Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138312e33322e302f32322d3234203d3e20323031333431.roa
File: 352e3138312e33322e302f32322d3234203d3e20323031333431.roa (raw, json)
Hash identifier: 8FQU9NFnMzW8Rpi/feOtyuGYvUf4ZJCqSY5bu5uXzsA=
Subject key identifier: 22:F7:7B:7A:56:31:38:C4:6A:98:DE:2D:5D:01:1E:95:1E:B5:10:5B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 349424D1161107B4ADB7B7DE703B42102DE77A1F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138312e33322e302f32322d3234203d3e20323031333431.roa
Signing time: Fri 20 Dec 2024 15:23:26 +0000
ROA not before: Fri 20 Dec 2024 15:18:26 +0000
ROA not after: Fri 19 Dec 2025 15:23:26 +0000
asID: 201341
IP address blocks: 5.181.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:94:24:d1:16:11:07:b4:ad:b7:b7:de:70:3b:42:10:2d:e7:7a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:26 2024 GMT
Not After : Dec 19 15:23:26 2025 GMT
Subject: CN=22F77B7A563138C46A98DE2D5D011E951EB5105B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0e:ab:4c:f1:53:b2:c1:97:a1:26:0d:63:c5:
61:c9:7d:0f:5f:76:94:d7:13:b7:e3:79:18:b3:d6:
09:45:47:b9:e8:63:ff:b1:d3:d9:72:26:8d:5f:8b:
5c:a9:7d:d4:35:df:c9:24:c2:f5:4a:bd:21:f2:17:
55:f8:e7:b6:a9:e0:e1:22:6c:37:5c:cb:1c:52:ec:
7f:7d:52:09:60:29:84:46:4a:61:7d:03:76:ee:6d:
7a:75:f9:d0:52:a5:66:51:4b:60:a5:23:8f:c5:07:
79:da:c6:95:a3:e7:24:a6:1d:f6:7e:17:c9:e1:75:
b7:ec:8f:2e:c4:f1:20:e0:68:1f:a4:16:a0:bb:3f:
e9:c5:2e:5a:fd:a0:2b:4a:d9:4c:49:46:cb:cd:e2:
8c:e9:ba:6f:d0:4a:96:23:6d:8c:8f:65:26:d5:c4:
11:41:75:b5:7f:84:ac:b8:50:51:fe:2a:ed:f5:1d:
db:80:00:3e:99:51:2e:11:83:f0:74:4e:35:5a:0c:
75:66:07:f1:b8:da:9a:9f:6a:de:50:a9:7f:37:bf:
2a:3a:1a:df:12:f5:9d:e5:5b:5f:bd:d5:72:ae:ee:
12:eb:38:19:d3:a4:96:5a:3f:7d:9a:0f:21:7d:08:
e2:c0:ac:41:a9:83:1d:41:42:75:f7:fd:e9:bc:1e:
be:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F7:7B:7A:56:31:38:C4:6A:98:DE:2D:5D:01:1E:95:1E:B5:10:5B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138312e33322e302f32322d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.32.0/22
Signature Algorithm: sha256WithRSAEncryption
96:c5:f8:30:03:89:c5:3e:4c:8d:9b:86:96:4f:be:a8:f4:8d:
cc:1a:7a:37:60:4c:c1:6e:d4:ef:d0:78:6c:3d:0a:d3:78:c1:
9d:a4:88:8a:c5:96:a8:83:8a:c3:a9:ec:9c:25:02:03:b2:58:
4e:c8:fe:46:9d:50:bd:70:55:3f:f6:97:70:c9:f4:f4:ca:85:
e0:e9:cb:64:6a:dc:2a:8f:c9:39:10:0d:7a:2a:15:cd:73:bc:
6a:2e:38:59:99:4c:03:e2:03:be:b5:ac:ec:08:11:6e:35:d6:
d5:e8:db:ff:40:29:f1:a8:d8:e2:d9:e2:22:2f:11:14:e9:d0:
a1:09:e8:a8:64:fc:2d:24:f2:8d:b3:c8:00:01:53:d1:58:d0:
54:18:33:85:64:11:10:c0:99:c9:a4:43:87:23:c2:2c:f6:0b:
f7:e0:4d:d1:46:8e:1d:1a:90:3e:a7:32:8b:16:ee:0c:cd:c6:
51:36:7d:a4:69:a3:3d:5e:e3:3c:6c:05:8f:76:b5:13:a8:5f:
14:e0:0d:5b:19:4e:d8:f4:b3:8b:6f:3b:76:41:90:0a:53:a8:
7f:34:de:8f:c1:96:0e:e1:9c:28:7f:f0:7b:73:8d:61:99:04:
96:aa:58:83:7d:2b:7c:92:40:26:b6:32:5c:89:92:02:85:77:
9c:ad:16:ad
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUNJQk0RYRB7Stt7fecDtCEC3neh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MjZaFw0yNTEyMTkxNTIzMjZaMDMxMTAvBgNV
BAMTKDIyRjc3QjdBNTYzMTM4QzQ2QTk4REUyRDVEMDExRTk1MUVCNTEwNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrDqtM8VOywZehJg1jxWHJfQ9f
dpTXE7fjeRiz1glFR7noY/+x09lyJo1fi1ypfdQ138kkwvVKvSHyF1X457ap4OEi
bDdcyxxS7H99UglgKYRGSmF9A3bubXp1+dBSpWZRS2ClI4/FB3naxpWj5ySmHfZ+
F8nhdbfsjy7E8SDgaB+kFqC7P+nFLlr9oCtK2UxJRsvN4ozpum/QSpYjbYyPZSbV
xBFBdbV/hKy4UFH+Ku31HduAAD6ZUS4Rg/B0TjVaDHVmB/G42pqfat5QqX83vyo6
Gt8S9Z3lW1+91XKu7hLrOBnTpJZaP32aDyF9COLArEGpgx1BQnX3/em8Hr7zAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUIvd7elYxOMRqmN4tXQEelR61EFswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNTJlMzEzODMxMmUz
MzMyMmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCBbUgMA0GCSqGSIb3DQEBCwUAA4IBAQCWxfgwA4nFPkyNm4aWT76o9I3MGno3
YEzBbtTv0HhsPQrTeMGdpIiKxZaog4rDqeycJQIDslhOyP5GnVC9cFU/9pdwyfT0
yoXg6ctkatwqj8k5EA16KhXNc7xqLjhZmUwD4gO+tazsCBFuNdbV6Nv/QCnxqNji
2eIiLxEU6dChCeioZPwtJPKNs8gAAVPRWNBUGDOFZBEQwJnJpEOHI8Is9gv34E3R
Ro4dGpA+pzKLFu4MzcZRNn2kaaM9XuM8bAWPdrUTqF8U4A1bGU7Y9LOLbzt2QZAK
U6h/NN6PwZYO4Zwof/B7c41hmQSWqliDfSt8kkAmtjJciZIChXecrRat
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:39:31 2025 by rpki-client