Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134382e3133362e302f32342d3234203d3e20313336373837.roa
File: 34352e3134382e3133362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 4oMllmelti2vl+Xs0ZW2gyXDCWxE79aATBNa7/Ge0Pc=
Subject key identifier: 88:A7:78:21:C9:3F:19:C3:8D:5D:18:49:18:3E:F0:52:61:F9:1B:7E
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 12272FAB06ED55BB6CA75C823F047720FDEE7F08
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134382e3133362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:18 +0000
ROA not before: Fri 27 Dec 2024 11:42:18 +0000
ROA not after: Fri 26 Dec 2025 11:47:18 +0000
asID: 136787
IP address blocks: 45.148.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:27:2f:ab:06:ed:55:bb:6c:a7:5c:82:3f:04:77:20:fd:ee:7f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:18 2024 GMT
Not After : Dec 26 11:47:18 2025 GMT
Subject: CN=88A77821C93F19C38D5D1849183EF05261F91B7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c7:b1:92:76:47:9a:33:83:6d:73:28:29:a6:
15:e1:2d:b2:85:3b:a3:09:3d:a7:3f:ce:82:3e:6e:
cf:1e:a0:2f:77:b2:c0:4f:4f:a1:a6:b2:a2:7a:73:
22:f2:db:59:f6:b0:81:0c:b4:fd:a5:91:7d:81:f9:
6e:9a:8e:2f:cc:63:b4:7e:d8:b0:aa:b0:76:db:34:
8c:e8:07:07:03:86:3f:3c:81:ae:45:84:2b:9a:1a:
a7:81:89:a8:a8:21:f3:da:34:c9:4a:70:1a:48:6f:
ac:78:e9:d9:e8:e4:c6:cd:fa:30:4a:ab:2a:fb:12:
b9:32:c4:3d:35:d3:c2:6e:b2:ae:8c:b9:e4:bd:99:
73:eb:b0:94:de:fa:32:7b:39:63:4f:51:97:99:22:
c3:d5:c9:cf:18:e8:d6:f1:de:77:90:ac:bb:9e:4f:
b4:9b:48:91:4f:e9:e6:e2:7b:3f:a5:5e:1c:c7:b4:
60:da:2a:fa:21:6b:48:95:e1:a7:39:3b:0a:37:f5:
09:3c:a8:56:ac:58:f1:78:bb:0d:54:bf:ce:53:12:
62:74:d1:59:02:78:19:fb:9c:27:2b:4c:2a:21:df:
b3:3a:36:30:11:bb:0d:25:90:7a:fe:d0:0d:d8:eb:
8b:5d:0b:c0:74:af:f1:3e:d7:66:9c:de:bb:ef:90:
19:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A7:78:21:C9:3F:19:C3:8D:5D:18:49:18:3E:F0:52:61:F9:1B:7E
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134382e3133362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.136.0/24
Signature Algorithm: sha256WithRSAEncryption
45:48:88:f9:d6:50:1b:d5:c9:08:ac:bf:81:57:5d:3d:db:94:
7e:d5:e8:ea:69:6e:60:83:b4:e8:93:c0:88:f3:43:0a:4c:e6:
ea:01:a5:b9:16:c7:22:fa:f9:cf:42:a5:34:86:42:98:62:e6:
00:0b:99:32:7b:52:19:82:66:17:fe:33:c2:8e:4b:86:2e:55:
73:46:3c:73:f1:d3:54:09:66:0e:cd:96:85:50:23:d9:79:b4:
83:8f:5c:0b:91:40:f2:83:1c:1b:6f:10:dd:61:ca:08:2f:75:
79:5e:6a:2c:6f:e2:f6:22:46:8a:0e:57:a4:9b:b4:a8:29:7a:
17:de:ca:25:c2:00:8d:74:1d:b6:6c:2f:2a:50:3f:ab:94:fb:
de:99:66:d8:b9:18:70:c3:7a:37:97:67:1c:c0:d1:87:b9:62:
10:d1:95:4e:bf:41:19:19:d8:77:69:fc:6c:59:3f:d9:53:84:
95:ff:fe:ba:5f:31:0d:86:24:fc:3e:f1:d1:14:2e:50:c7:56:
83:83:1a:9d:6a:12:b0:11:ff:64:71:5b:26:33:c5:b8:13:3b:
21:4d:6f:f1:e6:b7:c8:be:33:47:37:ba:5d:e0:2e:df:c3:b8:
9a:78:57:4f:8b:17:7e:2e:37:70:10:31:30:4b:ac:be:bf:12:
c7:84:53:58
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUEicvqwbtVbtsp1yCPwR3IP3ufwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMThaFw0yNTEyMjYxMTQ3MThaMDMxMTAvBgNV
BAMTKDg4QTc3ODIxQzkzRjE5QzM4RDVEMTg0OTE4M0VGMDUyNjFGOTFCN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNx7GSdkeaM4NtcygpphXhLbKF
O6MJPac/zoI+bs8eoC93ssBPT6GmsqJ6cyLy21n2sIEMtP2lkX2B+W6aji/MY7R+
2LCqsHbbNIzoBwcDhj88ga5FhCuaGqeBiaioIfPaNMlKcBpIb6x46dno5MbN+jBK
qyr7ErkyxD0108Jusq6MueS9mXPrsJTe+jJ7OWNPUZeZIsPVyc8Y6Nbx3neQrLue
T7SbSJFP6ebiez+lXhzHtGDaKvoha0iV4ac5Owo39Qk8qFasWPF4uw1Uv85TEmJ0
0VkCeBn7nCcrTCoh37M6NjARuw0lkHr+0A3Y64tdC8B0r/E+12ac3rvvkBlBAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUiKd4Ick/GcONXRhJGD7wUmH5G34wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0Mzgy
ZTMxMzMzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2UiDANBgkqhkiG9w0BAQsFAAOCAQEARUiI+dZQG9XJCKy/gVddPduU
ftXo6mluYIO06JPAiPNDCkzm6gGluRbHIvr5z0KlNIZCmGLmAAuZMntSGYJmF/4z
wo5Lhi5Vc0Y8c/HTVAlmDs2WhVAj2Xm0g49cC5FA8oMcG28Q3WHKCC91eV5qLG/i
9iJGig5XpJu0qCl6F97KJcIAjXQdtmwvKlA/q5T73plm2LkYcMN6N5dnHMDRh7li
ENGVTr9BGRnYd2n8bFk/2VOElf/+ul8xDYYk/D7x0RQuUMdWg4ManWoSsBH/ZHFb
JjPFuBM7IU1v8ea3yL4zRze6XeAu38O4mnhXT4sXfi43cBAxMEusvr8Sx4RTWA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:59:16 2025 by rpki-client