Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139352e302f32342d3234203d3e20383334.roa
File: 34352e3133372e3139352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: IAxtGeYiH7HZzSFVoBpq67F0JqPms2LUTEq37AM+UEM=
Subject key identifier: 27:A8:96:6B:14:AE:FA:80:B5:D9:65:7D:27:36:4D:C2:29:07:B2:BC
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 21E1D84C9B8268C0C8C2DF140B7A4D70BE41F0A0
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139352e302f32342d3234203d3e20383334.roa
Signing time: Sun 09 Feb 2025 10:18:34 +0000
ROA not before: Sun 09 Feb 2025 10:13:34 +0000
ROA not after: Sun 08 Feb 2026 10:18:34 +0000
asID: 834
IP address blocks: 45.137.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:e1:d8:4c:9b:82:68:c0:c8:c2:df:14:0b:7a:4d:70:be:41:f0:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 9 10:13:34 2025 GMT
Not After : Feb 8 10:18:34 2026 GMT
Subject: CN=27A8966B14AEFA80B5D9657D27364DC22907B2BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:07:4a:a6:ab:6d:6b:34:b6:77:a7:9a:39:8b:
6b:01:80:69:c3:8e:30:c7:9d:bc:98:b5:37:16:4c:
85:98:1d:0c:c4:38:29:6f:5e:e1:db:3a:b5:4a:f9:
9d:cf:e3:b6:76:dd:e1:f6:b1:93:89:e9:26:f7:ec:
5c:aa:b2:5d:b9:c5:15:e7:c8:b6:e1:4a:92:3f:5f:
aa:db:42:71:59:63:a1:83:bf:00:72:56:ad:01:77:
ba:bd:2c:5c:17:24:38:98:87:70:d5:42:2a:75:97:
75:25:47:ff:43:c9:35:77:d0:bf:b6:48:48:72:9c:
0f:66:ea:c3:64:21:ff:59:47:62:9b:28:54:57:14:
25:a5:6a:c6:5a:d3:87:b8:d0:d8:28:c0:46:85:e3:
92:ed:da:ed:85:eb:3e:2c:f4:df:14:43:15:e3:80:
ba:21:59:1c:14:80:69:6e:54:ab:a2:9a:05:3e:9b:
e4:e6:a7:81:dc:45:d7:01:a3:ca:a1:05:63:66:8a:
56:50:d3:bd:58:e6:5f:97:18:34:bb:13:79:6a:0e:
74:db:d4:7a:90:42:16:ef:0e:53:2b:e5:a8:3b:6d:
d4:a8:b6:ba:13:3f:57:19:bc:c5:b2:31:56:70:4c:
f6:07:8a:a4:11:65:52:1d:29:c3:3a:08:94:43:e4:
ad:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A8:96:6B:14:AE:FA:80:B5:D9:65:7D:27:36:4D:C2:29:07:B2:BC
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3133372e3139352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.195.0/24
Signature Algorithm: sha256WithRSAEncryption
63:ff:c1:12:08:c3:8f:f8:6d:72:95:3c:63:c9:b9:a0:8b:7f:
55:9d:4f:66:dc:ae:a0:9c:a0:5a:1e:f2:b6:bd:fe:62:fc:f1:
ad:42:41:66:a9:96:b3:05:e2:37:b6:45:fb:c8:bb:6b:93:e0:
4b:cf:3b:ae:80:6c:61:34:90:58:50:a8:74:90:6f:7e:43:79:
b0:19:a8:b2:e2:80:fa:0e:5e:c0:d4:aa:33:5f:a0:82:de:97:
15:e8:e5:81:c6:29:01:ef:fa:b6:4e:a3:d8:9c:05:40:99:8e:
97:78:53:85:5f:e2:39:72:7f:05:0c:4d:63:73:89:f1:d1:16:
a6:43:3f:4d:f2:b0:62:10:70:3e:c2:92:ff:c0:b6:21:e2:17:
c0:cd:5b:99:1e:06:ae:ff:c9:e0:f0:1c:eb:6a:78:38:2d:c7:
b9:1f:aa:6c:a4:c8:65:9d:6c:02:18:d2:e2:b0:ad:61:26:69:
c3:20:b1:40:0a:c0:71:0b:15:90:7b:0b:7d:f8:13:85:7d:66:
b2:49:7e:75:6d:12:23:70:4f:45:2b:f3:30:70:db:9d:27:48:
a1:85:f0:c8:d8:32:b2:59:52:8c:dd:88:a0:71:18:af:22:55:
57:81:37:fa:ea:c1:a3:d2:31:fa:45:83:6c:44:22:20:a2:b5:
c8:95:2e:81
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUIeHYTJuCaMDIwt8UC3pNcL5B8KAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAyMDkxMDEzMzRaFw0yNjAyMDgxMDE4MzRaMDMxMTAvBgNV
BAMTKDI3QTg5NjZCMTRBRUZBODBCNUQ5NjU3RDI3MzY0REMyMjkwN0IyQkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4B0qmq21rNLZ3p5o5i2sBgGnD
jjDHnbyYtTcWTIWYHQzEOClvXuHbOrVK+Z3P47Z23eH2sZOJ6Sb37Fyqsl25xRXn
yLbhSpI/X6rbQnFZY6GDvwByVq0Bd7q9LFwXJDiYh3DVQip1l3UlR/9DyTV30L+2
SEhynA9m6sNkIf9ZR2KbKFRXFCWlasZa04e40NgowEaF45Lt2u2F6z4s9N8UQxXj
gLohWRwUgGluVKuimgU+m+Tmp4HcRdcBo8qhBWNmilZQ071Y5l+XGDS7E3lqDnTb
1HqQQhbvDlMr5ag7bdSotroTP1cZvMWyMVZwTPYHiqQRZVIdKcM6CJRD5K0pAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUJ6iWaxSu+oC12WV9JzZNwikHsrwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMzcy
ZTMxMzkzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AC2JwzANBgkqhkiG9w0BAQsFAAOCAQEAY//BEgjDj/htcpU8Y8m5oIt/VZ1PZtyu
oJygWh7ytr3+YvzxrUJBZqmWswXiN7ZF+8i7a5PgS887roBsYTSQWFCodJBvfkN5
sBmosuKA+g5ewNSqM1+ggt6XFejlgcYpAe/6tk6j2JwFQJmOl3hThV/iOXJ/BQxN
Y3OJ8dEWpkM/TfKwYhBwPsKS/8C2IeIXwM1bmR4Grv/J4PAc62p4OC3HuR+qbKTI
ZZ1sAhjS4rCtYSZpwyCxQArAcQsVkHsLffgThX1mskl+dW0SI3BPRSvzMHDbnSdI
oYXwyNgysllSjN2IoHEYryJVV4E3+urBo9Ix+kWDbEQiIKK1yJUugQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:25:03 2025 by rpki-client