZDofdhHa5qyVNfilAbccjJebYTNal3M8CV4GDwWvMr7hMF7GbJiNv2XO4bQ/AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUfWK683+4BShmdTQ2SFFOd01aIKwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzcy
ZTMxMzkzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AC2JwTANBgkqhkiG9w0BAQsFAAOCAQEAiUm4PAyeQlbwClQdvGLncm9iNiqW39lR
/jPlX200QDGecRgQ2MtKAuMVdGoRp5HTN4/4okMoKIGufqxQX5CTgRFjuUBwx2+Z
tNe70RDkqMorb5F4aFdbPsp/t7mAmXZc86frpsesJcWj0uTiE0Go0LvFR94smcp6
WYDWFOLCuMLqaBLBGZ2fRoIeeY9lP023VAjz35Z2e96vJpC3vM6YitJxrFt2PXlw
ONwH2z55pH6Of40Kvzo32gJBAsGNi5nPvV3OHDgir/19ROogWWafTu0EnAtxICuh
ZmAEzqImrcSeWQKoUhOBtI+1insXblcfnkqPqO1LLh9EyUum/dz2/A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:38:31 2025 by rpki-client