Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38312e32322e33382e302f32342d3332203d3e203531313637.roa
File: 38312e32322e33382e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: lYBaCE79gCKjCoZZEMj0AvAruL+3a0mSJvMXbMCDh5c=
Subject key identifier: C4:28:55:19:55:56:7A:E5:E0:02:97:E9:53:4B:F2:6E:15:CB:A9:CD
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0F001C68F66E45FBFFF07104AC76CD2A717C695F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38312e32322e33382e302f32342d3332203d3e203531313637.roa
Signing time: Fri 20 Dec 2024 15:23:32 +0000
ROA not before: Fri 20 Dec 2024 15:18:32 +0000
ROA not after: Fri 19 Dec 2025 15:23:32 +0000
asID: 51167
IP address blocks: 81.22.38.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:00:1c:68:f6:6e:45:fb:ff:f0:71:04:ac:76:cd:2a:71:7c:69:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:32 2024 GMT
Not After : Dec 19 15:23:32 2025 GMT
Subject: CN=C428551955567AE5E00297E9534BF26E15CBA9CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8a:f9:ea:88:5c:ec:17:a6:70:e3:d2:72:2e:
6c:94:42:01:11:72:e9:ed:9c:e0:43:f2:99:31:eb:
fc:b0:2e:20:d3:29:fd:33:4a:f8:29:2c:c8:38:c0:
37:cb:9e:17:0d:a3:af:e8:98:76:75:70:13:29:b2:
59:9d:b7:eb:87:a0:47:c0:5f:6f:43:03:70:7d:f0:
b9:e4:53:61:63:23:4d:06:b8:3a:68:e4:46:d5:15:
45:22:96:ad:5a:3f:0c:a9:ad:99:e5:64:7f:67:0b:
b7:af:2b:8c:75:06:65:7d:98:a1:71:39:d1:88:d6:
17:16:cc:8a:dd:7c:cc:1f:39:60:52:6f:00:10:fc:
60:66:c1:65:6d:62:45:5d:8e:87:04:a8:3d:41:16:
27:1f:50:29:42:0e:de:ae:38:f7:69:e1:26:9c:88:
d4:8e:b0:d0:7f:e7:5e:43:bc:55:bc:64:dc:c9:40:
3f:00:f5:9e:ea:0e:61:39:d4:58:69:e7:73:6f:40:
8e:5a:a4:af:d9:96:78:02:76:82:d2:3e:bd:e1:35:
16:73:48:80:ff:7f:57:9a:e7:90:7d:04:44:bc:8b:
d9:b6:65:6a:ff:a4:6f:71:73:a8:7a:82:7b:5b:3d:
b2:66:9f:bf:df:9d:2e:d1:ae:f7:e6:8c:3b:c6:97:
11:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:28:55:19:55:56:7A:E5:E0:02:97:E9:53:4B:F2:6E:15:CB:A9:CD
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38312e32322e33382e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.38.0/24
Signature Algorithm: sha256WithRSAEncryption
da:59:24:0f:5d:7a:c3:3e:7f:45:a2:31:a3:7c:c7:69:7e:81:
b5:78:1a:51:f5:3a:4f:19:59:45:23:dd:af:7b:d6:d6:6f:a8:
df:3a:7f:9a:7d:4d:f3:31:60:e5:75:67:ca:c8:3d:cd:ab:3a:
64:78:db:3e:e1:a1:fe:37:55:3a:8d:d1:85:4b:6b:28:73:26:
1f:95:8c:9a:5e:3a:36:4e:53:33:56:aa:86:7f:76:b1:c2:7c:
03:9b:99:28:73:f9:e5:c0:07:63:d7:9c:33:3c:7f:d1:b6:37:
41:16:df:9b:56:f0:7d:65:40:11:f1:d2:01:7f:13:f6:79:ba:
a6:94:30:44:9a:40:9d:50:c1:5a:fc:57:6f:1e:be:22:c9:75:
76:70:c5:74:92:6e:fa:e3:a5:69:3a:7d:2c:69:13:51:6a:cc:
e7:06:0e:32:78:1e:a9:ea:98:19:8b:1c:24:2b:ab:9e:8d:9c:
ae:d7:4f:cc:07:1a:6a:28:79:25:cb:58:a3:b0:d0:7d:46:18:
4b:16:21:32:f0:5e:87:17:64:e3:1a:59:31:0a:93:a8:d7:8f:
08:72:91:8d:c7:17:47:6b:c5:30:f1:99:1c:39:fa:63:4d:db:
81:3e:da:36:59:ab:2f:c3:54:69:4d:48:2f:f0:b1:da:d4:a9:
4b:eb:a0:bd
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUDwAcaPZuRfv/8HEErHbNKnF8aV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzJaFw0yNTEyMTkxNTIzMzJaMDMxMTAvBgNV
BAMTKEM0Mjg1NTE5NTU1NjdBRTVFMDAyOTdFOTUzNEJGMjZFMTVDQkE5Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClivnqiFzsF6Zw49JyLmyUQgER
cuntnOBD8pkx6/ywLiDTKf0zSvgpLMg4wDfLnhcNo6/omHZ1cBMpslmdt+uHoEfA
X29DA3B98LnkU2FjI00GuDpo5EbVFUUilq1aPwyprZnlZH9nC7evK4x1BmV9mKFx
OdGI1hcWzIrdfMwfOWBSbwAQ/GBmwWVtYkVdjocEqD1BFicfUClCDt6uOPdp4Sac
iNSOsNB/515DvFW8ZNzJQD8A9Z7qDmE51Fhp53NvQI5apK/ZlngCdoLSPr3hNRZz
SID/f1ea55B9BES8i9m2ZWr/pG9xc6h6gntbPbJmn7/fnS7RrvfmjDvGlxGbAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUxChVGVVWeuXgApfpU0vybhXLqc0wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMxMmUzMjMyMmUz
MzM4MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AFEWJjANBgkqhkiG9w0BAQsFAAOCAQEA2lkkD116wz5/RaIxo3zHaX6BtXgaUfU6
TxlZRSPdr3vW1m+o3zp/mn1N8zFg5XVnysg9zas6ZHjbPuGh/jdVOo3RhUtrKHMm
H5WMml46Nk5TM1aqhn92scJ8A5uZKHP55cAHY9ecMzx/0bY3QRbfm1bwfWVAEfHS
AX8T9nm6ppQwRJpAnVDBWvxXbx6+Isl1dnDFdJJu+uOlaTp9LGkTUWrM5wYOMnge
qeqYGYscJCurno2crtdPzAcaaih5JctYo7DQfUYYSxYhMvBehxdk4xpZMQqTqNeP
CHKRjccXR2vFMPGZHDn6Y03bgT7aNlmrL8NUaU1IL/Cx2tSpS+ugvQ==
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:14:45 2025 by rpki-client