Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38382e3139362e302f32322d3234203d3e203437353833.roa
File: 34352e38382e3139362e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: l0Ad12yKC5jQRic361I1QELA8BHESKyjvV3uPo/+DQY=
Subject key identifier: 16:C8:9D:DB:72:90:B2:38:B3:13:01:E4:57:67:75:0B:92:89:FE:07
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 209E48F9F2BC33F0DA9CB30C94CD186D2B03738D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38382e3139362e302f32322d3234203d3e203437353833.roa
Signing time: Fri 20 Dec 2024 15:23:38 +0000
ROA not before: Fri 20 Dec 2024 15:18:38 +0000
ROA not after: Fri 19 Dec 2025 15:23:38 +0000
asID: 47583
IP address blocks: 45.88.196.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:9e:48:f9:f2:bc:33:f0:da:9c:b3:0c:94:cd:18:6d:2b:03:73:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:38 2024 GMT
Not After : Dec 19 15:23:38 2025 GMT
Subject: CN=16C89DDB7290B238B31301E45767750B9289FE07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d3:7a:1b:13:2c:35:82:50:2e:c5:17:4c:8e:
6d:67:3a:6a:a3:db:86:63:52:1b:b5:46:cd:95:cc:
05:42:22:2a:e1:57:39:7b:77:fa:88:87:dc:86:28:
07:3e:88:9d:da:29:0d:1c:72:2d:ff:64:e6:72:fe:
cc:a7:40:eb:19:91:c0:de:3a:e5:33:d7:c6:f4:a2:
84:4a:dd:75:8b:38:8d:d2:48:7b:2b:76:b0:41:b5:
28:4f:13:a4:63:6b:47:86:13:5c:ac:91:c6:12:c1:
7b:05:6d:fb:a2:42:19:91:c2:61:9a:d2:55:22:c1:
87:88:d0:af:28:33:3c:01:2e:fa:65:07:39:e9:bc:
10:b1:c9:a3:87:b1:84:16:41:b9:ad:6a:5c:6f:ac:
96:67:0b:d4:80:de:c1:18:ed:2a:df:4e:2e:96:22:
15:c7:14:a1:95:7b:e5:80:fd:9a:47:58:b8:6b:89:
d5:6d:bb:93:a1:ca:f5:7d:f3:2f:b7:84:b6:c5:5f:
bc:7f:d3:a5:69:ce:cc:b7:71:7b:57:93:91:41:6d:
a0:b5:1b:95:80:47:eb:60:f8:7f:b6:7f:2a:9d:10:
17:27:27:51:8b:56:0f:0a:e6:a2:73:d1:3e:b7:4f:
b2:fa:ca:47:65:bd:9d:fa:c8:a8:4f:e2:52:26:fb:
95:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:C8:9D:DB:72:90:B2:38:B3:13:01:E4:57:67:75:0B:92:89:FE:07
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e38382e3139362e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.196.0/22
Signature Algorithm: sha256WithRSAEncryption
09:d4:85:a6:14:e6:f1:bf:c0:d6:80:21:d4:cb:93:c2:67:a3:
08:a7:a8:0f:c5:0a:ff:9c:6e:fc:2c:e2:45:7f:5b:1e:5c:df:
c1:bf:ea:3f:13:57:de:40:bd:07:7d:e9:ad:0c:72:af:d3:79:
cc:4d:dc:cc:71:49:4f:f3:5c:88:f9:bf:ed:9c:e0:54:50:2c:
9d:01:4f:98:a8:63:5c:89:e1:50:66:e6:2e:c4:2f:3e:b5:5b:
e7:b9:62:4a:7d:ec:13:a9:21:d8:11:b8:2c:51:37:17:4a:1d:
70:2d:ac:d2:31:56:54:e5:b1:cb:22:01:54:91:84:cf:c3:e9:
75:6f:b7:b0:d1:fe:47:2c:8f:35:17:9d:68:a2:be:33:b2:f1:
18:cc:f0:f3:29:5b:2c:64:c5:40:7f:58:ba:dc:8b:27:3f:29:
b1:27:eb:37:db:27:fa:69:bb:53:fa:17:6e:61:05:a5:75:aa:
97:4e:f7:c4:99:e9:06:29:e8:d1:ea:3e:d0:07:8d:85:84:57:
3d:b0:74:96:7e:71:c1:be:28:0f:83:3d:4a:be:fe:e4:6f:b8:
97:3a:29:ef:b5:7a:cd:d5:46:fc:9f:8d:3d:20:32:4a:dd:bc:
d1:f7:16:e8:c0:c0:43:7b:5f:41:f4:8f:9e:fc:79:9c:10:55:
88:ae:3d:12
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUIJ5I+fK8M/DanLMMlM0YbSsDc40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzhaFw0yNTEyMTkxNTIzMzhaMDMxMTAvBgNV
BAMTKDE2Qzg5RERCNzI5MEIyMzhCMzEzMDFFNDU3Njc3NTBCOTI4OUZFMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC603obEyw1glAuxRdMjm1nOmqj
24ZjUhu1Rs2VzAVCIirhVzl7d/qIh9yGKAc+iJ3aKQ0cci3/ZOZy/synQOsZkcDe
OuUz18b0ooRK3XWLOI3SSHsrdrBBtShPE6Rja0eGE1yskcYSwXsFbfuiQhmRwmGa
0lUiwYeI0K8oMzwBLvplBznpvBCxyaOHsYQWQbmtalxvrJZnC9SA3sEY7SrfTi6W
IhXHFKGVe+WA/ZpHWLhridVtu5OhyvV98y+3hLbFX7x/06Vpzsy3cXtXk5FBbaC1
G5WAR+tg+H+2fyqdEBcnJ1GLVg8K5qJz0T63T7L6ykdlvZ36yKhP4lIm+5W5AgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUFsid23KQsjizEwHkV2d1C5KJ/gcwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzODM4MmUz
MTM5MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCLVjEMA0GCSqGSIb3DQEBCwUAA4IBAQAJ1IWmFObxv8DWgCHUy5PCZ6MIp6gP
xQr/nG78LOJFf1seXN/Bv+o/E1feQL0HfemtDHKv03nMTdzMcUlP81yI+b/tnOBU
UCydAU+YqGNcieFQZuYuxC8+tVvnuWJKfewTqSHYEbgsUTcXSh1wLazSMVZU5bHL
IgFUkYTPw+l1b7ew0f5HLI81F51oor4zsvEYzPDzKVssZMVAf1i63IsnPymxJ+s3
2yf6abtT+hduYQWldaqXTvfEmekGKejR6j7QB42FhFc9sHSWfnHBvigPgz1Kvv7k
b7iXOinvtXrN1Ub8n409IDJK3bzR9xbowMBDe19B9I+e/HmcEFWIrj0S
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:37:37 2025 by rpki-client