Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139342e302f32342d3332203d3e203531313637.roa
File: 34352e3133372e3139342e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: kmK2gD26lXQ5nB79aO5ZIjuROinG8auusuevLEb+vcQ=
Subject key identifier: E0:D6:E6:B4:DC:23:4A:4F:B8:DA:1B:60:89:E2:15:50:E6:CA:9C:93
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 48D3C83D4ED0F2F30F8C4FF5855B891E93A0CF9A
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139342e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:09 +0000
ROA not before: Fri 27 Dec 2024 11:42:09 +0000
ROA not after: Fri 26 Dec 2025 11:47:09 +0000
asID: 51167
IP address blocks: 45.137.194.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:d3:c8:3d:4e:d0:f2:f3:0f:8c:4f:f5:85:5b:89:1e:93:a0:cf:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:09 2024 GMT
Not After : Dec 26 11:47:09 2025 GMT
Subject: CN=E0D6E6B4DC234A4FB8DA1B6089E21550E6CA9C93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0a:a4:c9:9f:46:74:b6:5c:23:c7:00:88:50:
e3:a7:be:01:98:3b:03:47:a1:05:27:09:9c:fb:49:
84:a6:1f:f8:aa:a7:ab:28:31:78:e1:29:b7:64:82:
4a:df:b6:2b:9f:d9:f8:c2:87:eb:6b:e5:9f:f7:e9:
22:40:e9:6f:e5:c5:ac:fc:a8:c7:e1:de:91:8a:ca:
68:b6:e7:00:81:2b:53:00:d2:7b:e3:a4:56:02:2e:
3c:7e:2f:1e:2f:42:32:dd:a1:48:23:c9:7a:79:4f:
0d:48:86:52:58:6a:e7:08:55:09:e5:a7:7b:a9:8c:
73:5f:93:4a:5a:57:1e:dc:44:50:5e:68:ed:a3:da:
64:7d:9e:a5:44:13:45:52:6f:6c:3d:b2:94:9c:70:
a8:dd:d0:94:d9:c3:b8:4e:02:44:eb:41:75:3f:8c:
76:1b:07:28:0b:ed:f6:6b:eb:0d:9a:49:f5:14:4c:
2b:f1:6b:76:4c:0c:80:0b:ab:f7:57:10:1e:c6:6f:
e7:ea:3d:82:cb:60:06:4a:79:80:fe:a7:2e:34:7d:
36:15:66:4c:98:9c:55:8c:36:92:61:73:97:8c:eb:
92:02:93:ca:89:90:eb:39:ad:91:14:f5:ef:66:af:
1a:d0:9e:f1:6b:20:4a:83:ce:4b:bf:6f:b8:a4:92:
46:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D6:E6:B4:DC:23:4A:4F:B8:DA:1B:60:89:E2:15:50:E6:CA:9C:93
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139342e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.194.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:3d:46:10:e5:a7:f2:da:99:37:18:08:73:e7:63:cf:be:66:
13:56:83:48:14:3c:c9:7e:34:07:f0:c2:3c:a1:19:5e:f9:45:
e9:bb:14:be:f5:05:5b:40:d4:90:5d:57:62:de:42:68:18:59:
f4:a6:6b:ae:f6:48:5f:8e:d2:57:30:4c:09:da:a5:80:5a:4c:
e4:0d:e7:66:06:d1:fd:4e:9b:0a:e5:0e:8d:d4:b0:e3:f7:f7:
fd:33:8f:5a:9a:8b:6d:ad:8f:6b:3b:95:06:d3:36:f2:e6:46:
fa:3b:fa:bc:65:04:13:9b:bd:b7:f8:f2:45:7a:8c:a4:b7:40:
57:76:27:6e:02:2c:41:4b:15:c0:e6:08:f1:57:0d:49:d4:c3:
4d:f4:20:ee:ab:29:59:6e:c5:c7:8e:12:c0:72:54:f0:af:cc:
1a:c6:e1:f5:52:a7:97:ab:56:99:04:ca:73:b8:cc:a4:ba:5b:
32:31:e0:3c:eb:63:d9:00:60:7a:8f:dd:1f:8a:df:e5:10:24:
df:53:12:0f:ad:f0:50:c7:4f:31:07:d9:4a:bb:3d:9f:ea:b5:
d9:22:ab:28:3e:99:b3:08:0e:7c:d3:80:8b:00:f2:3a:50:6a:
e7:06:98:b1:bf:9f:9b:c9:56:8d:6c:40:e8:86:61:c4:b3:b4:
f4:be:47:04
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUSNPIPU7Q8vMPjE/1hVuJHpOgz5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMDlaFw0yNTEyMjYxMTQ3MDlaMDMxMTAvBgNV
BAMTKEUwRDZFNkI0REMyMzRBNEZCOERBMUI2MDg5RTIxNTUwRTZDQTlDOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiCqTJn0Z0tlwjxwCIUOOnvgGY
OwNHoQUnCZz7SYSmH/iqp6soMXjhKbdkgkrftiuf2fjCh+tr5Z/36SJA6W/lxaz8
qMfh3pGKymi25wCBK1MA0nvjpFYCLjx+Lx4vQjLdoUgjyXp5Tw1IhlJYaucIVQnl
p3upjHNfk0paVx7cRFBeaO2j2mR9nqVEE0VSb2w9spSccKjd0JTZw7hOAkTrQXU/
jHYbBygL7fZr6w2aSfUUTCvxa3ZMDIALq/dXEB7Gb+fqPYLLYAZKeYD+py40fTYV
ZkyYnFWMNpJhc5eM65ICk8qJkOs5rZEU9e9mrxrQnvFrIEqDzku/b7ikkkYBAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU4NbmtNwjSk+42htgieIVUObKnJMwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzcy
ZTMxMzkzNDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAticIwDQYJKoZIhvcNAQELBQADggEBANc9RhDlp/LamTcYCHPnY8++ZhNW
g0gUPMl+NAfwwjyhGV75Rem7FL71BVtA1JBdV2LeQmgYWfSma672SF+O0lcwTAna
pYBaTOQN52YG0f1OmwrlDo3UsOP39/0zj1qai22tj2s7lQbTNvLmRvo7+rxlBBOb
vbf48kV6jKS3QFd2J24CLEFLFcDmCPFXDUnUw030IO6rKVluxceOEsByVPCvzBrG
4fVSp5erVpkEynO4zKS6WzIx4DzrY9kAYHqP3R+K3+UQJN9TEg+t8FDHTzEH2Uq7
PZ/qtdkiqyg+mbMIDnzTgIsA8jpQaucGmLG/n5vJVo1sQOiGYcSztPS+RwQ=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:17:12 2025 by rpki-client