Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134312e32332e302f32342d3234203d3e20313336373837.roa
File: 34352e3134312e32332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 1I2NlRfqNf7z6J90hjSuqVIFdaROS0ZbJtXaEJONOaM=
Subject key identifier: 57:F6:FD:62:DF:F6:ED:4A:96:CA:CE:30:63:7C:65:EB:8F:81:E6:59
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4C88BA126E61F14E8554FF0488A1EA6502B76A2B
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134312e32332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:13 +0000
ROA not before: Fri 27 Dec 2024 11:42:13 +0000
ROA not after: Fri 26 Dec 2025 11:47:13 +0000
asID: 136787
IP address blocks: 45.141.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 02:18:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:88:ba:12:6e:61:f1:4e:85:54:ff:04:88:a1:ea:65:02:b7:6a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:13 2024 GMT
Not After : Dec 26 11:47:13 2025 GMT
Subject: CN=57F6FD62DFF6ED4A96CACE30637C65EB8F81E659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b2:73:c7:6a:5c:02:16:ad:7a:65:a0:09:90:
22:75:55:d4:f9:91:3f:a4:fe:0c:8b:df:b7:51:8e:
8e:62:66:3b:81:94:52:e8:0e:a3:51:83:6b:f3:f4:
f9:29:be:e1:0f:3a:a1:94:07:a3:bf:48:cc:30:d0:
4d:a8:65:71:d0:db:43:80:64:be:b1:ae:5c:d6:c2:
53:98:98:fe:dc:c9:39:2a:9b:d0:6a:15:d4:9f:a4:
dd:af:17:3e:8b:4a:7e:8d:61:73:c1:0e:4e:e8:b4:
59:19:81:bc:e0:07:cc:c3:2c:f1:05:78:7b:2a:28:
64:d2:24:16:51:30:31:9c:c1:ae:e4:c9:b8:03:f5:
86:76:79:d2:f1:9b:19:5f:e8:02:2b:c8:71:c4:6a:
02:ca:70:38:cb:65:26:bb:92:db:92:a3:84:f7:85:
73:01:f9:77:dd:9e:d1:97:a7:75:f1:8a:af:a1:b5:
d5:7f:e7:6a:d4:55:6f:1a:64:9a:63:c8:e6:ec:8a:
e4:80:cd:94:cd:5d:a4:6f:49:29:82:3e:c2:e5:a0:
3e:6a:1b:98:56:92:d8:be:c4:ab:5d:55:21:5a:93:
c8:91:da:33:04:48:1f:4c:78:a5:5e:af:1c:5b:0e:
7c:93:91:e0:bc:e1:ab:84:16:dc:2b:70:4f:32:6f:
09:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:F6:FD:62:DF:F6:ED:4A:96:CA:CE:30:63:7C:65:EB:8F:81:E6:59
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134312e32332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.23.0/24
Signature Algorithm: sha256WithRSAEncryption
46:de:94:44:7e:0f:e8:ff:1a:c4:fa:09:02:7e:50:b5:35:43:
29:2a:00:10:e7:35:95:13:78:be:47:01:b7:23:b9:f2:f1:4d:
21:5b:99:60:7b:8b:d3:f5:f6:14:c4:38:25:d3:be:a7:9b:81:
0e:e6:54:d0:3d:83:31:3b:22:93:52:06:a1:af:a1:51:a7:bb:
1e:94:cb:38:fc:c8:a2:90:eb:06:80:23:e9:09:ac:84:3e:05:
5b:ed:f8:b0:3a:6e:fb:2d:b1:6a:20:c3:43:c5:5d:c9:18:8c:
8a:2e:72:c0:c3:30:ee:f9:43:c9:b0:a2:7a:1f:29:79:7d:0c:
ff:71:53:58:c4:23:a5:d3:b5:f2:ea:89:e8:47:1f:23:39:41:
f6:c0:06:b8:a2:f9:22:9f:90:ee:72:4d:af:af:bc:f9:1c:25:
e4:4e:a9:96:c8:15:80:db:a8:5c:53:67:92:ac:8f:9c:35:1d:
32:e6:3d:b0:3d:ee:89:f3:47:31:a0:1c:86:dd:73:b7:8c:e8:
19:78:b2:20:c5:0a:8a:2f:9d:64:62:36:3e:7a:8b:6c:3c:d5:
8c:4d:f7:3a:99:01:c7:2e:35:94:48:51:4c:94:3d:89:89:07:
54:be:87:8d:a7:14:99:04:89:80:71:71:61:d4:4c:0a:84:3a:
75:ee:e5:bf
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUTIi6Em5h8U6FVP8EiKHqZQK3aiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTNaFw0yNTEyMjYxMTQ3MTNaMDMxMTAvBgNV
BAMTKDU3RjZGRDYyREZGNkVENEE5NkNBQ0UzMDYzN0M2NUVCOEY4MUU2NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0snPHalwCFq16ZaAJkCJ1VdT5
kT+k/gyL37dRjo5iZjuBlFLoDqNRg2vz9PkpvuEPOqGUB6O/SMww0E2oZXHQ20OA
ZL6xrlzWwlOYmP7cyTkqm9BqFdSfpN2vFz6LSn6NYXPBDk7otFkZgbzgB8zDLPEF
eHsqKGTSJBZRMDGcwa7kybgD9YZ2edLxmxlf6AIryHHEagLKcDjLZSa7ktuSo4T3
hXMB+XfdntGXp3Xxiq+htdV/52rUVW8aZJpjyObsiuSAzZTNXaRvSSmCPsLloD5q
G5hWkti+xKtdVSFak8iR2jMESB9MeKVerxxbDnyTkeC84auEFtwrcE8ybwmFAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUV/b9Yt/27UqWys4wY3xl64+B5lkwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzEy
ZTMyMzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtjRcwDQYJKoZIhvcNAQELBQADggEBAEbelER+D+j/GsT6CQJ+ULU1Qykq
ABDnNZUTeL5HAbcjufLxTSFbmWB7i9P19hTEOCXTvqebgQ7mVNA9gzE7IpNSBqGv
oVGnux6Uyzj8yKKQ6waAI+kJrIQ+BVvt+LA6bvstsWogw0PFXckYjIoucsDDMO75
Q8mwonofKXl9DP9xU1jEI6XTtfLqiehHHyM5QfbABrii+SKfkO5yTa+vvPkcJeRO
qZbIFYDbqFxTZ5Ksj5w1HTLmPbA97onzRzGgHIbdc7eM6Bl4siDFCoovnWRiNj56
i2w81YxN9zqZAccuNZRIUUyUPYmJB1S+h42nFJkEiYBxcWHUTAqEOnXu5b8=
-----END CERTIFICATE-----
Generated at Wed Apr 9 12:58:16 2025 by rpki-client