Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38382e3139302e302f32342d3234203d3e20313437303439.roa
File: 34352e38382e3139302e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: XO4onYsoT8PJ7OpE32vBmasQS8ywSxwKiz2X0OPcHb4=
Subject key identifier: B8:9F:07:D2:8F:72:AD:55:CB:63:62:57:33:4B:35:EF:87:5E:7A:70
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 6C56B0C2F02912AC79A7592D857D9D095C0FA229
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38382e3139302e302f32342d3234203d3e20313437303439.roa
Signing time: Fri 27 Dec 2024 11:47:36 +0000
ROA not before: Fri 27 Dec 2024 11:42:36 +0000
ROA not after: Fri 26 Dec 2025 11:47:36 +0000
asID: 147049
IP address blocks: 45.88.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 14:13:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:56:b0:c2:f0:29:12:ac:79:a7:59:2d:85:7d:9d:09:5c:0f:a2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:36 2024 GMT
Not After : Dec 26 11:47:36 2025 GMT
Subject: CN=B89F07D28F72AD55CB636257334B35EF875E7A70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:40:94:98:22:36:ca:d5:0d:bb:58:ca:7f:45:
d7:12:74:75:6b:fe:d2:9e:d0:b2:a8:61:6f:40:f5:
07:dd:6f:06:57:cb:5c:a3:5e:27:de:d0:fd:8f:72:
fa:90:46:31:00:43:68:4a:8a:f9:36:c8:0a:24:c6:
56:97:a1:55:ff:8a:ee:8f:39:4e:e9:ee:f2:4f:63:
94:d1:b9:12:a4:8a:fb:ca:80:ea:1f:88:93:9d:ec:
aa:ba:8c:a4:48:df:5d:c6:a5:cd:f5:87:57:fc:6e:
d9:65:6c:6d:12:8d:f4:06:92:4e:0b:0b:ac:97:b0:
65:ae:f1:1f:68:c5:42:af:c4:00:15:7a:6d:3f:21:
57:9b:ee:9d:a7:b3:fe:07:b4:b2:e4:e0:5f:90:9e:
2e:59:5e:d9:af:05:1b:82:0e:cf:19:4c:4b:9f:e3:
1c:d9:01:cd:73:0b:97:dc:f6:9c:08:5c:02:ba:20:
b8:d0:3f:dd:68:de:b9:b7:9f:8f:27:7c:ea:ea:ad:
be:67:cb:19:f9:5b:75:63:ee:64:89:e8:97:04:0b:
53:d1:de:1f:4a:8b:80:a7:af:1c:b2:fe:4a:fc:9f:
4b:be:7e:45:dd:e9:64:d0:a4:10:19:4c:d6:f6:f8:
c6:98:4a:30:59:ff:c5:5c:0f:bf:32:db:f4:c7:49:
47:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9F:07:D2:8F:72:AD:55:CB:63:62:57:33:4B:35:EF:87:5E:7A:70
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38382e3139302e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.190.0/24
Signature Algorithm: sha256WithRSAEncryption
da:64:2c:5a:ab:52:3d:d6:e7:ef:d6:b0:65:83:91:98:0d:73:
f7:d4:52:0c:6a:ca:83:51:38:35:33:07:3c:01:d9:fe:c0:be:
7b:42:fe:60:f8:88:06:0f:58:b2:c8:ee:1e:39:60:87:a2:2b:
dd:b0:ca:8e:e4:39:49:ac:6d:dc:18:66:15:0e:68:21:79:fa:
6d:02:3b:38:0c:22:5f:56:55:93:09:5c:cc:76:1b:f4:6e:44:
71:2b:8e:d2:ce:b6:b8:07:f1:4a:c7:65:f7:2d:3a:50:7b:48:
35:d5:b8:51:d7:3c:ad:18:d1:f6:fe:03:4c:5b:d4:7b:70:d1:
59:b9:9e:7f:6e:98:97:9e:5f:24:26:36:2e:eb:f5:e5:98:a4:
00:43:84:36:7e:0b:71:f2:c8:c6:93:d4:14:d5:b9:5e:71:a8:
04:67:27:1c:d8:b0:85:6e:7b:1f:c9:b9:58:49:20:f5:a5:1a:
84:49:e6:ef:1c:5e:e0:53:3c:73:ee:82:ef:61:a0:0e:33:8b:
47:a5:2f:2c:fa:73:72:3c:43:86:e2:6f:1b:70:e4:c0:e2:f2:
04:04:f4:ce:a4:f7:3c:b0:2f:f4:ba:2b:0b:50:e6:a1:df:e1:
aa:de:ea:5e:d3:1c:09:34:ba:3a:a7:ef:ec:21:26:a9:bd:51:
8e:d5:bc:41
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUbFawwvApEqx5p1kthX2dCVwPoikwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzZaFw0yNTEyMjYxMTQ3MzZaMDMxMTAvBgNV
BAMTKEI4OUYwN0QyOEY3MkFENTVDQjYzNjI1NzMzNEIzNUVGODc1RTdBNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjQJSYIjbK1Q27WMp/RdcSdHVr
/tKe0LKoYW9A9QfdbwZXy1yjXife0P2PcvqQRjEAQ2hKivk2yAokxlaXoVX/iu6P
OU7p7vJPY5TRuRKkivvKgOofiJOd7Kq6jKRI313Gpc31h1f8btllbG0SjfQGkk4L
C6yXsGWu8R9oxUKvxAAVem0/IVeb7p2ns/4HtLLk4F+Qni5ZXtmvBRuCDs8ZTEuf
4xzZAc1zC5fc9pwIXAK6ILjQP91o3rm3n48nfOrqrb5nyxn5W3Vj7mSJ6JcEC1PR
3h9Ki4Cnrxyy/kr8n0u+fkXd6WTQpBAZTNb2+MaYSjBZ/8VcD78y2/THSUfnAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUuJ8H0o9yrVXLY2JXM0s174deenAwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzODM4MmUz
MTM5MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM0Mzkucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtWL4wDQYJKoZIhvcNAQELBQADggEBANpkLFqrUj3W5+/WsGWDkZgNc/fU
UgxqyoNRODUzBzwB2f7AvntC/mD4iAYPWLLI7h45YIeiK92wyo7kOUmsbdwYZhUO
aCF5+m0COzgMIl9WVZMJXMx2G/RuRHErjtLOtrgH8UrHZfctOlB7SDXVuFHXPK0Y
0fb+A0xb1Htw0Vm5nn9umJeeXyQmNi7r9eWYpABDhDZ+C3HyyMaT1BTVuV5xqARn
JxzYsIVuex/JuVhJIPWlGoRJ5u8cXuBTPHPugu9hoA4zi0elLyz6c3I8Q4bibxtw
5MDi8gQE9M6k9zywL/S6KwtQ5qHf4are6l7THAk0ujqn7+whJqm9UY7VvEE=
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:08:31 2025 by rpki-client