Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38312e32322e33392e302f32342d3234203d3e203632323430.roa
File: 38312e32322e33392e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: 5pRNHUAKC2SToNVDcu87Ts0PhWXTuBgZ6GpOuJpHt7c=
Subject key identifier: 6E:EC:18:3E:08:7D:3C:6A:71:06:E7:51:46:9C:4B:B2:BC:AA:CF:3F
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 338F0B0AF5A0FCB9DFB508EEF1A87656A90431D3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38312e32322e33392e302f32342d3234203d3e203632323430.roa
Signing time: Fri 20 Dec 2024 15:23:36 +0000
ROA not before: Fri 20 Dec 2024 15:18:36 +0000
ROA not after: Fri 19 Dec 2025 15:23:36 +0000
asID: 62240
IP address blocks: 81.22.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 08:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:8f:0b:0a:f5:a0:fc:b9:df:b5:08:ee:f1:a8:76:56:a9:04:31:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:36 2024 GMT
Not After : Dec 19 15:23:36 2025 GMT
Subject: CN=6EEC183E087D3C6A7106E751469C4BB2BCAACF3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ef:24:78:2a:b3:0d:4d:39:85:57:ea:41:8c:
21:2e:61:35:74:4b:f0:78:51:db:ea:16:09:1e:11:
8c:27:67:d5:8e:6c:00:5c:a6:09:64:2c:16:c6:22:
d8:bc:1c:2e:98:26:51:9f:29:52:0b:ad:f6:cd:2a:
ee:84:95:1d:63:6d:3a:97:45:cd:9c:41:db:38:1d:
8f:52:c6:ae:ef:48:34:d0:fd:1b:b3:fe:1d:cf:fe:
28:2e:f5:47:32:1d:99:28:32:21:6f:78:fc:47:75:
07:e3:7e:fa:7a:3e:a5:fc:a6:f4:a6:88:80:06:f8:
d4:4d:b4:b5:53:f6:63:a0:5b:d0:97:db:c9:f9:be:
6b:66:47:67:be:aa:59:af:b8:8b:40:a1:0a:ed:68:
6f:26:75:84:b6:82:2f:07:ef:ec:df:6f:ae:d7:05:
24:c0:e8:d6:67:02:70:bb:7d:f3:90:a2:a5:a6:6c:
03:89:35:cb:6e:56:09:be:90:b4:34:eb:7d:f1:26:
7e:73:ef:22:a9:7e:7d:d1:14:15:27:02:0c:60:fb:
19:30:a0:4e:ba:ee:3f:9f:35:69:2c:3c:e8:78:d1:
1c:33:b3:1f:67:8f:7d:1e:0c:30:bf:a3:79:8e:07:
2b:99:e2:41:a0:35:5e:19:26:d7:4b:6d:6b:d7:4f:
f3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EC:18:3E:08:7D:3C:6A:71:06:E7:51:46:9C:4B:B2:BC:AA:CF:3F
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38312e32322e33392e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.39.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:2e:11:5e:51:18:28:8d:25:3f:ab:c7:b3:44:fd:ba:e6:20:
1f:f2:2d:34:e1:c9:4e:46:a7:7c:fc:85:bc:51:ac:2b:68:40:
19:91:b2:b9:c0:b1:ac:1a:44:59:ea:cd:ff:31:04:46:a7:54:
cd:76:77:02:d5:70:2e:da:15:30:65:1c:87:72:37:61:9d:ff:
43:eb:58:f4:ac:02:d1:10:2c:8d:f1:7f:7b:75:fc:22:bd:56:
ce:ea:a5:08:d6:18:36:7a:26:a2:a7:85:d4:8b:0f:58:f3:ac:
70:42:04:17:23:f3:67:fc:ef:24:2d:4c:8f:e0:72:24:3d:84:
90:0a:aa:da:f8:a4:31:6e:8c:6b:0b:0f:a8:76:1c:0e:22:6a:
82:6a:26:38:b8:3b:84:34:e3:0d:08:40:78:80:7c:2f:39:27:
fe:f8:ea:1d:9f:6b:d5:55:88:b6:f6:3c:2b:7f:31:e0:04:b7:
79:bf:16:77:12:77:7c:46:90:54:ca:26:17:40:3a:d3:fe:54:
c6:93:44:27:c2:63:f1:26:ed:ce:83:94:53:e3:a0:44:4f:d2:
32:6d:a5:6a:8c:53:40:cb:fb:01:06:ff:2f:b3:ec:f7:a5:9a:
20:72:6c:fe:55:02:ac:88:f3:6e:90:fe:f8:d6:87:8f:5f:c4:
75:50:86:c4
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUM48LCvWg/LnftQju8ah2VqkEMdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzZaFw0yNTEyMTkxNTIzMzZaMDMxMTAvBgNV
BAMTKDZFRUMxODNFMDg3RDNDNkE3MTA2RTc1MTQ2OUM0QkIyQkNBQUNGM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN7yR4KrMNTTmFV+pBjCEuYTV0
S/B4UdvqFgkeEYwnZ9WObABcpglkLBbGIti8HC6YJlGfKVILrfbNKu6ElR1jbTqX
Rc2cQds4HY9Sxq7vSDTQ/Ruz/h3P/igu9UcyHZkoMiFvePxHdQfjfvp6PqX8pvSm
iIAG+NRNtLVT9mOgW9CX28n5vmtmR2e+qlmvuItAoQrtaG8mdYS2gi8H7+zfb67X
BSTA6NZnAnC7ffOQoqWmbAOJNctuVgm+kLQ0633xJn5z7yKpfn3RFBUnAgxg+xkw
oE667j+fNWksPOh40Rwzsx9nj30eDDC/o3mOByuZ4kGgNV4ZJtdLbWvXT/O9AgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUbuwYPgh9PGpxBudRRpxLsryqzz8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMxMmUzMjMyMmUz
MzM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMjMyMzQzMC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AFEWJzANBgkqhkiG9w0BAQsFAAOCAQEAvS4RXlEYKI0lP6vHs0T9uuYgH/ItNOHJ
TkanfPyFvFGsK2hAGZGyucCxrBpEWerN/zEERqdUzXZ3AtVwLtoVMGUch3I3YZ3/
Q+tY9KwC0RAsjfF/e3X8Ir1WzuqlCNYYNnomoqeF1IsPWPOscEIEFyPzZ/zvJC1M
j+ByJD2EkAqq2vikMW6MawsPqHYcDiJqgmomOLg7hDTjDQhAeIB8Lzkn/vjqHZ9r
1VWItvY8K38x4AS3eb8WdxJ3fEaQVMomF0A60/5UxpNEJ8Jj8SbtzoOUU+OgRE/S
Mm2laoxTQMv7AQb/L7Ps96WaIHJs/lUCrIjzbpD++NaHj1/EdVCGxA==
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:18:41 2025 by rpki-client