Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3230302e302f32342d3234203d3e20323033303631.roa
File: 38332e3137312e3230302e302f32342d3234203d3e20323033303631.roa (raw, json)
Hash identifier: 1hAY4x2+gfxo7Q55bq5B2vT4FOkLLCxNRnS+FoVzXfA=
Subject key identifier: 68:B4:DB:5C:CA:D8:28:96:05:A8:5D:D1:9C:9E:6D:C9:6C:BC:6F:02
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4FAB38514F66364B1C82A40092385D4BEF2E71A6
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3230302e302f32342d3234203d3e20323033303631.roa
Signing time: Fri 27 Dec 2024 11:47:32 +0000
ROA not before: Fri 27 Dec 2024 11:42:32 +0000
ROA not after: Fri 26 Dec 2025 11:47:32 +0000
asID: 203061
IP address blocks: 83.171.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:ab:38:51:4f:66:36:4b:1c:82:a4:00:92:38:5d:4b:ef:2e:71:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:32 2024 GMT
Not After : Dec 26 11:47:32 2025 GMT
Subject: CN=68B4DB5CCAD8289605A85DD19C9E6DC96CBC6F02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:21:00:1b:84:47:5b:51:3f:e1:06:50:a6:d1:
35:ee:df:46:17:8d:6c:d1:f4:3f:08:a0:6e:ae:47:
5b:d4:ac:6c:6e:9e:18:5a:86:4d:11:90:1a:d3:f4:
2e:09:34:15:e6:f6:19:00:ce:e5:74:fd:e1:c7:a4:
33:63:09:c6:2f:2f:49:c2:f4:81:b8:ce:d7:78:0e:
6d:ab:67:02:d8:5d:95:f4:d9:d3:7e:e3:00:19:da:
62:14:54:d4:90:f8:69:ae:bd:46:2e:2f:54:00:b9:
bd:7d:e4:c8:60:4c:5a:d3:28:54:26:78:10:1f:d3:
cb:1b:7b:73:93:96:68:b6:39:06:ad:18:a1:62:0c:
ba:67:dd:63:f4:5a:68:61:fc:17:c0:6b:7c:a8:93:
05:a4:4a:55:99:d0:25:d9:81:55:4b:27:7b:f8:42:
83:ed:aa:75:11:20:e7:eb:a2:c2:92:74:e6:fc:08:
e3:40:df:d9:9f:39:52:6f:e7:66:89:d1:1d:13:42:
6e:41:1e:76:ea:bf:4d:bb:8d:8b:55:c8:e4:11:3c:
b7:9e:06:42:93:77:07:90:fd:8c:7e:90:10:3d:5f:
bb:7d:47:df:12:e7:f4:0a:ef:27:5c:17:cc:af:8c:
d6:c0:72:d0:47:f4:b3:f7:b2:f8:e7:9f:6d:ee:e6:
b2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B4:DB:5C:CA:D8:28:96:05:A8:5D:D1:9C:9E:6D:C9:6C:BC:6F:02
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3230302e302f32342d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.200.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e1:15:50:2e:3b:e1:ac:41:f5:78:b7:ea:4c:27:39:40:bd:
8f:5e:dd:11:85:24:42:33:ac:66:31:02:56:4c:1f:1b:e5:d7:
4d:63:91:32:9c:8e:7e:b2:7b:5d:b5:c1:12:37:61:3f:3b:07:
5e:66:a0:b6:b7:1a:c4:cb:17:a6:c3:e9:6c:e9:96:2a:8c:1b:
77:13:d2:97:1d:e3:13:40:83:9d:12:66:17:26:fb:40:f5:8f:
0a:ac:2f:56:32:f5:d8:19:58:08:4b:72:0a:6c:ce:5c:9a:d2:
87:db:e7:96:c5:95:51:aa:40:0a:9e:30:e7:b9:e3:cd:48:20:
7c:f2:74:9b:5b:05:d0:32:b5:da:ae:78:c9:23:82:95:7e:f5:
c0:df:45:e6:0c:99:2a:94:66:93:6a:c5:e1:35:a7:f2:23:1c:
cc:b6:8e:4b:98:a4:ab:19:c2:02:4d:38:ff:1c:86:4d:0d:37:
1f:cd:5d:93:5c:b7:5c:b5:0f:92:08:0c:ad:54:fc:d7:bf:ab:
11:da:b2:cd:5b:0a:c8:a4:d3:1a:69:db:9f:e3:33:93:47:2e:
f0:2c:cc:47:4a:e4:ff:83:a2:5e:8e:96:09:47:ba:cc:9c:64:
90:c8:03:92:3f:ab:d1:eb:f0:7a:27:0b:fe:6a:f8:2b:48:cf:
be:af:95:60
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUT6s4UU9mNkscgqQAkjhdS+8ucaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzJaFw0yNTEyMjYxMTQ3MzJaMDMxMTAvBgNV
BAMTKDY4QjREQjVDQ0FEODI4OTYwNUE4NUREMTlDOUU2REM5NkNCQzZGMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhIQAbhEdbUT/hBlCm0TXu30YX
jWzR9D8IoG6uR1vUrGxunhhahk0RkBrT9C4JNBXm9hkAzuV0/eHHpDNjCcYvL0nC
9IG4ztd4Dm2rZwLYXZX02dN+4wAZ2mIUVNSQ+GmuvUYuL1QAub195MhgTFrTKFQm
eBAf08sbe3OTlmi2OQatGKFiDLpn3WP0Wmhh/BfAa3yokwWkSlWZ0CXZgVVLJ3v4
QoPtqnURIOfrosKSdOb8CONA39mfOVJv52aJ0R0TQm5BHnbqv027jYtVyOQRPLee
BkKTdweQ/Yx+kBA9X7t9R98S5/QK7ydcF8yvjNbActBH9LP3svjnn23u5rI9AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUaLTbXMrYKJYFqF3RnJ5tyWy8bwIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMzMmUzMTM3MzEy
ZTMyMzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzYzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAFOryDANBgkqhkiG9w0BAQsFAAOCAQEAEuEVUC474axB9Xi36kwnOUC9
j17dEYUkQjOsZjECVkwfG+XXTWORMpyOfrJ7XbXBEjdhPzsHXmagtrcaxMsXpsPp
bOmWKowbdxPSlx3jE0CDnRJmFyb7QPWPCqwvVjL12BlYCEtyCmzOXJrSh9vnlsWV
UapACp4w57njzUggfPJ0m1sF0DK12q54ySOClX71wN9F5gyZKpRmk2rF4TWn8iMc
zLaOS5ikqxnCAk04/xyGTQ03H81dk1y3XLUPkggMrVT817+rEdqyzVsKyKTTGmnb
n+Mzk0cu8CzMR0rk/4OiXo6WCUe6zJxkkMgDkj+r0evweicL/mr4K0jPvq+VYA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:39:50 2025 by rpki-client