Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39302e3232312e302f32342d3234203d3e20323034313730.roa
File: 34352e39302e3232312e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: ddlu9Me0YpCcos7BayWbBfmycXeUfFR8DOVUpahuWV8=
Subject key identifier: 97:EC:86:5F:94:15:F1:51:D3:B4:57:F8:51:AF:85:84:CB:F5:39:41
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5AAB418EEF3679E5211769734FA4C85F22B0F5DB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39302e3232312e302f32342d3234203d3e20323034313730.roa
Signing time: Fri 27 Dec 2024 11:47:37 +0000
ROA not before: Fri 27 Dec 2024 11:42:37 +0000
ROA not after: Fri 26 Dec 2025 11:47:37 +0000
asID: 204170
IP address blocks: 45.90.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:ab:41:8e:ef:36:79:e5:21:17:69:73:4f:a4:c8:5f:22:b0:f5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:37 2024 GMT
Not After : Dec 26 11:47:37 2025 GMT
Subject: CN=97EC865F9415F151D3B457F851AF8584CBF53941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:41:36:b0:33:eb:e5:e3:18:ce:b3:8c:93:e2:
54:d0:f6:6c:38:67:81:c1:ee:a2:14:10:f4:ce:d6:
1a:78:ea:38:6e:a1:f6:54:ea:02:64:8b:81:1a:4c:
c8:fb:b2:3f:2c:b9:21:36:67:a8:23:bb:9a:6c:2b:
e8:3e:e9:25:60:8b:57:15:bb:98:3a:19:e7:5a:e1:
c5:ab:92:8d:65:de:e7:5a:ec:c1:bd:92:42:a5:32:
a0:a0:3f:05:39:ca:27:b4:6a:7c:13:7c:3b:f9:eb:
17:96:1f:7d:98:af:b0:f2:42:37:f3:c5:ec:e2:bc:
07:df:a3:32:47:07:0c:05:17:ae:85:4b:46:94:a0:
66:26:0e:17:e5:25:f1:f3:83:94:20:40:96:48:6e:
fa:d6:ad:e9:4a:47:fa:d1:4b:a4:df:26:9d:b7:5d:
f6:a7:99:fe:54:48:57:a8:2d:3a:4c:67:4c:68:57:
6a:8f:92:5e:54:53:d1:b3:68:3f:36:63:88:c9:a0:
7f:26:7f:f2:0f:31:c5:bf:a0:a4:ce:6d:32:30:87:
ab:a7:6b:fb:48:a3:be:69:a2:ba:d1:10:4a:8d:60:
a7:a0:da:89:be:fe:e0:ab:11:b0:3c:92:d0:54:59:
7e:1d:db:13:33:a0:63:64:8d:f2:53:aa:64:ea:ec:
88:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EC:86:5F:94:15:F1:51:D3:B4:57:F8:51:AF:85:84:CB:F5:39:41
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39302e3232312e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.221.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:2c:63:fe:78:e5:d3:ea:b8:66:43:75:ab:ff:16:b1:1b:8a:
fb:5f:f4:6f:b7:41:31:54:07:c9:e7:6a:70:09:eb:7e:0d:c8:
2b:e3:b4:0c:cf:d3:1e:6a:4e:4b:16:20:45:5e:5f:65:62:0a:
db:ca:03:24:39:8f:fb:a9:1e:be:4c:e6:c1:57:37:6e:bc:47:
74:19:56:9d:d5:6a:b2:7d:68:53:b8:32:6f:88:0f:24:c9:9e:
9c:99:86:3d:66:8d:a6:9a:5e:6e:0e:0c:bf:04:63:9b:9c:2f:
a4:8e:de:6a:f8:27:34:d2:b8:e9:4e:db:94:00:ae:78:ad:ca:
68:76:0b:4e:b3:72:a2:bf:04:09:10:14:31:b0:7d:0a:04:2a:
cf:14:c3:a3:cf:54:3c:de:a1:d9:91:f9:43:39:a6:0f:cf:f3:
70:e9:6c:e9:92:a6:2c:46:d7:55:f2:f9:1f:8d:26:5d:6d:87:
3a:eb:30:4c:f0:10:84:18:d6:ff:94:d0:50:a9:18:7b:0a:a0:
d7:fd:ad:7f:25:68:c3:30:80:4f:12:b2:19:b5:47:71:a7:66:
05:eb:c0:da:3b:5e:2c:e2:55:a5:07:5c:37:26:4e:1b:40:b3:
77:60:4a:9a:e8:4f:83:b7:c0:50:ae:d3:0e:e3:29:9f:75:a3:
16:20:aa:d8
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUWqtBju82eeUhF2lzT6TIXyKw9dswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzdaFw0yNTEyMjYxMTQ3MzdaMDMxMTAvBgNV
BAMTKDk3RUM4NjVGOTQxNUYxNTFEM0I0NTdGODUxQUY4NTg0Q0JGNTM5NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEQTawM+vl4xjOs4yT4lTQ9mw4
Z4HB7qIUEPTO1hp46jhuofZU6gJki4EaTMj7sj8suSE2Z6gju5psK+g+6SVgi1cV
u5g6Geda4cWrko1l3uda7MG9kkKlMqCgPwU5yie0anwTfDv56xeWH32Yr7DyQjfz
xezivAffozJHBwwFF66FS0aUoGYmDhflJfHzg5QgQJZIbvrWrelKR/rRS6TfJp23
Xfanmf5USFeoLTpMZ0xoV2qPkl5UU9GzaD82Y4jJoH8mf/IPMcW/oKTObTIwh6un
a/tIo75porrREEqNYKeg2om+/uCrEbA8ktBUWX4d2xMzoGNkjfJTqmTq7IhpAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUl+yGX5QV8VHTtFf4Ua+FhMv1OUEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzOTMwMmUz
MjMyMzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAtWt0wDQYJKoZIhvcNAQELBQADggEBAKwsY/545dPquGZDdav/FrEbivtf
9G+3QTFUB8nnanAJ634NyCvjtAzP0x5qTksWIEVeX2ViCtvKAyQ5j/upHr5M5sFX
N268R3QZVp3VarJ9aFO4Mm+IDyTJnpyZhj1mjaaaXm4ODL8EY5ucL6SO3mr4JzTS
uOlO25QArnitymh2C06zcqK/BAkQFDGwfQoEKs8Uw6PPVDzeodmR+UM5pg/P83Dp
bOmSpixG11Xy+R+NJl1thzrrMEzwEIQY1v+U0FCpGHsKoNf9rX8laMMwgE8Sshm1
R3GnZgXrwNo7XiziVaUHXDcmThtAs3dgSproT4O3wFCu0w7jKZ91oxYgqtg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:59:15 2025 by rpki-client