Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3135352e34342e302f32322d3234203d3e20323034313730.roa
File: 34352e3135352e34342e302f32322d3234203d3e20323034313730.roa (raw, json)
Hash identifier: eFrereyqEiCn767Te1eTmLYT6c77DDcWce0nl13rEG0=
Subject key identifier: E9:5A:24:5A:AF:4B:70:0A:CE:87:A6:42:BD:9B:21:F7:33:85:56:5B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 63180D8F109FD153A0D88B76A4A7875BF4E991AA
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3135352e34342e302f32322d3234203d3e20323034313730.roa
Signing time: Fri 20 Dec 2024 15:23:31 +0000
ROA not before: Fri 20 Dec 2024 15:18:31 +0000
ROA not after: Fri 19 Dec 2025 15:23:31 +0000
asID: 204170
IP address blocks: 45.155.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:18:0d:8f:10:9f:d1:53:a0:d8:8b:76:a4:a7:87:5b:f4:e9:91:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:31 2024 GMT
Not After : Dec 19 15:23:31 2025 GMT
Subject: CN=E95A245AAF4B700ACE87A642BD9B21F73385565B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3d:2e:ad:3f:a9:2c:36:6f:15:c1:e7:44:8f:
90:d8:a0:21:de:cc:03:22:9a:1e:58:36:40:b7:57:
eb:c6:09:c5:8d:1d:f3:c6:35:99:c4:ce:a6:8f:81:
4e:4e:16:9a:68:3c:ce:61:21:fa:16:ec:1d:59:f1:
f8:29:3d:eb:95:6e:76:68:46:6c:78:9c:0e:dd:82:
41:42:22:59:22:62:12:ca:ce:0b:16:a6:8c:50:60:
cc:14:12:27:f6:fb:23:42:b4:c1:34:a1:6d:ef:79:
b3:a0:a9:70:ba:50:e8:dd:0f:da:1b:dd:07:1a:60:
fd:a2:bc:d9:b1:b9:53:25:5c:87:ed:58:6b:16:42:
f3:f0:9d:00:5f:4e:08:49:7d:a0:0f:fd:71:76:fd:
4a:77:81:16:5f:89:99:04:80:d3:1b:1d:89:ab:b0:
31:8d:10:23:98:c3:d5:b5:9f:e0:02:ec:0c:4d:2d:
c6:96:bf:64:5b:1c:09:cc:71:1b:a0:89:9e:c5:f8:
3a:36:44:0c:d8:1a:4b:36:be:79:6c:dc:95:07:4e:
c8:40:d4:05:a5:c4:e2:33:fe:03:a7:06:ba:45:56:
17:65:d6:d2:0b:0f:aa:e9:ad:3d:73:58:0a:c5:c2:
38:62:c3:83:4d:1c:6b:71:ad:c9:7b:77:62:93:5b:
7f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5A:24:5A:AF:4B:70:0A:CE:87:A6:42:BD:9B:21:F7:33:85:56:5B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3135352e34342e302f32322d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.44.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:f8:9a:44:08:6f:74:0e:51:da:3d:d3:11:c1:20:11:81:46:
6c:51:f4:34:9c:98:ae:b6:c7:07:70:89:b7:94:d5:96:11:de:
c7:3f:62:ac:e1:6d:33:d0:9c:e3:a0:75:1f:2d:20:a3:68:b6:
98:a7:74:2c:78:32:2b:f6:b9:f0:c7:cc:98:b4:13:d4:1f:32:
6d:8a:36:d3:8f:75:7d:e9:9b:ea:a5:11:90:19:40:78:79:4e:
e6:b3:a5:17:68:03:1e:f3:36:b1:69:ca:93:ef:17:10:66:c2:
cb:7f:a3:2f:b5:00:36:e7:0a:36:43:c8:d4:2f:64:fb:0a:2c:
6e:e0:c0:93:7c:1e:61:2e:d3:64:e0:c9:a9:c1:2b:ef:58:ee:
ab:4d:80:69:3a:93:b7:b7:46:27:73:6a:4a:a9:4f:4a:df:6f:
39:15:51:22:fd:3f:70:74:d1:11:fd:7f:30:37:0b:0d:44:c1:
f1:9e:71:1b:e6:a7:03:e2:1c:4a:ea:b5:24:aa:62:f0:4e:29:
1c:b2:c5:11:70:61:98:ab:e2:d1:fb:9f:e0:11:db:65:c8:24:
97:10:a9:7d:e8:8a:91:5d:d4:fc:74:c1:81:9c:03:61:d8:69:
0d:dd:bc:a1:b1:42:8d:7b:93:54:bc:45:f1:c1:17:06:5b:32:
53:e7:ed:6c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUYxgNjxCf0VOg2It2pKeHW/TpkaowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzFaFw0yNTEyMTkxNTIzMzFaMDMxMTAvBgNV
BAMTKEU5NUEyNDVBQUY0QjcwMEFDRTg3QTY0MkJEOUIyMUY3MzM4NTU2NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtPS6tP6ksNm8VwedEj5DYoCHe
zAMimh5YNkC3V+vGCcWNHfPGNZnEzqaPgU5OFppoPM5hIfoW7B1Z8fgpPeuVbnZo
Rmx4nA7dgkFCIlkiYhLKzgsWpoxQYMwUEif2+yNCtME0oW3vebOgqXC6UOjdD9ob
3QcaYP2ivNmxuVMlXIftWGsWQvPwnQBfTghJfaAP/XF2/Up3gRZfiZkEgNMbHYmr
sDGNECOYw9W1n+AC7AxNLcaWv2RbHAnMcRugiZ7F+Do2RAzYGks2vnls3JUHTshA
1AWlxOIz/gOnBrpFVhdl1tILD6rprT1zWArFwjhiw4NNHGtxrcl7d2KTW3/LAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU6VokWq9LcArOh6ZCvZsh9zOFVlswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM1MzUy
ZTM0MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAItmywwDQYJKoZIhvcNAQELBQADggEBAH34mkQIb3QOUdo90xHBIBGBRmxR
9DScmK62xwdwibeU1ZYR3sc/YqzhbTPQnOOgdR8tIKNotpindCx4Miv2ufDHzJi0
E9QfMm2KNtOPdX3pm+qlEZAZQHh5TuazpRdoAx7zNrFpypPvFxBmwst/oy+1ADbn
CjZDyNQvZPsKLG7gwJN8HmEu02TgyanBK+9Y7qtNgGk6k7e3RidzakqpT0rfbzkV
USL9P3B00RH9fzA3Cw1EwfGecRvmpwPiHErqtSSqYvBOKRyyxRFwYZir4tH7n+AR
22XIJJcQqX3oipFd1Px0wYGcA2HYaQ3dvKGxQo17k1S8RfHBFwZbMlPn7Ww=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:55:32 2025 by rpki-client