Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138302e3135312e302f32342d3332203d3e203531313637.roa
File: 352e3138302e3135312e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: VFNDDww0mlleenYj92lUKrITrNfHCYR23p7lK46ie30=
Subject key identifier: 7E:32:34:21:9F:CD:1D:E2:02:80:56:7A:FC:B2:20:59:58:D5:F2:5D
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 185D5E741A84A8160AE7F8244056F73A7AF0B1B4
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138302e3135312e302f32342d3332203d3e203531313637.roa
Signing time: Fri 27 Dec 2024 11:47:33 +0000
ROA not before: Fri 27 Dec 2024 11:42:33 +0000
ROA not after: Fri 26 Dec 2025 11:47:33 +0000
asID: 51167
IP address blocks: 5.180.151.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:5d:5e:74:1a:84:a8:16:0a:e7:f8:24:40:56:f7:3a:7a:f0:b1:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:33 2024 GMT
Not After : Dec 26 11:47:33 2025 GMT
Subject: CN=7E3234219FCD1DE20280567AFCB2205958D5F25D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1c:17:d8:ca:21:cf:c5:05:f2:df:97:cd:f3:
34:68:99:11:3e:c1:04:e1:ba:33:74:c2:c4:7d:f9:
91:51:8a:24:c5:83:fa:cb:3b:52:3d:7e:d1:a4:77:
3e:ae:a3:7d:56:55:94:f0:62:19:9f:3f:5f:85:75:
80:d3:a7:61:09:4b:80:5a:c2:5d:3e:d8:d1:9e:c5:
0d:19:39:1b:13:dc:4f:04:93:a6:18:3a:8a:ed:90:
01:11:bd:8c:6e:66:09:16:1d:74:6b:36:e6:05:ba:
18:f8:ea:66:88:b2:db:3f:dc:58:35:fd:30:a0:bc:
87:54:15:38:55:1a:97:62:8e:3e:ec:16:10:7a:99:
21:70:3e:e2:b0:9a:f8:a6:77:40:a1:b6:c0:57:45:
e0:c9:b4:6c:a6:16:d0:76:8a:b0:67:d0:f7:c7:5e:
9a:f4:d1:11:67:ef:af:8c:90:5c:ac:12:62:64:17:
0d:ad:45:03:93:31:a7:46:0f:10:dd:0a:53:0a:f5:
96:d3:a4:d8:eb:74:dd:1f:ee:2b:fe:b6:98:66:3b:
08:67:ad:ab:18:ac:a0:1f:66:35:83:02:e4:f6:b0:
08:8b:e6:e1:b4:d3:ff:4f:d9:19:24:c4:10:98:99:
8e:1e:9d:5b:0d:15:ce:fc:41:ca:8e:7a:28:ef:29:
37:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:32:34:21:9F:CD:1D:E2:02:80:56:7A:FC:B2:20:59:58:D5:F2:5D
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138302e3135312e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.151.0/24
Signature Algorithm: sha256WithRSAEncryption
25:76:f0:0a:39:bc:b0:30:3b:b0:40:a8:0c:89:88:b8:f6:e3:
35:cb:9d:f8:38:42:9d:8f:fd:77:94:6b:01:13:6d:9a:06:d5:
15:c0:7d:d3:19:05:09:d0:ac:fa:c9:8a:99:32:0c:93:0a:cc:
6d:b4:17:82:67:f0:6b:06:95:ab:c1:85:63:81:fe:86:39:76:
4a:d4:82:51:2e:c3:35:bd:02:cb:33:af:07:e0:6b:36:ea:3f:
ff:26:8f:b0:8f:ac:d7:2a:06:33:dd:f0:d2:32:19:22:18:0b:
e7:f9:e6:b9:15:af:3a:04:c2:10:a5:83:67:77:74:4d:7c:a7:
4c:2e:be:e6:97:c0:97:e3:62:30:19:7a:b8:38:54:41:93:e1:
a2:d5:4a:74:c7:c0:75:6a:04:1f:76:5b:5c:d4:cc:b8:f0:3e:
57:1d:20:09:42:ad:f9:93:2b:ea:e8:b2:b7:67:23:0e:32:1a:
43:8a:6b:58:9c:6e:ec:b1:2f:1b:e6:44:12:39:12:1a:07:0f:
d1:49:a3:2f:8a:e4:a3:af:c0:6d:0b:c5:b5:82:3c:f9:8f:af:
88:dc:a4:80:3a:ff:2f:03:37:13:ae:13:1a:8d:b1:9d:de:61:
82:4e:22:2c:27:68:49:48:8f:bd:cd:c4:0e:ca:2c:06:f4:99:
9b:60:6f:eb
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUGF1edBqEqBYK5/gkQFb3OnrwsbQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzNaFw0yNTEyMjYxMTQ3MzNaMDMxMTAvBgNV
BAMTKDdFMzIzNDIxOUZDRDFERTIwMjgwNTY3QUZDQjIyMDU5NThENUYyNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBHBfYyiHPxQXy35fN8zRomRE+
wQThujN0wsR9+ZFRiiTFg/rLO1I9ftGkdz6uo31WVZTwYhmfP1+FdYDTp2EJS4Ba
wl0+2NGexQ0ZORsT3E8Ek6YYOortkAERvYxuZgkWHXRrNuYFuhj46maIsts/3Fg1
/TCgvIdUFThVGpdijj7sFhB6mSFwPuKwmvimd0ChtsBXReDJtGymFtB2irBn0PfH
Xpr00RFn76+MkFysEmJkFw2tRQOTMadGDxDdClMK9ZbTpNjrdN0f7iv+tphmOwhn
rasYrKAfZjWDAuT2sAiL5uG00/9P2RkkxBCYmY4enVsNFc78QcqOeijvKTcVAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUfjI0IZ/NHeICgFZ6/LIgWVjV8l0wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNTJlMzEzODMwMmUz
MTM1MzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQABbSXMA0GCSqGSIb3DQEBCwUAA4IBAQAldvAKObywMDuwQKgMiYi49uM1y534
OEKdj/13lGsBE22aBtUVwH3TGQUJ0Kz6yYqZMgyTCsxttBeCZ/BrBpWrwYVjgf6G
OXZK1IJRLsM1vQLLM68H4Gs26j//Jo+wj6zXKgYz3fDSMhkiGAvn+ea5Fa86BMIQ
pYNnd3RNfKdMLr7ml8CX42IwGXq4OFRBk+Gi1Up0x8B1agQfdltc1My48D5XHSAJ
Qq35kyvq6LK3ZyMOMhpDimtYnG7ssS8b5kQSORIaBw/RSaMviuSjr8BtC8W1gjz5
j6+I3KSAOv8vAzcTrhMajbGd3mGCTiIsJ2hJSI+9zcQOyiwG9JmbYG/r
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:05:01 2025 by rpki-client