Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20313432313436.roa
File: 34352e3134302e3138362e302f32342d3234203d3e20313432313436.roa (raw, json)
Hash identifier: 2VOZsYAhDl+B0SLw9S/3c9SLzUVk6hDNXSxunUblckk=
Subject key identifier: 87:7E:45:74:3F:B0:D5:2E:7D:60:50:EB:E8:6C:60:2F:51:94:C7:90
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1FE35F1093805862D330175B53A77F8AE3C480F5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20313432313436.roa
Signing time: Fri 27 Dec 2024 11:47:12 +0000
ROA not before: Fri 27 Dec 2024 11:42:12 +0000
ROA not after: Fri 26 Dec 2025 11:47:12 +0000
asID: 142146
IP address blocks: 45.140.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:e3:5f:10:93:80:58:62:d3:30:17:5b:53:a7:7f:8a:e3:c4:80:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:12 2024 GMT
Not After : Dec 26 11:47:12 2025 GMT
Subject: CN=877E45743FB0D52E7D6050EBE86C602F5194C790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ec:8e:fe:4c:89:4e:13:5c:1e:0c:cf:51:cc:
f0:3b:ab:c4:8f:93:99:ba:4a:32:49:b4:cf:82:2e:
61:62:77:84:e5:75:77:6a:70:bc:4a:94:96:d0:46:
c1:94:3a:d2:55:a7:6f:73:96:a5:09:c6:f9:b0:38:
bd:2b:14:a3:a8:e4:df:63:9b:50:00:91:b8:00:3d:
e6:9a:a2:c5:24:fd:b9:05:a3:8f:8c:12:ff:5c:49:
dd:50:ca:cf:e7:de:1a:7f:1c:47:e7:27:26:49:60:
da:49:8a:30:f8:23:d9:a2:e7:58:2c:77:0c:73:b2:
46:38:b8:9c:cb:af:c2:ff:9f:c7:d9:82:81:75:cf:
29:51:28:47:38:30:e2:a2:2b:91:5d:63:8c:c5:37:
aa:d8:9d:e9:39:a5:88:80:4a:74:f0:84:ec:fb:a3:
ae:cf:88:c2:53:44:ac:02:e9:f8:6d:1c:af:49:9b:
e9:3e:bc:70:2b:9f:da:32:97:1e:5f:b7:2b:fc:f9:
43:0a:a9:b5:21:e5:f4:b9:17:f1:f3:2e:60:ff:a4:
6f:2e:99:4c:73:f9:3c:62:34:3e:a5:74:dd:53:7a:
48:4b:7d:b7:3c:d2:75:1c:75:62:b9:a9:ee:4d:7f:
ae:bc:3f:5b:2b:15:1f:8c:59:44:63:1f:8d:c4:8a:
3d:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7E:45:74:3F:B0:D5:2E:7D:60:50:EB:E8:6C:60:2F:51:94:C7:90
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134302e3138362e302f32342d3234203d3e20313432313436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.186.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:48:42:25:f7:61:c4:04:00:b9:bb:29:db:9f:db:9c:59:0b:
55:9c:3e:9e:ff:6e:6d:dc:38:74:ed:e9:7e:65:88:eb:ff:83:
3e:8e:d7:a0:d1:18:d2:c0:10:e1:cc:08:f7:99:0c:b1:a6:6f:
b7:ca:30:07:1e:b0:b1:84:21:c7:84:e2:1c:12:17:20:98:b6:
a8:a3:6c:a7:2f:53:65:f5:ef:5f:d7:86:bd:4f:10:95:c5:c9:
d9:a2:39:43:45:0b:7d:ce:f3:0a:9d:13:45:c2:32:a4:4b:ad:
61:8f:cf:e8:2d:52:15:2b:88:75:b6:9b:86:e7:89:2c:11:3d:
fe:e7:4c:db:cc:c1:78:21:b5:36:39:bc:d0:0f:4f:6d:f1:c6:
5c:b1:51:50:91:a3:af:6d:e6:0f:a0:27:1d:8b:89:48:74:d4:
ca:b1:ff:98:d7:7e:2f:62:2c:3e:48:17:25:13:5b:f5:54:0c:
7b:50:03:4c:b8:e6:d9:c5:0c:58:61:59:01:e4:f6:bc:7e:76:
d0:b5:4c:0d:52:b7:54:4f:32:3d:3c:1b:57:5a:b7:1a:41:53:
90:b4:44:28:14:86:5f:58:28:48:7a:b5:89:77:6a:e7:f4:19:
ef:52:ce:c0:f1:22:41:c0:3b:02:50:37:5d:c0:74:ba:c2:06:
14:03:a5:a4
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUH+NfEJOAWGLTMBdbU6d/iuPEgPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTJaFw0yNTEyMjYxMTQ3MTJaMDMxMTAvBgNV
BAMTKDg3N0U0NTc0M0ZCMEQ1MkU3RDYwNTBFQkU4NkM2MDJGNTE5NEM3OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC57I7+TIlOE1weDM9RzPA7q8SP
k5m6SjJJtM+CLmFid4TldXdqcLxKlJbQRsGUOtJVp29zlqUJxvmwOL0rFKOo5N9j
m1AAkbgAPeaaosUk/bkFo4+MEv9cSd1Qys/n3hp/HEfnJyZJYNpJijD4I9mi51gs
dwxzskY4uJzLr8L/n8fZgoF1zylRKEc4MOKiK5FdY4zFN6rYnek5pYiASnTwhOz7
o67PiMJTRKwC6fhtHK9Jm+k+vHArn9oylx5ftyv8+UMKqbUh5fS5F/HzLmD/pG8u
mUxz+TxiND6ldN1TekhLfbc80nUcdWK5qe5Nf668P1srFR+MWURjH43Eij1LAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUh35FdD+w1S59YFDr6GxgL1GUx5AwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzAy
ZTMxMzgzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMjMxMzQzNi5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2MujANBgkqhkiG9w0BAQsFAAOCAQEACkhCJfdhxAQAubsp25/bnFkL
VZw+nv9ubdw4dO3pfmWI6/+DPo7XoNEY0sAQ4cwI95kMsaZvt8owBx6wsYQhx4Ti
HBIXIJi2qKNspy9TZfXvX9eGvU8QlcXJ2aI5Q0ULfc7zCp0TRcIypEutYY/P6C1S
FSuIdbabhueJLBE9/udM28zBeCG1Njm80A9PbfHGXLFRUJGjr23mD6AnHYuJSHTU
yrH/mNd+L2IsPkgXJRNb9VQMe1ADTLjm2cUMWGFZAeT2vH520LVMDVK3VE8yPTwb
V1q3GkFTkLREKBSGX1goSHq1iXdq5/QZ71LOwPEiQcA7AlA3XcB0usIGFAOlpA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:03:57 2025 by rpki-client