Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e36362e3133382e302f32342d3234203d3e20313336373837.roa
File: 34352e36362e3133382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: D06jRpIRrDJRjt+RdVhrlXjxHak9ELnudBoadwXjxds=
Subject key identifier: 37:DE:56:E7:49:00:78:36:AC:ED:80:28:95:CF:B8:A3:83:44:76:5C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 13DD077EA8FBC0F7200D7C2C5A6247BA78364C25
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e36362e3133382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:32 +0000
ROA not before: Fri 20 Dec 2024 15:18:32 +0000
ROA not after: Fri 19 Dec 2025 15:23:32 +0000
asID: 136787
IP address blocks: 45.66.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:dd:07:7e:a8:fb:c0:f7:20:0d:7c:2c:5a:62:47:ba:78:36:4c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:32 2024 GMT
Not After : Dec 19 15:23:32 2025 GMT
Subject: CN=37DE56E749007836ACED802895CFB8A38344765C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:11:60:e6:b8:5f:33:df:81:3d:3f:82:d5:66:
60:8e:b1:0c:d2:2f:eb:bc:d1:b5:e8:67:7d:92:39:
c5:f8:ea:f2:8d:54:b8:88:ae:c2:63:52:33:b0:e6:
24:7f:25:0f:78:7e:5b:55:12:be:30:b2:83:89:bd:
fb:4c:49:c8:d3:a8:d4:9a:c6:cc:61:d8:ad:a6:67:
f0:4f:38:0c:b1:36:98:44:3c:31:5f:66:6c:71:90:
9e:a5:f3:40:b8:1d:1e:63:f8:0d:11:91:21:ad:9d:
2c:d6:1f:32:58:ae:db:51:a7:fe:9f:ac:3d:8e:83:
91:96:f0:ed:04:05:cc:72:13:25:ca:ae:2b:ff:d7:
3a:06:05:9a:ad:70:e0:11:05:0f:f1:c0:14:fd:58:
31:6f:da:7d:61:66:d7:7d:3e:1b:19:f5:e8:27:0f:
5b:f8:3e:eb:b4:8b:d5:a7:95:e8:c3:21:bd:ef:00:
0b:23:ca:82:ac:87:8a:2e:0d:03:9b:f9:7f:bc:bf:
6b:52:13:e3:a7:b5:5d:34:4a:0a:f7:d0:b2:cf:39:
d2:f8:ff:20:54:6a:96:15:e5:5b:f6:5f:f2:b8:c9:
14:c7:55:a9:c2:76:1c:b2:38:fd:d3:40:b2:0a:e4:
97:d0:48:27:cb:be:c2:cd:1b:c7:6d:dd:7e:ce:eb:
60:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:DE:56:E7:49:00:78:36:AC:ED:80:28:95:CF:B8:A3:83:44:76:5C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e36362e3133382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.138.0/24
Signature Algorithm: sha256WithRSAEncryption
62:cf:40:fb:07:bf:f8:67:af:4e:1e:a7:e7:f1:d7:88:d1:bb:
66:83:3f:db:bb:38:65:39:52:e8:5b:4f:9c:7d:bd:74:1d:3f:
d7:cb:e1:b5:28:e7:88:e4:f5:fd:d4:f2:94:e5:fc:10:7b:f9:
49:79:aa:c4:4a:2a:02:4c:89:f2:c2:cb:00:29:b4:c3:55:17:
0e:bb:0a:84:bd:0b:17:b3:79:bf:98:6d:86:86:c8:7f:86:e9:
9c:d6:a3:94:18:51:f4:3c:98:51:26:79:93:a7:36:7a:7c:bc:
8b:74:2b:61:2e:95:24:24:ae:da:7f:5c:ea:d5:9f:82:f5:21:
b8:04:29:fc:38:a4:8a:fe:d8:fa:ec:fa:aa:09:b2:16:88:0c:
66:c2:ea:9b:c6:c5:21:70:13:29:4c:10:63:97:e1:b7:6f:f9:
83:5d:9a:49:a2:8e:e5:44:c8:6f:94:95:0a:5b:1d:f9:3b:5a:
cb:18:59:9f:f1:a8:d6:60:3b:ab:b8:99:3e:ab:01:d9:99:c5:
d3:97:19:af:0c:02:d4:b7:a6:16:6d:14:f6:f3:57:f0:bc:ac:
d1:31:15:d0:23:54:f0:3a:7a:22:4d:7d:21:43:76:50:14:78:
1e:89:a9:07:00:a8:a6:17:33:81:97:53:2a:26:cc:2b:f8:73:
e4:1d:2f:74
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUE90Hfqj7wPcgDXwsWmJHung2TCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzJaFw0yNTEyMTkxNTIzMzJaMDMxMTAvBgNV
BAMTKDM3REU1NkU3NDkwMDc4MzZBQ0VEODAyODk1Q0ZCOEEzODM0NDc2NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyEWDmuF8z34E9P4LVZmCOsQzS
L+u80bXoZ32SOcX46vKNVLiIrsJjUjOw5iR/JQ94fltVEr4wsoOJvftMScjTqNSa
xsxh2K2mZ/BPOAyxNphEPDFfZmxxkJ6l80C4HR5j+A0RkSGtnSzWHzJYrttRp/6f
rD2Og5GW8O0EBcxyEyXKriv/1zoGBZqtcOARBQ/xwBT9WDFv2n1hZtd9PhsZ9egn
D1v4Puu0i9WnlejDIb3vAAsjyoKsh4ouDQOb+X+8v2tSE+OntV00Sgr30LLPOdL4
/yBUapYV5Vv2X/K4yRTHVanCdhyyOP3TQLIK5JfQSCfLvsLNG8dt3X7O62ANAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUN95W50kAeDas7YAolc+4o4NEdlwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzNjM2MmUz
MTMzMzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtQoowDQYJKoZIhvcNAQELBQADggEBAGLPQPsHv/hnr04ep+fx14jRu2aD
P9u7OGU5UuhbT5x9vXQdP9fL4bUo54jk9f3U8pTl/BB7+Ul5qsRKKgJMifLCywAp
tMNVFw67CoS9Cxezeb+YbYaGyH+G6ZzWo5QYUfQ8mFEmeZOnNnp8vIt0K2EulSQk
rtp/XOrVn4L1IbgEKfw4pIr+2Prs+qoJshaIDGbC6pvGxSFwEylMEGOX4bdv+YNd
mkmijuVEyG+UlQpbHfk7WssYWZ/xqNZgO6u4mT6rAdmZxdOXGa8MAtS3phZtFPbz
V/C8rNExFdAjVPA6eiJNfSFDdlAUeB6JqQcAqKYXM4GXUyomzCv4c+QdL3Q=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:31:36 2025 by rpki-client