Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38342e3133382e302f32342d3332203d3e203531313637.roa
File: 34352e38342e3133382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: r2Y6wbZ6OW9ZUKLrusKZwYeNdDJFFCikzBrfw7O+ZtE=
Subject key identifier: 3F:90:25:84:F2:46:E5:6E:AF:A6:36:D8:23:9C:D3:C5:F5:CC:40:A1
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4410282BE27D2953D76323D9146E865293C9BEEB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38342e3133382e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:11 +0000
ROA not before: Fri 27 Dec 2024 11:42:11 +0000
ROA not after: Fri 26 Dec 2025 11:47:11 +0000
asID: 51167
IP address blocks: 45.84.138.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:10:28:2b:e2:7d:29:53:d7:63:23:d9:14:6e:86:52:93:c9:be:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:11 2024 GMT
Not After : Dec 26 11:47:11 2025 GMT
Subject: CN=3F902584F246E56EAFA636D8239CD3C5F5CC40A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:49:00:35:25:6f:01:fc:d4:1b:fa:ce:c0:6b:
1e:5f:17:7e:fa:bc:3a:19:0a:d5:0b:43:6b:19:b4:
e3:51:14:39:f5:c5:e3:62:c7:72:4c:b3:7d:6f:e9:
44:2a:96:82:a0:b3:cb:4e:f7:01:e0:9c:da:5b:33:
70:a6:c0:83:92:26:4d:ec:f3:61:e1:25:5e:85:59:
22:92:bd:07:91:a7:a6:98:73:c3:52:ef:14:b1:1c:
96:43:53:b9:64:2b:6b:7c:94:9c:e5:17:47:51:f9:
3d:df:c7:27:db:97:24:d4:cd:f8:16:c0:c7:b4:65:
02:4e:49:30:74:4b:86:dd:91:35:4a:bf:9a:d7:10:
e2:f4:33:18:11:9c:b1:e4:ec:ff:46:b1:a0:f1:07:
ab:25:fc:f9:06:f3:f4:a7:3e:25:4a:c9:8f:71:04:
6d:3a:1c:93:c5:3f:71:f1:02:e5:1f:dc:48:62:32:
3e:fd:c3:19:d6:f8:d8:cd:a7:70:6a:66:79:44:13:
14:5b:9f:fb:75:02:f0:73:29:85:18:9c:9b:09:42:
bd:a7:6a:e3:4d:8f:00:43:4f:e3:5e:a0:d3:23:3b:
a1:9c:49:11:b1:80:ae:16:1e:29:fa:0d:7f:bd:0d:
dd:7a:36:2e:6e:14:20:61:22:f2:f8:df:60:cf:9c:
35:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:90:25:84:F2:46:E5:6E:AF:A6:36:D8:23:9C:D3:C5:F5:CC:40:A1
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38342e3133382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.138.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:79:e7:0f:22:7f:b4:62:c1:eb:23:8e:09:06:2a:5b:63:b4:
4e:7a:d0:7b:6b:01:4b:8e:0a:5a:96:b7:c0:7b:36:d5:56:58:
4d:05:f6:79:d9:17:dc:66:ed:2f:48:1c:f3:4b:cb:ed:48:fb:
d3:d9:25:63:66:65:7a:9e:0d:cf:60:da:03:46:df:40:6e:8b:
53:b8:a9:0a:0d:e5:3d:b8:aa:94:52:22:a1:4a:6a:35:86:d1:
93:f6:6b:ae:7a:6e:4e:d5:94:bf:a7:8f:12:5a:ab:9d:97:15:
ea:f3:98:16:29:aa:eb:bf:f5:54:df:ae:69:4d:d8:ff:df:66:
f0:39:14:35:47:bb:d6:c5:77:a3:5e:c2:2b:2b:59:d0:e7:68:
14:74:0d:dd:8a:2e:1c:21:7c:ae:f4:44:74:9d:2a:95:17:de:
2b:d8:2b:b3:80:18:12:44:5a:94:8d:07:eb:22:2f:c7:85:13:
a5:fe:3f:6d:29:d5:10:5f:76:7b:2b:91:81:83:61:2d:02:b7:
91:a1:75:fb:69:41:bd:38:d9:12:27:c7:8c:cb:e3:04:73:de:
1d:7c:79:b7:2e:8a:9c:6c:29:91:9e:83:77:28:5c:26:db:0d:
95:d2:65:df:7b:36:dc:b8:1b:06:bd:84:86:d8:b3:ef:1c:27:
7e:38:06:1f
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIURBAoK+J9KVPXYyPZFG6GUpPJvuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTFaFw0yNTEyMjYxMTQ3MTFaMDMxMTAvBgNV
BAMTKDNGOTAyNTg0RjI0NkU1NkVBRkE2MzZEODIzOUNEM0M1RjVDQzQwQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZSQA1JW8B/NQb+s7Aax5fF376
vDoZCtULQ2sZtONRFDn1xeNix3JMs31v6UQqloKgs8tO9wHgnNpbM3CmwIOSJk3s
82HhJV6FWSKSvQeRp6aYc8NS7xSxHJZDU7lkK2t8lJzlF0dR+T3fxyfblyTUzfgW
wMe0ZQJOSTB0S4bdkTVKv5rXEOL0MxgRnLHk7P9GsaDxB6sl/PkG8/SnPiVKyY9x
BG06HJPFP3HxAuUf3EhiMj79wxnW+NjNp3BqZnlEExRbn/t1AvBzKYUYnJsJQr2n
auNNjwBDT+NeoNMjO6GcSRGxgK4WHin6DX+9Dd16Ni5uFCBhIvL432DPnDVLAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUP5AlhPJG5W6vpjbYI5zTxfXMQKEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzODM0MmUz
MTMzMzgyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQALVSKMA0GCSqGSIb3DQEBCwUAA4IBAQCgeecPIn+0YsHrI44JBipbY7ROetB7
awFLjgpalrfAezbVVlhNBfZ52RfcZu0vSBzzS8vtSPvT2SVjZmV6ng3PYNoDRt9A
botTuKkKDeU9uKqUUiKhSmo1htGT9muuem5O1ZS/p48SWqudlxXq85gWKarrv/VU
365pTdj/32bwORQ1R7vWxXejXsIrK1nQ52gUdA3dii4cIXyu9ER0nSqVF94r2Cuz
gBgSRFqUjQfrIi/HhROl/j9tKdUQX3Z7K5GBg2EtAreRoXX7aUG9ONkSJ8eMy+ME
c94dfHm3LoqcbCmRnoN3KFwm2w2V0mXfezbcuBsGvYSG2LPvHCd+OAYf
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:13:09 2025 by rpki-client