Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38382e3138392e302f32342d3332203d3e203531313637.roa
File: 34352e38382e3138392e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: SgQHuBS2MjBdQl7V41K3Zaptx6Ck2aDJOL1ubWuVddg=
Subject key identifier: 0F:7C:46:42:46:84:1F:20:98:48:CE:D9:A0:D8:03:82:83:F0:EB:05
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 46FB0F9AC42FFFD013D1F65B2D347568B922BF98
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38382e3138392e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:32 +0000
ROA not before: Fri 27 Dec 2024 11:42:32 +0000
ROA not after: Fri 26 Dec 2025 11:47:32 +0000
asID: 51167
IP address blocks: 45.88.189.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:fb:0f:9a:c4:2f:ff:d0:13:d1:f6:5b:2d:34:75:68:b9:22:bf:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:32 2024 GMT
Not After : Dec 26 11:47:32 2025 GMT
Subject: CN=0F7C464246841F209848CED9A0D8038283F0EB05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d9:03:e4:c4:8e:95:5c:5c:8a:a3:69:3d:b8:
ef:1a:05:1f:08:a2:5f:da:cc:b6:5b:30:55:af:ca:
e7:0b:4b:20:c9:41:a3:2e:2b:1f:0d:20:6a:92:17:
76:f6:f5:a9:8c:e4:ef:1b:1e:f3:37:c4:5a:85:55:
ee:6a:6a:08:fe:e0:9a:7a:1c:56:d1:a6:fe:3f:ef:
a7:f2:b4:7c:89:3a:7c:6e:c9:e9:20:70:f9:33:6b:
d0:65:dd:40:38:c3:a0:d5:ae:f5:b1:25:bf:75:29:
40:87:2b:69:ee:b7:0c:42:d6:ee:9d:af:50:09:f0:
10:dd:16:07:69:67:ea:b3:f9:bd:f2:09:ae:94:f5:
6e:67:70:48:78:9e:81:84:20:dc:fe:48:21:2e:45:
b1:17:39:af:af:8a:d3:0e:59:ac:23:8a:c4:cb:e6:
95:40:bb:4e:18:94:70:8f:66:16:0f:50:70:f1:88:
cd:49:e7:41:ac:a2:ef:d2:29:e6:68:8b:91:9d:e8:
9e:c2:3a:fd:c4:11:91:0b:ce:5e:9a:16:88:a0:c9:
81:04:bb:69:07:ee:65:30:f2:bf:8b:1d:25:94:18:
e4:f3:a8:25:d2:a5:41:50:7e:ed:12:c3:e3:7e:de:
eb:66:ea:ca:bd:2f:38:29:30:04:2c:95:86:b3:ed:
8a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7C:46:42:46:84:1F:20:98:48:CE:D9:A0:D8:03:82:83:F0:EB:05
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38382e3138392e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.189.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:d5:d2:ae:7b:74:bb:c1:12:70:8d:a9:e7:5a:6e:02:cc:bb:
ce:a0:af:6c:e0:5b:5b:92:d4:6b:7c:fe:5c:3b:62:a5:8b:55:
4c:08:50:ef:02:2b:cd:2e:0a:f8:6e:5b:89:86:49:b2:cb:b6:
50:f0:47:e7:7f:01:3e:2d:71:24:3f:5a:ba:67:1c:44:18:b1:
ed:cf:f8:39:63:b2:89:a3:0a:89:e0:72:6e:a7:a9:e5:26:27:
69:16:34:48:77:ee:4c:00:48:fa:5d:db:f2:56:be:74:4b:72:
87:62:74:55:71:cf:7d:d9:71:42:b0:65:13:67:2e:ea:a0:e1:
c9:0f:0b:f8:ba:e4:5b:25:04:ad:4e:39:ad:6e:28:6c:f8:ef:
2d:36:d0:32:38:4d:a2:97:10:02:71:57:71:59:b5:50:46:6b:
73:5b:65:f0:17:19:3c:be:3d:b6:55:ac:71:71:2c:6f:f7:a2:
6a:a1:1e:4d:0c:97:1b:f3:a0:89:e6:ce:07:7c:60:f8:3a:79:
54:5c:76:72:99:3d:d0:86:07:8b:ea:51:7c:1d:d7:ef:85:46:
73:45:a7:40:c7:94:e4:60:e8:5d:5f:41:9f:41:e6:e3:a0:46:
10:bf:82:97:5e:d0:f5:a3:5d:41:5b:3f:f4:e0:ad:5c:96:ea:
81:87:0c:7e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIURvsPmsQv/9AT0fZbLTR1aLkiv5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzJaFw0yNTEyMjYxMTQ3MzJaMDMxMTAvBgNV
BAMTKDBGN0M0NjQyNDY4NDFGMjA5ODQ4Q0VEOUEwRDgwMzgyODNGMEVCMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn2QPkxI6VXFyKo2k9uO8aBR8I
ol/azLZbMFWvyucLSyDJQaMuKx8NIGqSF3b29amM5O8bHvM3xFqFVe5qagj+4Jp6
HFbRpv4/76fytHyJOnxuyekgcPkza9Bl3UA4w6DVrvWxJb91KUCHK2nutwxC1u6d
r1AJ8BDdFgdpZ+qz+b3yCa6U9W5ncEh4noGEINz+SCEuRbEXOa+vitMOWawjisTL
5pVAu04YlHCPZhYPUHDxiM1J50Gsou/SKeZoi5Gd6J7COv3EEZELzl6aFoigyYEE
u2kH7mUw8r+LHSWUGOTzqCXSpUFQfu0Sw+N+3utm6sq9LzgpMAQslYaz7YqHAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUD3xGQkaEHyCYSM7ZoNgDgoPw6wUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzODM4MmUz
MTM4MzkyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQALVi9MA0GCSqGSIb3DQEBCwUAA4IBAQCO1dKue3S7wRJwjannWm4CzLvOoK9s
4FtbktRrfP5cO2Kli1VMCFDvAivNLgr4bluJhkmyy7ZQ8EfnfwE+LXEkP1q6ZxxE
GLHtz/g5Y7KJowqJ4HJup6nlJidpFjRId+5MAEj6XdvyVr50S3KHYnRVcc992XFC
sGUTZy7qoOHJDwv4uuRbJQStTjmtbihs+O8tNtAyOE2ilxACcVdxWbVQRmtzW2Xw
Fxk8vj22VaxxcSxv96JqoR5NDJcb86CJ5s4HfGD4OnlUXHZymT3QhgeL6lF8Hdfv
hUZzRadAx5TkYOhdX0GfQebjoEYQv4KXXtD1o11BWz/04K1cluqBhwx+
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:17:12 2025 by rpki-client