Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134382e3133392e302f32342d3234203d3e20313336373837.roa
File: 34352e3134382e3133392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: JIkNX6jVdU8zz1lq3hpzOnAj8AKD2XFSGPW0YXC8rCg=
Subject key identifier: B3:83:EC:44:F7:E6:C4:18:B8:03:AE:7E:79:7A:3D:83:A5:CF:64:1F
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4812572B290CC12623ED458C8B1412C657A2C50F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134382e3133392e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:11 +0000
ROA not before: Fri 27 Dec 2024 11:42:11 +0000
ROA not after: Fri 26 Dec 2025 11:47:11 +0000
asID: 136787
IP address blocks: 45.148.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:12:57:2b:29:0c:c1:26:23:ed:45:8c:8b:14:12:c6:57:a2:c5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:11 2024 GMT
Not After : Dec 26 11:47:11 2025 GMT
Subject: CN=B383EC44F7E6C418B803AE7E797A3D83A5CF641F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2b:44:06:fb:4a:ed:fd:65:3a:93:9d:54:4e:
b5:ea:5e:12:64:e4:34:f6:cf:2d:ad:aa:ee:9f:d6:
86:9d:f7:61:a0:b2:ab:5d:05:28:77:2f:97:ce:6b:
84:8b:a7:32:7f:fa:25:57:f1:18:a4:f3:28:21:b5:
15:07:9a:14:32:8e:16:ab:6d:cf:73:f2:25:07:50:
6c:a3:6b:cb:a0:42:d7:af:d6:da:d8:ef:ce:2b:3d:
53:5e:27:56:e6:5a:83:78:59:49:15:2f:6c:3f:f3:
c7:b6:6d:67:04:ae:82:9a:60:12:01:3e:00:3e:84:
7b:7e:60:ae:03:a4:af:be:7c:84:f9:7c:9f:75:c3:
98:33:83:bc:9c:1c:2b:69:cb:a0:e2:6c:41:ea:8d:
84:c7:d8:82:74:32:b0:47:41:a0:9c:ff:00:11:e2:
d9:8e:31:c0:09:0a:07:c8:1c:85:05:ea:0f:1f:ee:
ec:eb:57:cf:ab:2b:ab:0c:af:b5:57:37:89:ce:c9:
a9:ea:26:f7:2e:56:3a:e9:63:07:84:20:13:1e:a8:
ab:64:4a:21:91:1a:af:e0:d0:10:5f:7e:4b:08:21:
f7:ff:52:2e:fe:dc:45:18:e2:30:af:20:5a:dd:26:
83:c7:6f:c0:7c:56:be:22:7d:16:6d:f3:f6:26:0b:
d6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:83:EC:44:F7:E6:C4:18:B8:03:AE:7E:79:7A:3D:83:A5:CF:64:1F
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134382e3133392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.139.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:10:1c:b5:66:6a:23:16:0a:a2:c0:ab:6f:0a:27:8b:4d:ae:
94:8d:e8:42:d4:c4:b9:c2:7c:b6:6f:b4:2e:8c:c0:d5:2e:8f:
0e:5a:f3:d5:c8:fa:c2:65:91:0b:ab:95:75:f6:cc:a6:9d:16:
16:06:a7:7d:9e:2f:aa:2f:23:83:14:4c:5e:43:31:ba:85:59:
90:01:f2:2a:bf:71:d9:3d:01:a3:5f:47:7f:ae:2c:0c:e5:0d:
38:7e:c9:f5:2d:29:e6:f3:4a:5e:73:1a:db:27:57:7c:22:47:
ce:5a:0d:4c:61:a4:4a:6d:19:1a:55:78:59:7f:f5:55:ff:bf:
39:3b:e7:02:a4:74:37:21:e5:aa:dc:f6:9f:63:78:3f:be:e0:
53:df:86:cc:b4:c7:ad:b9:07:7e:c2:63:7e:05:7a:62:79:fa:
e5:b4:cc:35:56:c0:f8:44:bb:e4:17:48:37:6c:81:61:ff:17:
10:69:91:1e:ac:c4:87:b1:ac:ed:8f:93:d2:36:88:dd:c4:9c:
d9:9f:85:80:d0:a3:d3:ae:fe:bb:00:8f:53:08:75:8f:c2:30:
d2:26:15:ae:c0:66:40:bb:45:37:58:3a:7e:fc:49:cb:4c:08:
fb:26:2f:13:2a:46:82:b0:af:aa:94:64:57:ba:40:6b:44:98:
7c:9d:57:d9
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUSBJXKykMwSYj7UWMixQSxleixQ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTFaFw0yNTEyMjYxMTQ3MTFaMDMxMTAvBgNV
BAMTKEIzODNFQzQ0RjdFNkM0MThCODAzQUU3RTc5N0EzRDgzQTVDRjY0MUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0K0QG+0rt/WU6k51UTrXqXhJk
5DT2zy2tqu6f1oad92GgsqtdBSh3L5fOa4SLpzJ/+iVX8Rik8yghtRUHmhQyjhar
bc9z8iUHUGyja8ugQtev1trY784rPVNeJ1bmWoN4WUkVL2w/88e2bWcEroKaYBIB
PgA+hHt+YK4DpK++fIT5fJ91w5gzg7ycHCtpy6DibEHqjYTH2IJ0MrBHQaCc/wAR
4tmOMcAJCgfIHIUF6g8f7uzrV8+rK6sMr7VXN4nOyanqJvcuVjrpYweEIBMeqKtk
SiGRGq/g0BBffksIIff/Ui7+3EUY4jCvIFrdJoPHb8B8Vr4ifRZt8/YmC9bTAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUs4PsRPfmxBi4A65+eXo9g6XPZB8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0Mzgy
ZTMxMzMzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAC2UizANBgkqhkiG9w0BAQsFAAOCAQEAahActWZqIxYKosCrbwoni02u
lI3oQtTEucJ8tm+0LozA1S6PDlrz1cj6wmWRC6uVdfbMpp0WFganfZ4vqi8jgxRM
XkMxuoVZkAHyKr9x2T0Bo19Hf64sDOUNOH7J9S0p5vNKXnMa2ydXfCJHzloNTGGk
Sm0ZGlV4WX/1Vf+/OTvnAqR0NyHlqtz2n2N4P77gU9+GzLTHrbkHfsJjfgV6Ynn6
5bTMNVbA+ES75BdIN2yBYf8XEGmRHqzEh7Gs7Y+T0jaI3cSc2Z+FgNCj067+uwCP
Uwh1j8Iw0iYVrsBmQLtFN1g6fvxJy0wI+yYvEypGgrCvqpRkV7pAa0SYfJ1X2Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:55:13 2025 by rpki-client