Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39342e3230392e302f32342d3332203d3e203531313637.roa
File: 34352e39342e3230392e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: dxaKF0harsB6ktira94PFTdppq35iDBsXRTS8Dpfqz4=
Subject key identifier: D7:85:37:86:2A:EE:C1:CC:3E:70:A3:EF:D8:1A:4D:FC:7C:80:3D:B6
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 299347DE605465388D3AC90E04D1063E08575EE2
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39342e3230392e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:39 +0000
ROA not before: Fri 27 Dec 2024 11:42:39 +0000
ROA not after: Fri 26 Dec 2025 11:47:39 +0000
asID: 51167
IP address blocks: 45.94.209.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:93:47:de:60:54:65:38:8d:3a:c9:0e:04:d1:06:3e:08:57:5e:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:39 2024 GMT
Not After : Dec 26 11:47:39 2025 GMT
Subject: CN=D78537862AEEC1CC3E70A3EFD81A4DFC7C803DB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:04:ef:09:12:a1:e7:cf:26:28:9e:58:50:02:
c5:ca:eb:c6:6f:89:c0:1e:5c:be:57:3f:e6:4b:42:
80:d8:2a:fe:e6:ee:83:b1:76:60:5f:69:a8:30:4f:
f1:72:78:10:fa:4f:9d:9f:1f:8a:6b:91:8f:fa:b7:
1c:72:4d:75:ca:d0:59:e1:05:b1:35:75:53:ce:ae:
12:60:44:60:6e:26:f5:37:a3:ee:ee:c1:fe:1f:77:
a4:37:b9:5e:78:b8:03:b7:3b:c5:3c:b8:9d:b0:fd:
8c:e3:18:f7:54:3f:35:59:39:11:dd:00:0c:c5:66:
96:1e:19:25:8d:d5:b0:dd:1a:40:cd:38:e1:3a:1b:
d6:2d:f2:39:95:21:0c:69:50:16:ea:34:81:4f:76:
b3:76:59:5c:c6:82:1c:03:07:a8:30:81:6f:05:9c:
49:53:76:4e:a8:69:a7:8c:b8:e5:fb:e5:9d:6a:13:
5f:46:ef:c9:82:8e:ca:3c:16:44:67:d8:16:85:cf:
ee:a8:48:f3:06:b4:1f:51:c0:16:e6:97:f1:90:1c:
49:14:6d:0a:53:0a:51:a5:8f:81:af:7d:43:e3:cd:
f8:27:dc:12:1e:91:83:c8:fd:e0:1d:4e:91:75:e8:
4e:50:ab:05:c5:e2:da:68:51:3e:85:25:cf:97:17:
8e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:85:37:86:2A:EE:C1:CC:3E:70:A3:EF:D8:1A:4D:FC:7C:80:3D:B6
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39342e3230392e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.209.0/24
Signature Algorithm: sha256WithRSAEncryption
65:aa:7e:36:e8:5e:52:83:3e:c8:c3:d8:d5:13:0a:4f:30:ed:
88:cf:5e:8d:26:92:35:16:8a:bc:a4:b2:2c:58:c2:18:89:10:
66:e1:ba:6d:c1:12:72:97:fd:82:6d:82:a6:68:72:8a:07:e4:
39:4f:0f:80:64:0b:cf:f8:e9:35:45:ad:be:0d:28:9a:68:2d:
79:e2:df:86:cd:a1:eb:f0:22:c4:cd:0b:e5:31:f9:62:3f:e3:
44:d9:ba:71:8f:99:bc:76:78:37:b2:0b:47:1a:f2:ae:b8:a0:
50:bd:2a:7b:1b:87:8e:cb:8d:1e:f5:66:df:86:0b:91:93:6a:
6a:88:ea:4d:a6:3e:35:fd:b9:7e:2c:8e:ec:d0:5c:36:7c:76:
29:bc:cc:be:f1:0b:66:46:2f:75:68:3d:8b:66:16:df:41:2e:
7e:e7:f3:06:0a:32:ce:5f:13:e1:77:b4:02:3f:94:d2:19:49:
17:4c:09:6c:5a:ec:36:68:f2:c2:54:50:c0:3d:a2:72:fc:fa:
d7:4c:10:d2:00:7a:91:c6:72:b7:16:96:f0:8e:ff:d8:e5:ca:
18:08:1c:e2:2c:a9:e1:8f:1e:60:7a:79:8a:f4:49:75:b8:f8:
a9:7d:7a:76:56:1d:ba:72:f8:8b:72:14:fa:de:69:c8:99:a4:
0b:f5:3e:e4
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUKZNH3mBUZTiNOskOBNEGPghXXuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzlaFw0yNTEyMjYxMTQ3MzlaMDMxMTAvBgNV
BAMTKEQ3ODUzNzg2MkFFRUMxQ0MzRTcwQTNFRkQ4MUE0REZDN0M4MDNEQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwBO8JEqHnzyYonlhQAsXK68Zv
icAeXL5XP+ZLQoDYKv7m7oOxdmBfaagwT/FyeBD6T52fH4prkY/6txxyTXXK0Fnh
BbE1dVPOrhJgRGBuJvU3o+7uwf4fd6Q3uV54uAO3O8U8uJ2w/YzjGPdUPzVZORHd
AAzFZpYeGSWN1bDdGkDNOOE6G9Yt8jmVIQxpUBbqNIFPdrN2WVzGghwDB6gwgW8F
nElTdk6oaaeMuOX75Z1qE19G78mCjso8FkRn2BaFz+6oSPMGtB9RwBbml/GQHEkU
bQpTClGlj4GvfUPjzfgn3BIekYPI/eAdTpF16E5QqwXF4tpoUT6FJc+XF47LAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU14U3hiruwcw+cKPv2BpN/HyAPbYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzOTM0MmUz
MjMwMzkyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQALV7RMA0GCSqGSIb3DQEBCwUAA4IBAQBlqn426F5Sgz7Iw9jVEwpPMO2Iz16N
JpI1Foq8pLIsWMIYiRBm4bptwRJyl/2CbYKmaHKKB+Q5Tw+AZAvP+Ok1Ra2+DSia
aC154t+GzaHr8CLEzQvlMfliP+NE2bpxj5m8dng3sgtHGvKuuKBQvSp7G4eOy40e
9WbfhguRk2pqiOpNpj41/bl+LI7s0Fw2fHYpvMy+8QtmRi91aD2LZhbfQS5+5/MG
CjLOXxPhd7QCP5TSGUkXTAlsWuw2aPLCVFDAPaJy/PrXTBDSAHqRxnK3Fpbwjv/Y
5coYCBziLKnhjx5genmK9El1uPipfXp2Vh26cviLchT63mnImaQL9T7k
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:17:51 2025 by rpki-client