Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3135352e34312e302f32342d3234203d3e20323037313337.roa
File: 34352e3135352e34312e302f32342d3234203d3e20323037313337.roa (raw, json)
Hash identifier: dL3JPFQf6EcAXbI4hb8Cmjtx2u7GKVyecMMZAzZOMak=
Subject key identifier: 05:4E:A5:47:18:D2:AA:C9:12:65:AF:0F:9D:52:94:60:D2:F0:50:91
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 47F8D70B6E06FABADA5A607ED8AC58773E5CF460
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3135352e34312e302f32342d3234203d3e20323037313337.roa
Signing time: Fri 27 Dec 2024 11:47:32 +0000
ROA not before: Fri 27 Dec 2024 11:42:32 +0000
ROA not after: Fri 26 Dec 2025 11:47:32 +0000
asID: 207137
IP address blocks: 45.155.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:f8:d7:0b:6e:06:fa:ba:da:5a:60:7e:d8:ac:58:77:3e:5c:f4:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:32 2024 GMT
Not After : Dec 26 11:47:32 2025 GMT
Subject: CN=054EA54718D2AAC91265AF0F9D529460D2F05091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:fe:66:28:1a:68:c0:81:af:19:c0:3b:06:0f:
74:58:cf:13:0d:45:13:d7:6e:39:bd:24:96:5d:1e:
09:1c:ba:7f:a2:63:84:4c:85:28:cb:93:65:87:8f:
e8:d3:cc:a8:01:9b:08:e1:a4:1e:4f:68:1d:0d:7b:
43:7f:46:db:ba:ee:97:c1:7f:76:6f:db:8f:df:9d:
8d:ee:bd:f6:83:31:7d:78:78:5c:fb:9d:af:bc:83:
23:39:d7:31:7c:cd:85:37:8f:0e:31:65:82:a2:05:
f0:c4:a2:e8:2a:04:54:96:2a:13:9a:03:e2:03:80:
65:2f:8a:90:0f:b5:18:f1:87:04:b7:a1:13:6d:27:
6b:fa:0e:0d:65:2f:ad:17:5d:7c:9b:d5:e1:a2:52:
a9:9e:07:c6:bb:aa:27:c9:56:51:31:44:f9:8e:b1:
f3:3d:31:47:fc:ee:5d:4e:9d:3f:01:e9:59:c5:06:
97:3e:b7:da:8f:4e:5a:a4:c0:5e:2f:57:b1:ad:41:
64:e7:d8:eb:9a:d8:6a:94:82:00:5a:85:b0:ad:48:
ca:94:d1:de:62:1e:8a:69:bd:c1:d1:e0:ef:73:4f:
13:f0:9c:8d:24:de:2f:22:3f:c0:50:9d:f6:0e:1b:
7b:5b:c4:5f:c7:ae:d2:76:c5:3a:d5:a3:1c:72:8a:
71:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:4E:A5:47:18:D2:AA:C9:12:65:AF:0F:9D:52:94:60:D2:F0:50:91
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3135352e34312e302f32342d3234203d3e20323037313337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.41.0/24
Signature Algorithm: sha256WithRSAEncryption
e3:0b:f6:34:49:16:5d:25:0e:64:16:ca:1b:b8:77:c2:62:4a:
dd:a6:d1:62:1d:95:06:d9:c9:a4:89:77:63:26:27:8a:ab:64:
2d:22:29:f0:7e:db:f0:6f:11:e7:bc:fe:40:3a:98:20:d3:d5:
b2:85:0a:ab:1b:e3:fe:92:5b:1c:bb:03:dd:57:47:e0:0f:ec:
5e:79:b2:8a:6f:b1:6d:1a:89:b9:87:53:c9:cf:2c:02:f7:04:
12:da:a3:32:d8:63:39:e6:8e:95:f6:46:f0:5f:27:3c:6c:27:
80:ca:17:0d:94:c6:88:fe:6c:37:43:8e:63:84:10:d2:74:de:
30:d5:6e:59:76:e3:e0:51:48:8d:d0:cf:11:5a:06:60:77:03:
0d:4f:36:fd:07:e8:9d:52:4d:4d:fd:a2:f9:6e:73:18:06:72:
87:02:ad:c8:9c:2e:6c:37:5d:ea:b6:68:81:0a:14:92:0c:6c:
68:ce:2c:50:12:a3:fa:48:81:e2:6b:77:d2:8e:0a:a6:44:6f:
aa:de:74:05:66:a7:52:d4:41:68:7b:a4:58:e3:f1:67:e2:b2:
c3:dd:9a:b6:cd:55:89:13:11:09:19:cc:cf:ec:36:c8:53:98:
1b:fb:1c:14:a2:b2:fa:92:df:62:76:ff:11:b4:b9:0c:21:7a:
6c:5c:a7:23
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUR/jXC24G+rraWmB+2KxYdz5c9GAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzJaFw0yNTEyMjYxMTQ3MzJaMDMxMTAvBgNV
BAMTKDA1NEVBNTQ3MThEMkFBQzkxMjY1QUYwRjlENTI5NDYwRDJGMDUwOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB/mYoGmjAga8ZwDsGD3RYzxMN
RRPXbjm9JJZdHgkcun+iY4RMhSjLk2WHj+jTzKgBmwjhpB5PaB0Ne0N/Rtu67pfB
f3Zv24/fnY3uvfaDMX14eFz7na+8gyM51zF8zYU3jw4xZYKiBfDEougqBFSWKhOa
A+IDgGUvipAPtRjxhwS3oRNtJ2v6Dg1lL60XXXyb1eGiUqmeB8a7qifJVlExRPmO
sfM9MUf87l1OnT8B6VnFBpc+t9qPTlqkwF4vV7GtQWTn2Oua2GqUggBahbCtSMqU
0d5iHoppvcHR4O9zTxPwnI0k3i8iP8BQnfYOG3tbxF/HrtJ2xTrVoxxyinGzAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUBU6lRxjSqskSZa8PnVKUYNLwUJEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM1MzUy
ZTM0MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMTMzMzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtmykwDQYJKoZIhvcNAQELBQADggEBAOML9jRJFl0lDmQWyhu4d8JiSt2m
0WIdlQbZyaSJd2MmJ4qrZC0iKfB+2/BvEee8/kA6mCDT1bKFCqsb4/6SWxy7A91X
R+AP7F55sopvsW0aibmHU8nPLAL3BBLaozLYYznmjpX2RvBfJzxsJ4DKFw2Uxoj+
bDdDjmOEENJ03jDVbll24+BRSI3QzxFaBmB3Aw1PNv0H6J1STU39ovlucxgGcocC
rcicLmw3Xeq2aIEKFJIMbGjOLFASo/pIgeJrd9KOCqZEb6redAVmp1LUQWh7pFjj
8WfissPdmrbNVYkTEQkZzM/sNshTmBv7HBSisvqS32J2/xG0uQwhemxcpyM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:19 2025 by rpki-client