Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134332e38332e302f32342d3234203d3e203437353833.roa
File: 34352e3134332e38332e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: yGLCNcRD8yrpTwAVGFOjz3CF1EFtjt3KBisWllDz/TA=
Subject key identifier: 50:A2:95:1B:B9:7C:50:3E:10:41:85:59:B2:D1:7D:D5:48:47:F5:AD
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5A4C14EB9D76C137CE0171D0D874C97E660DCFA9
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134332e38332e302f32342d3234203d3e203437353833.roa
Signing time: Fri 20 Dec 2024 15:23:30 +0000
ROA not before: Fri 20 Dec 2024 15:18:30 +0000
ROA not after: Fri 19 Dec 2025 15:23:30 +0000
asID: 47583
IP address blocks: 45.143.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 07:22:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:4c:14:eb:9d:76:c1:37:ce:01:71:d0:d8:74:c9:7e:66:0d:cf:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:30 2024 GMT
Not After : Dec 19 15:23:30 2025 GMT
Subject: CN=50A2951BB97C503E10418559B2D17DD54847F5AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2f:be:93:13:59:72:c1:f3:1b:3c:c3:7a:46:
04:e1:29:c1:4d:d0:c7:9f:e7:43:82:89:85:6d:86:
89:4d:b4:bd:e7:ba:d7:d4:c7:c4:38:65:94:4e:bd:
aa:b7:12:f0:25:e9:08:99:45:3e:84:31:31:06:37:
ca:de:59:aa:fa:19:50:24:23:e1:e1:82:af:3a:42:
63:31:ce:7c:a4:d1:e9:5f:21:ae:4d:45:eb:8e:6c:
e1:61:f3:9d:3d:55:4c:e3:25:f5:c8:51:26:5c:75:
ea:f5:7d:28:4a:dd:c6:1b:a0:12:bb:aa:78:1e:20:
8c:e9:2d:87:a8:a1:ca:69:df:69:5e:a5:e1:56:bc:
d3:2c:49:50:d1:27:8f:a2:a8:84:78:61:8d:0f:1b:
1a:09:1f:df:c1:53:9b:43:0d:e5:a4:2a:09:43:15:
7c:77:01:15:51:27:f2:3f:05:58:97:d0:c7:d7:42:
c4:2f:aa:1b:f2:ec:49:d6:4f:1e:17:45:06:a9:98:
6e:36:1c:a3:9f:41:ec:9d:97:77:51:d2:a9:5f:72:
f2:42:9c:71:4c:fa:41:d8:fb:d9:56:5e:80:57:7d:
2e:d6:0c:39:a8:b9:1c:0b:a4:63:6e:fe:43:bc:8f:
de:bc:0d:53:c9:b9:01:19:bb:f1:23:e9:4d:1e:79:
79:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:A2:95:1B:B9:7C:50:3E:10:41:85:59:B2:D1:7D:D5:48:47:F5:AD
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134332e38332e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.83.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:ca:ff:bf:b5:d7:23:52:b1:99:f4:d3:73:78:11:e0:e3:fb:
7a:93:6a:c5:84:4f:fb:03:43:01:dc:77:18:fe:ac:6f:a7:82:
32:9d:84:ed:92:cf:11:05:5a:95:53:06:f6:f0:d0:5a:be:be:
d4:42:60:c6:45:17:cb:db:58:33:75:6e:b9:b6:1e:8c:1a:d5:
e2:f8:d5:3a:92:f7:46:4a:d7:ea:b8:7b:7d:6e:47:4e:b7:e8:
b4:04:09:4b:73:93:d4:3f:78:df:f0:da:53:98:b2:ab:b9:b2:
a4:6f:ff:0b:9c:2d:ea:87:79:3d:87:ed:77:54:ed:42:83:4a:
b2:09:39:71:c5:86:63:57:60:5b:fb:04:00:f2:32:15:0e:67:
d6:74:e4:ae:5b:93:1f:6c:11:f6:60:82:0e:95:a0:56:16:f7:
ea:23:01:16:4d:b0:29:db:89:2d:b2:8e:17:50:97:4b:31:5d:
7b:0d:bd:51:77:03:25:f4:1e:1b:d8:0f:24:79:ed:59:61:f9:
32:c0:c9:8b:8e:54:0e:36:f6:e5:46:6e:bf:d4:b5:4d:f6:89:
24:bb:44:3d:02:68:60:01:78:b3:39:e3:57:b1:14:3b:f5:07:
3b:c5:5d:a7:ce:81:f2:aa:3e:18:92:f5:87:ac:fc:03:b7:00:
6e:56:3e:ad
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUWkwU6512wTfOAXHQ2HTJfmYNz6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzBaFw0yNTEyMTkxNTIzMzBaMDMxMTAvBgNV
BAMTKDUwQTI5NTFCQjk3QzUwM0UxMDQxODU1OUIyRDE3REQ1NDg0N0Y1QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9L76TE1lywfMbPMN6RgThKcFN
0Mef50OCiYVtholNtL3nutfUx8Q4ZZROvaq3EvAl6QiZRT6EMTEGN8reWar6GVAk
I+Hhgq86QmMxznyk0elfIa5NReuObOFh8509VUzjJfXIUSZcder1fShK3cYboBK7
qngeIIzpLYeoocpp32lepeFWvNMsSVDRJ4+iqIR4YY0PGxoJH9/BU5tDDeWkKglD
FXx3ARVRJ/I/BViX0MfXQsQvqhvy7EnWTx4XRQapmG42HKOfQeydl3dR0qlfcvJC
nHFM+kHY+9lWXoBXfS7WDDmouRwLpGNu/kO8j968DVPJuQEZu/Ej6U0eeXkFAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUUKKVG7l8UD4QQYVZstF91UhH9a0wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0MzMy
ZTM4MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQALY9TMA0GCSqGSIb3DQEBCwUAA4IBAQCjyv+/tdcjUrGZ9NNzeBHg4/t6k2rF
hE/7A0MB3HcY/qxvp4IynYTtks8RBVqVUwb28NBavr7UQmDGRRfL21gzdW65th6M
GtXi+NU6kvdGStfquHt9bkdOt+i0BAlLc5PUP3jf8NpTmLKrubKkb/8LnC3qh3k9
h+13VO1Cg0qyCTlxxYZjV2Bb+wQA8jIVDmfWdOSuW5MfbBH2YIIOlaBWFvfqIwEW
TbAp24ktso4XUJdLMV17Db1RdwMl9B4b2A8kee1ZYfkywMmLjlQONvblRm6/1LVN
9okku0Q9AmhgAXizOeNXsRQ79Qc7xV2nzoHyqj4YkvWHrPwDtwBuVj6t
-----END CERTIFICATE-----
Generated at Tue Apr 8 22:12:42 2025 by rpki-client