Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3230312e302f32342d3234203d3e20323033303631.roa
File: 38332e3137312e3230312e302f32342d3234203d3e20323033303631.roa (raw, json)
Hash identifier: pd6METp5U4hn7jV9UCC0vJl1Qp9tPcqGJ822i2guGfQ=
Subject key identifier: A8:A8:A4:22:F2:25:60:28:75:71:1E:10:7E:CD:59:A0:B8:2C:84:2C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 344BE3A236C69B623923DB3A3BAE9E4694B994C5
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3230312e302f32342d3234203d3e20323033303631.roa
Signing time: Fri 27 Dec 2024 11:47:11 +0000
ROA not before: Fri 27 Dec 2024 11:42:11 +0000
ROA not after: Fri 26 Dec 2025 11:47:11 +0000
asID: 203061
IP address blocks: 83.171.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:4b:e3:a2:36:c6:9b:62:39:23:db:3a:3b:ae:9e:46:94:b9:94:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:11 2024 GMT
Not After : Dec 26 11:47:11 2025 GMT
Subject: CN=A8A8A422F225602875711E107ECD59A0B82C842C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:18:e1:70:51:08:c2:5a:5e:c7:f5:2d:34:62:
5a:3f:ac:c3:e3:b2:2c:d0:b0:a7:bd:2d:54:dc:ca:
16:00:78:f1:23:04:a8:b0:56:cc:91:f7:3a:88:36:
e3:01:c2:0c:8b:00:32:b6:a8:d8:91:13:f2:7d:86:
bc:70:8d:3f:14:78:e6:6a:e4:e7:28:eb:ec:76:3c:
13:7b:35:9e:20:85:88:14:36:fe:a7:37:2c:d5:8b:
6b:6d:0f:37:c7:b9:02:ce:63:3a:00:64:83:92:ac:
4f:ab:e5:78:8d:4a:5b:d4:44:8e:1b:d7:ba:bb:81:
a7:26:1a:b7:23:e9:44:f5:a1:d7:17:92:29:d4:65:
54:43:3f:96:b3:bc:b3:ec:d2:e6:bd:04:4c:47:89:
cf:0c:28:8f:4f:e1:fc:24:ed:0f:e2:d9:ee:74:0e:
20:65:9f:af:e6:5c:72:0b:59:aa:f0:80:9c:73:d0:
fb:1e:e4:27:2f:74:99:43:32:a3:99:55:f2:08:26:
df:ad:95:9b:bf:32:a6:2b:9a:37:6f:d4:85:0a:d0:
e9:3e:2a:a8:b1:77:91:6f:01:fe:3a:4b:61:08:3f:
4d:0c:ba:a2:40:bc:49:22:2f:91:bd:2e:b0:79:ed:
2f:a6:d7:f3:ca:7c:d4:55:88:1e:bf:59:07:54:f0:
e1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A8:A4:22:F2:25:60:28:75:71:1E:10:7E:CD:59:A0:B8:2C:84:2C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3230312e302f32342d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.201.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:c3:ff:7a:e1:27:10:7d:f0:30:60:63:b1:f0:f9:25:85:d2:
dc:57:62:88:d7:a2:78:76:c2:58:a0:9f:3c:df:43:a7:d2:47:
a4:66:74:62:9d:59:dc:d1:53:56:17:c2:66:96:19:c5:46:f7:
8f:e1:10:06:89:fe:2c:aa:64:96:a0:e5:27:76:09:9a:da:00:
01:58:ea:96:d7:79:f6:03:4a:2f:63:6d:dc:cb:7f:d9:9c:d2:
29:a4:22:c4:c3:be:64:de:10:3e:27:8b:29:e1:ea:83:65:29:
46:6f:9a:e5:f7:16:0b:c6:c5:dc:31:88:6f:30:df:0f:7b:66:
5b:5b:34:f6:50:bb:c7:7a:1b:90:63:85:81:99:2b:05:03:f5:
63:d1:84:73:75:12:f9:f8:9f:0b:d2:94:8a:97:79:29:38:9d:
ad:eb:ea:c4:e5:68:44:6c:50:1b:d7:d4:0e:9c:36:14:fd:69:
f4:cf:3a:31:c5:09:13:51:30:69:da:21:8b:08:a6:7b:72:fe:
d2:52:17:d7:d4:77:55:bf:ea:62:a4:16:a8:12:b4:2e:4e:5a:
74:f9:50:8c:ae:69:eb:5b:75:44:ec:39:79:6c:f6:f9:2b:dd:
fb:98:4c:38:fc:ca:be:64:c8:b9:94:18:f0:8f:70:e3:81:4e:
28:a7:71:c0
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUNEvjojbGm2I5I9s6O66eRpS5lMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTFaFw0yNTEyMjYxMTQ3MTFaMDMxMTAvBgNV
BAMTKEE4QThBNDIyRjIyNTYwMjg3NTcxMUUxMDdFQ0Q1OUEwQjgyQzg0MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2GOFwUQjCWl7H9S00Ylo/rMPj
sizQsKe9LVTcyhYAePEjBKiwVsyR9zqINuMBwgyLADK2qNiRE/J9hrxwjT8UeOZq
5Oco6+x2PBN7NZ4ghYgUNv6nNyzVi2ttDzfHuQLOYzoAZIOSrE+r5XiNSlvURI4b
17q7gacmGrcj6UT1odcXkinUZVRDP5azvLPs0ua9BExHic8MKI9P4fwk7Q/i2e50
DiBln6/mXHILWarwgJxz0Pse5CcvdJlDMqOZVfIIJt+tlZu/MqYrmjdv1IUK0Ok+
Kqixd5FvAf46S2EIP00MuqJAvEkiL5G9LrB57S+m1/PKfNRViB6/WQdU8OFRAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUqKikIvIlYCh1cR4Qfs1ZoLgshCwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMzMmUzMTM3MzEy
ZTMyMzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzYzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAFOryTANBgkqhkiG9w0BAQsFAAOCAQEAm8P/euEnEH3wMGBjsfD5JYXS
3FdiiNeieHbCWKCfPN9Dp9JHpGZ0Yp1Z3NFTVhfCZpYZxUb3j+EQBon+LKpklqDl
J3YJmtoAAVjqltd59gNKL2Nt3Mt/2ZzSKaQixMO+ZN4QPieLKeHqg2UpRm+a5fcW
C8bF3DGIbzDfD3tmW1s09lC7x3obkGOFgZkrBQP1Y9GEc3US+fifC9KUipd5KTid
revqxOVoRGxQG9fUDpw2FP1p9M86McUJE1Ewadohiwime3L+0lIX19R3Vb/qYqQW
qBK0Lk5adPlQjK5p61t1ROw5eWz2+Svd+5hMOPzKvmTIuZQY8I9w44FOKKdxwA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:39:52 2025 by rpki-client