Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138322e31362e302f32342d3234203d3e20313336373837.roa
File: 352e3138322e31362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: fDhw3kfI/uBC3KBtRlZ6USiOgXn8ERNta2fdkhyzCq0=
Subject key identifier: E9:6F:66:CE:2F:1F:3C:78:9A:0A:8F:6B:A6:01:12:56:02:15:20:E5
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4F91897AC2B506A932FF760A67DE7ED783F1408D
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138322e31362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:07 +0000
ROA not before: Fri 27 Dec 2024 11:42:07 +0000
ROA not after: Fri 26 Dec 2025 11:47:07 +0000
asID: 136787
IP address blocks: 5.182.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:91:89:7a:c2:b5:06:a9:32:ff:76:0a:67:de:7e:d7:83:f1:40:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:07 2024 GMT
Not After : Dec 26 11:47:07 2025 GMT
Subject: CN=E96F66CE2F1F3C789A0A8F6BA6011256021520E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:24:07:5a:13:84:4b:9b:aa:6d:3e:d6:3a:a9:
3d:56:37:f0:46:cd:1d:d3:2c:aa:c2:7b:cf:a2:65:
13:90:d3:69:a9:38:05:9d:44:9d:7d:02:ef:55:d1:
d5:39:e4:2c:2c:ae:e1:5b:c2:11:fd:7b:21:8d:0a:
db:77:5c:e3:a4:8a:af:e9:c0:45:57:0f:11:b7:a4:
bb:c5:b4:12:18:42:8d:2b:e5:f3:a1:f4:b2:2c:e4:
92:88:e9:98:2c:5f:ba:ea:40:f2:67:e3:6e:66:7a:
3c:ed:fb:ee:9d:dc:18:bc:78:1b:69:f8:10:1c:32:
da:b7:d8:d0:48:ee:6f:01:45:4d:75:15:5a:cf:1b:
a3:ec:b4:05:e8:2e:86:84:92:db:d3:44:70:81:ab:
4c:06:69:7d:90:29:1f:d4:9d:da:e1:b1:8f:63:ce:
e7:18:7a:b5:1b:5c:dd:03:03:c8:40:86:32:31:d8:
05:c7:b8:8b:25:11:c0:5d:2f:4f:a7:fa:71:63:3d:
59:36:5d:45:a7:da:16:10:11:00:55:d2:78:1b:a5:
14:37:82:13:dc:44:e6:cb:11:5b:17:db:a1:03:e6:
c4:58:a3:57:59:c6:c2:77:59:e8:2a:a8:7c:8d:b0:
b0:55:fa:01:c6:aa:8e:a6:17:fe:fd:ad:a2:77:6a:
1c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:6F:66:CE:2F:1F:3C:78:9A:0A:8F:6B:A6:01:12:56:02:15:20:E5
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/352e3138322e31362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.16.0/24
Signature Algorithm: sha256WithRSAEncryption
59:f5:34:6a:0a:4c:5d:02:ee:4a:be:50:a5:26:09:64:73:39:
1f:dd:8c:23:75:63:93:87:b2:e0:00:06:10:42:42:76:44:86:
1c:0e:45:15:bb:8e:33:9b:4f:ca:40:37:ed:ab:33:9b:5b:b7:
33:fa:68:bf:a3:b8:98:ff:99:a8:63:29:a8:8b:98:47:cb:06:
3f:01:ef:bf:82:bf:ef:36:35:9f:72:27:9f:6e:be:16:10:71:
5e:4c:4d:ed:15:39:13:84:d6:d4:e7:87:d2:f6:80:65:a8:78:
43:dc:dd:09:85:15:bb:d6:83:f6:ad:be:f4:eb:01:e2:1a:01:
b9:fa:5e:1f:13:b4:a0:4f:26:83:e6:4d:ad:35:fb:5a:7f:a6:
84:7b:e0:cd:70:ce:b2:c4:14:8e:72:c4:2c:fd:4a:83:6a:c7:
e6:c1:a5:8c:fc:b5:02:75:a5:02:41:8c:95:9c:eb:12:32:6a:
9b:90:57:b0:5f:43:30:fd:c4:24:93:9d:d8:45:9e:dc:3b:12:
fa:3c:b0:2b:d6:63:14:41:1a:85:4b:1e:18:01:1d:36:0d:bc:
e2:2a:5c:0b:94:ba:29:f7:17:42:6f:67:cf:1c:56:dc:9f:ec:
2f:9d:01:cc:4c:b9:b3:01:66:df:72:a6:2a:c2:7f:4c:5c:b2:
6b:2e:93:69
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUT5GJesK1Bqky/3YKZ95+14PxQI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMDdaFw0yNTEyMjYxMTQ3MDdaMDMxMTAvBgNV
BAMTKEU5NkY2NkNFMkYxRjNDNzg5QTBBOEY2QkE2MDExMjU2MDIxNTIwRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTJAdaE4RLm6ptPtY6qT1WN/BG
zR3TLKrCe8+iZROQ02mpOAWdRJ19Au9V0dU55CwsruFbwhH9eyGNCtt3XOOkiq/p
wEVXDxG3pLvFtBIYQo0r5fOh9LIs5JKI6ZgsX7rqQPJn425mejzt++6d3Bi8eBtp
+BAcMtq32NBI7m8BRU11FVrPG6PstAXoLoaEktvTRHCBq0wGaX2QKR/UndrhsY9j
zucYerUbXN0DA8hAhjIx2AXHuIslEcBdL0+n+nFjPVk2XUWn2hYQEQBV0ngbpRQ3
ghPcRObLEVsX26ED5sRYo1dZxsJ3WegqqHyNsLBV+gHGqo6mF/79raJ3ahz/AgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU6W9mzi8fPHiaCo9rpgESVgIVIOUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNTJlMzEzODMyMmUz
MTM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQABbYQMA0GCSqGSIb3DQEBCwUAA4IBAQBZ9TRqCkxdAu5KvlClJglkczkf3Ywj
dWOTh7LgAAYQQkJ2RIYcDkUVu44zm0/KQDftqzObW7cz+mi/o7iY/5moYymoi5hH
ywY/Ae+/gr/vNjWfciefbr4WEHFeTE3tFTkThNbU54fS9oBlqHhD3N0JhRW71oP2
rb706wHiGgG5+l4fE7SgTyaD5k2tNftaf6aEe+DNcM6yxBSOcsQs/UqDasfmwaWM
/LUCdaUCQYyVnOsSMmqbkFewX0Mw/cQkk53YRZ7cOxL6PLAr1mMUQRqFSx4YAR02
DbziKlwLlLop9xdCb2fPHFbcn+wvnQHMTLmzAWbfcqYqwn9MXLJrLpNp
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:50:23 2025 by rpki-client