Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e382e3134382e302f32332d3332203d3e203531313637.roa
File: 34352e382e3134382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: cZ2aNFzdYsRDzM13qkbqToF7BAlwYuD2oR7cOkVJT9A=
Subject key identifier: 61:65:D0:08:7A:2F:CF:8E:49:0A:F0:B7:30:1B:25:41:F1:91:C7:07
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 75DBD2002F2D337EF6733CA504C76C1DEDE8A422
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e382e3134382e302f32332d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:31 +0000
ROA not before: Fri 27 Dec 2024 11:42:31 +0000
ROA not after: Fri 26 Dec 2025 11:47:31 +0000
asID: 51167
IP address blocks: 45.8.148.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:db:d2:00:2f:2d:33:7e:f6:73:3c:a5:04:c7:6c:1d:ed:e8:a4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:31 2024 GMT
Not After : Dec 26 11:47:31 2025 GMT
Subject: CN=6165D0087A2FCF8E490AF0B7301B2541F191C707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b2:79:c5:42:b3:1b:14:89:86:78:f9:4e:cf:
73:ad:8f:d0:03:82:ed:80:46:05:19:6a:a9:77:c0:
3d:09:7d:34:7b:78:42:66:d7:e6:35:40:64:e6:99:
67:47:00:4a:cb:a5:ed:eb:87:fc:6e:c5:39:3d:d7:
ad:89:a9:77:36:8a:3e:5d:9d:b1:30:40:08:33:90:
34:4b:9c:71:3d:52:cf:98:e3:94:b8:dc:d8:f3:cf:
a0:91:7e:0b:f1:a2:95:cf:b0:65:95:79:90:c3:74:
22:77:41:f6:6e:4c:67:38:24:70:b9:2e:6b:e7:06:
37:c1:ab:04:37:82:eb:95:a4:c8:a0:2b:cf:91:c7:
be:14:11:a9:de:21:b0:62:50:6c:9d:1a:0c:71:9c:
3b:ee:78:65:03:4e:0a:8a:4b:59:df:c5:c6:44:f5:
40:61:84:a5:89:c0:15:d5:cd:63:8d:9a:66:f8:34:
98:df:d9:aa:da:16:26:0c:87:c3:c2:28:24:da:c7:
1d:b4:3b:67:b7:e5:74:0f:65:c6:59:95:b2:7f:47:
a1:2d:17:83:0c:80:4c:ac:3d:20:17:bf:c8:6e:fd:
7f:4d:ac:dd:ed:ec:04:1c:ad:6a:46:bd:98:9b:0f:
b9:12:ba:36:ea:08:75:05:cb:d6:07:93:32:f2:a3:
7d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:65:D0:08:7A:2F:CF:8E:49:0A:F0:B7:30:1B:25:41:F1:91:C7:07
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e382e3134382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.148.0/23
Signature Algorithm: sha256WithRSAEncryption
dc:8b:f5:d1:21:b6:ec:ab:b2:69:65:e7:06:6a:39:0e:d5:ce:
cf:67:66:86:2b:3d:6c:c6:ed:3a:35:1a:f0:0c:56:9f:5f:40:
34:04:f6:e3:df:d9:5a:41:d7:3a:dc:5f:cf:ad:f9:0b:7c:03:
6c:a3:0e:c2:22:be:29:b8:5b:e1:5f:54:c8:21:0d:b3:a6:38:
49:6b:f9:2c:78:b4:90:0f:b1:38:b1:21:39:60:8d:b1:2e:8b:
4c:66:b9:02:08:72:0c:56:63:0f:a3:cc:b4:8b:a5:d6:3f:c1:
bf:86:cd:34:c1:c2:7d:ab:61:70:8e:db:df:15:d9:38:99:e4:
3f:4b:43:8f:7b:78:86:57:28:85:d0:39:38:64:39:64:a9:2e:
53:c0:30:d8:b2:19:16:91:30:d1:11:e8:a4:61:c7:27:ee:92:
8c:8e:0e:46:31:49:e1:df:5f:2a:06:5a:8d:cc:8c:49:0c:97:
91:33:1b:c7:b2:6d:33:49:d0:89:ff:d2:f1:6a:64:5c:5a:c9:
0f:1b:f4:4b:ed:d9:d3:3e:3e:2a:6c:16:e0:f3:10:0b:df:c2:
c4:26:58:3e:fb:06:7b:e7:20:64:da:7a:ee:75:1e:c8:f1:8a:
91:99:3a:e4:fa:34:a1:4c:4f:cc:d1:9b:b5:19:e1:f7:ef:4f:
41:0e:27:ad
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUddvSAC8tM372czylBMdsHe3opCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzFaFw0yNTEyMjYxMTQ3MzFaMDMxMTAvBgNV
BAMTKDYxNjVEMDA4N0EyRkNGOEU0OTBBRjBCNzMwMUIyNTQxRjE5MUM3MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7snnFQrMbFImGePlOz3Otj9AD
gu2ARgUZaql3wD0JfTR7eEJm1+Y1QGTmmWdHAErLpe3rh/xuxTk9162JqXc2ij5d
nbEwQAgzkDRLnHE9Us+Y45S43Njzz6CRfgvxopXPsGWVeZDDdCJ3QfZuTGc4JHC5
LmvnBjfBqwQ3guuVpMigK8+Rx74UEaneIbBiUGydGgxxnDvueGUDTgqKS1nfxcZE
9UBhhKWJwBXVzWONmmb4NJjf2araFiYMh8PCKCTaxx20O2e35XQPZcZZlbJ/R6Et
F4MMgEysPSAXv8hu/X9NrN3t7AQcrWpGvZibD7kSujbqCHUFy9YHkzLyo317AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUYWXQCHovz45JCvC3MBslQfGRxwcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzODJlMzEz
NDM4MmUzMDJmMzIzMzJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AS0IlDANBgkqhkiG9w0BAQsFAAOCAQEA3Iv10SG27KuyaWXnBmo5DtXOz2dmhis9
bMbtOjUa8AxWn19ANAT249/ZWkHXOtxfz635C3wDbKMOwiK+Kbhb4V9UyCENs6Y4
SWv5LHi0kA+xOLEhOWCNsS6LTGa5AghyDFZjD6PMtIul1j/Bv4bNNMHCfathcI7b
3xXZOJnkP0tDj3t4hlcohdA5OGQ5ZKkuU8Aw2LIZFpEw0RHopGHHJ+6SjI4ORjFJ
4d9fKgZajcyMSQyXkTMbx7JtM0nQif/S8WpkXFrJDxv0S+3Z0z4+KmwW4PMQC9/C
xCZYPvsGe+cgZNp67nUeyPGKkZk65Po0oUxPzNGbtRnh9+9PQQ4nrQ==
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:23:07 2025 by rpki-client