Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3133332e3131382e302f32342d3234203d3e20313336373837.roa
File: 352e3133332e3131382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: YPl6nWxs5VkMMbpVi9pXevxSVEyWQmurXOfqgLSUvq0=
Subject key identifier: A8:92:CC:EE:8F:A3:0E:7F:48:C3:7C:44:CF:D4:C0:D4:BB:CE:C5:B6
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 459BFA914D4A632F08DDD42124B949CB24959196
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3133332e3131382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:20 +0000
ROA not before: Fri 27 Dec 2024 11:42:20 +0000
ROA not after: Fri 26 Dec 2025 11:47:20 +0000
asID: 136787
IP address blocks: 5.133.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:9b:fa:91:4d:4a:63:2f:08:dd:d4:21:24:b9:49:cb:24:95:91:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:20 2024 GMT
Not After : Dec 26 11:47:20 2025 GMT
Subject: CN=A892CCEE8FA30E7F48C37C44CFD4C0D4BBCEC5B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6b:e6:f1:11:66:4f:69:75:fb:8f:9a:ec:be:
91:14:4f:d8:a8:5c:54:e7:fc:b0:ec:c2:00:5c:a0:
72:ae:30:75:94:48:f3:04:77:82:22:de:c0:54:22:
d2:6c:90:a5:84:94:fb:bb:8d:8b:99:89:ab:bd:8b:
06:ca:cd:7f:34:e9:7e:50:5e:d0:58:4e:4a:26:ed:
1f:62:f1:1d:b6:17:82:3a:bc:ce:21:02:43:f7:0f:
a5:18:6c:c2:af:d7:61:56:f4:d6:d5:33:fa:83:44:
d7:ab:a0:e3:ca:cf:53:bc:d2:e9:e4:38:40:cf:e6:
8b:c2:0f:a2:1c:39:7a:b5:37:50:2d:b1:f0:75:ae:
0d:e5:e6:71:0d:af:6a:e7:89:d0:8a:74:71:a5:85:
1d:50:66:ea:63:a2:2d:15:45:5f:4c:c3:c8:93:27:
86:a0:94:a5:cd:de:b2:04:dc:cb:6f:3a:df:1e:e9:
39:42:7c:69:6d:03:1e:a6:43:04:c0:4c:12:0a:78:
c7:59:f2:7e:63:3b:c3:46:f3:bc:ef:c0:a9:99:37:
d6:d8:36:9c:28:f4:a3:cb:e4:aa:83:16:13:e4:3a:
48:2a:a0:68:78:1c:64:a7:75:b4:91:ff:9d:fa:32:
e1:ee:c3:df:6c:89:68:66:48:3c:29:d7:bd:45:1c:
ec:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:92:CC:EE:8F:A3:0E:7F:48:C3:7C:44:CF:D4:C0:D4:BB:CE:C5:B6
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3133332e3131382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.118.0/24
Signature Algorithm: sha256WithRSAEncryption
22:37:49:e3:6f:2d:bb:bd:bb:2f:8a:15:04:66:97:58:ef:fe:
94:02:26:ef:b4:52:e1:cc:32:a8:dc:ff:c0:73:03:d0:0d:8d:
75:4b:f1:d2:af:25:33:b9:19:6c:81:44:96:24:ff:ca:c9:9c:
47:27:90:12:0c:64:7e:20:6b:69:59:3e:63:89:45:a0:56:89:
fc:12:fe:c6:f8:e8:1d:ea:38:45:a5:68:f7:1c:31:e7:58:3a:
23:04:53:2c:d0:5a:1a:ea:6f:33:ce:a2:9a:d9:06:54:c4:01:
af:de:d0:ae:53:56:70:c4:f0:cc:1f:d6:a9:93:a0:b9:c6:4a:
f8:3f:54:23:f5:0b:a8:86:4b:dc:4e:a9:f6:9b:26:b5:da:51:
6b:94:33:1d:10:90:6a:5e:1d:c0:43:c6:df:16:68:bb:21:72:
6b:05:1c:40:60:27:d8:26:a0:9a:ea:49:9f:15:e5:bf:32:99:
ce:f0:74:5f:4e:2e:1e:3c:e0:8c:a3:16:b9:8b:d2:57:96:98:
b1:4d:68:77:73:4d:a9:e2:0f:72:de:9c:54:c4:42:68:5e:d4:
df:d2:fa:10:ec:2b:e5:60:86:2a:bb:4a:fd:38:ab:4e:cc:93:
22:57:e0:d0:ca:ba:d7:9b:16:0e:bd:6c:e7:18:a0:1e:75:97:
b3:4f:35:22
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIURZv6kU1KYy8I3dQhJLlJyySVkZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjBaFw0yNTEyMjYxMTQ3MjBaMDMxMTAvBgNV
BAMTKEE4OTJDQ0VFOEZBMzBFN0Y0OEMzN0M0NENGRDRDMEQ0QkJDRUM1QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXa+bxEWZPaXX7j5rsvpEUT9io
XFTn/LDswgBcoHKuMHWUSPMEd4Ii3sBUItJskKWElPu7jYuZiau9iwbKzX806X5Q
XtBYTkom7R9i8R22F4I6vM4hAkP3D6UYbMKv12FW9NbVM/qDRNeroOPKz1O80unk
OEDP5ovCD6IcOXq1N1AtsfB1rg3l5nENr2rnidCKdHGlhR1QZupjoi0VRV9Mw8iT
J4aglKXN3rIE3MtvOt8e6TlCfGltAx6mQwTATBIKeMdZ8n5jO8NG87zvwKmZN9bY
Npwo9KPL5KqDFhPkOkgqoGh4HGSndbSR/536MuHuw99siWhmSDwp171FHOylAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUqJLM7o+jDn9Iw3xEz9TA1LvOxbYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNTJlMzEzMzMzMmUz
MTMxMzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAFhXYwDQYJKoZIhvcNAQELBQADggEBACI3SeNvLbu9uy+KFQRml1jv/pQC
Ju+0UuHMMqjc/8BzA9ANjXVL8dKvJTO5GWyBRJYk/8rJnEcnkBIMZH4ga2lZPmOJ
RaBWifwS/sb46B3qOEWlaPccMedYOiMEUyzQWhrqbzPOoprZBlTEAa/e0K5TVnDE
8Mwf1qmToLnGSvg/VCP1C6iGS9xOqfabJrXaUWuUMx0QkGpeHcBDxt8WaLshcmsF
HEBgJ9gmoJrqSZ8V5b8ymc7wdF9OLh484IyjFrmL0leWmLFNaHdzTaniD3LenFTE
Qmhe1N/S+hDsK+Vghiq7Sv04q07MkyJX4NDKutebFg69bOcYoB51l7NPNSI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:21:59 2025 by rpki-client