Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38302e37312e3134382e302f32342d3234203d3e20323031333431.roa
File: 38302e37312e3134382e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: Pl77wZxCKLCHrEg1ZTPuYAgFmrOBiKtLpEnWuFVH7cw=
Subject key identifier: 5E:47:AD:28:1C:58:E0:F3:2D:94:82:33:4C:E0:79:6E:9B:05:D2:4E
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7A2F59B508FC0E2476577E838FF08F71E844EC85
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38302e37312e3134382e302f32342d3234203d3e20323031333431.roa
Signing time: Thu 21 Nov 2024 16:44:20 +0000
ROA not before: Thu 21 Nov 2024 16:39:20 +0000
ROA not after: Thu 20 Nov 2025 16:44:20 +0000
asID: 201341
IP address blocks: 80.71.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:2f:59:b5:08:fc:0e:24:76:57:7e:83:8f:f0:8f:71:e8:44:ec:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Nov 21 16:39:20 2024 GMT
Not After : Nov 20 16:44:20 2025 GMT
Subject: CN=5E47AD281C58E0F32D9482334CE0796E9B05D24E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ca:2c:41:77:8c:a5:4c:23:16:fb:8b:37:6c:
a6:43:a7:17:f3:a5:84:06:23:2d:bd:3f:de:fd:11:
8b:90:75:bb:35:5e:5b:13:b3:4e:63:e5:f9:42:50:
94:a6:4e:ba:f8:59:bc:f6:7f:1a:4e:c4:69:47:4c:
cb:a7:8e:86:84:b2:fb:91:31:f1:9f:9f:44:56:13:
95:39:c1:42:d6:aa:45:db:ed:94:36:8d:9a:8f:92:
fd:7c:92:63:1f:5d:8e:f4:4c:93:74:e8:ec:b8:fc:
b2:a9:d5:9d:14:a9:4e:e7:03:a7:bb:d6:da:a9:ab:
2b:b0:c9:42:44:e9:a5:3e:2d:e9:96:47:b8:6a:23:
5c:1a:be:6a:66:65:26:45:9e:fe:5b:d4:76:07:f5:
9b:89:e5:37:2c:12:41:b9:e5:40:e7:40:df:c2:83:
53:02:78:26:6a:81:99:e4:c3:05:cd:8c:77:be:ce:
9a:f5:c5:f4:2a:a1:72:76:91:1b:a2:46:fd:95:49:
d1:fd:9e:95:0f:e7:3a:ff:6a:c9:0f:e2:a9:68:02:
1d:eb:c1:9e:89:b2:c6:bf:12:b5:f5:f7:0d:58:25:
d7:92:f2:06:98:1d:e4:bf:d7:73:c0:ad:91:08:68:
6b:06:40:df:a4:64:0f:f7:73:0c:07:fa:ed:e3:c0:
95:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:47:AD:28:1C:58:E0:F3:2D:94:82:33:4C:E0:79:6E:9B:05:D2:4E
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38302e37312e3134382e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.148.0/24
Signature Algorithm: sha256WithRSAEncryption
88:61:04:5e:c8:d4:87:fc:e0:14:bf:3e:f9:42:40:9e:61:0c:
2c:e6:ee:09:f5:3a:50:ab:fb:74:4b:e0:8e:8a:50:1d:b8:59:
24:97:50:f5:92:b0:13:d9:d3:a8:5e:f6:ca:60:17:ef:e0:c9:
6a:e1:22:c7:45:32:0a:1b:29:45:ba:95:03:4c:93:09:58:18:
de:84:a7:d2:05:9f:76:81:1b:f4:aa:2a:b2:d8:c7:42:c0:70:
d8:be:96:a2:0a:a5:59:15:58:10:3a:92:37:ce:2a:82:9c:66:
e4:ef:a8:74:49:25:d3:37:f2:c8:5f:36:dc:63:8e:a4:b3:05:
70:2c:1f:b7:77:b1:4a:dc:2f:78:e2:f6:7a:89:8b:62:90:36:
a9:95:2f:64:6a:98:20:59:a2:f1:15:ec:55:88:68:ba:5a:1e:
94:c5:f1:41:e5:7d:a3:92:6c:f5:f5:75:3e:f5:a6:f6:0f:fd:
de:62:f3:65:a2:3b:a4:51:b5:9f:80:39:96:91:81:1a:28:fb:
6b:23:6f:90:8d:97:25:02:ed:75:6e:91:2a:3f:35:c1:43:c3:
51:6b:bf:f2:15:5f:ba:d3:fc:1c:7f:74:34:47:c4:ff:b3:c6:
23:63:f8:27:27:72:19:b1:e4:b0:47:12:f6:37:3c:d3:7f:17:
55:97:32:79
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUei9ZtQj8DiR2V36Dj/CPcehE7IUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDExMjExNjM5MjBaFw0yNTExMjAxNjQ0MjBaMDMxMTAvBgNV
BAMTKDVFNDdBRDI4MUM1OEUwRjMyRDk0ODIzMzRDRTA3OTZFOUIwNUQyNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDByixBd4ylTCMW+4s3bKZDpxfz
pYQGIy29P979EYuQdbs1XlsTs05j5flCUJSmTrr4Wbz2fxpOxGlHTMunjoaEsvuR
MfGfn0RWE5U5wULWqkXb7ZQ2jZqPkv18kmMfXY70TJN06Oy4/LKp1Z0UqU7nA6e7
1tqpqyuwyUJE6aU+LemWR7hqI1wavmpmZSZFnv5b1HYH9ZuJ5TcsEkG55UDnQN/C
g1MCeCZqgZnkwwXNjHe+zpr1xfQqoXJ2kRuiRv2VSdH9npUP5zr/askP4qloAh3r
wZ6Jssa/ErX19w1YJdeS8gaYHeS/13PArZEIaGsGQN+kZA/3cwwH+u3jwJUTAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUXketKBxY4PMtlIIzTOB5bpsF0k4wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMwMmUzNzMxMmUz
MTM0MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABQR5QwDQYJKoZIhvcNAQELBQADggEBAIhhBF7I1If84BS/PvlCQJ5hDCzm
7gn1OlCr+3RL4I6KUB24WSSXUPWSsBPZ06he9spgF+/gyWrhIsdFMgobKUW6lQNM
kwlYGN6Ep9IFn3aBG/SqKrLYx0LAcNi+lqIKpVkVWBA6kjfOKoKcZuTvqHRJJdM3
8shfNtxjjqSzBXAsH7d3sUrcL3ji9nqJi2KQNqmVL2RqmCBZovEV7FWIaLpaHpTF
8UHlfaOSbPX1dT71pvYP/d5i82WiO6RRtZ+AOZaRgRoo+2sjb5CNlyUC7XVukSo/
NcFDw1Frv/IVX7rT/Bx/dDRHxP+zxiNj+Ccnchmx5LBHEvY3PNN/F1WXMnk=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:21 2024 by rpki-client on console-ams.rpki-client.org