Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3234382e302f32332d3332203d3e203531313637.roa
File: 38332e3137312e3234382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: bd1spDES0GkbecvJJ4LoNOeC8QvnIxUqSeurWewBOro=
Subject key identifier: 76:6A:EE:CB:83:55:DE:F0:62:5E:A2:AB:F2:68:81:06:BA:C2:E4:3F
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4BE0894E0167B3AF046805ABA2A93994A08070BF
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3234382e302f32332d3332203d3e203531313637.roa
Signing time: Fri 20 Dec 2024 15:23:36 +0000
ROA not before: Fri 20 Dec 2024 15:18:36 +0000
ROA not after: Fri 19 Dec 2025 15:23:36 +0000
asID: 51167
IP address blocks: 83.171.248.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 14:31:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:e0:89:4e:01:67:b3:af:04:68:05:ab:a2:a9:39:94:a0:80:70:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:36 2024 GMT
Not After : Dec 19 15:23:36 2025 GMT
Subject: CN=766AEECB8355DEF0625EA2ABF2688106BAC2E43F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2c:98:eb:38:d6:67:e7:f4:ac:34:c1:c6:2d:
ab:21:4b:78:f6:3a:3c:d3:b8:da:f9:57:67:5d:83:
95:c6:d6:6a:79:1f:25:5b:9b:d1:f3:78:51:67:77:
6a:2b:11:eb:61:9e:6e:9c:39:56:a8:41:3b:0a:9b:
96:27:cf:b3:ff:ca:32:0d:88:1e:7b:8a:5f:4f:25:
d4:91:1a:9b:7e:ef:63:20:bc:b7:2b:aa:cb:3a:06:
2d:e2:84:96:c3:6b:da:da:b1:8a:5f:40:ad:6a:3d:
26:a0:d3:af:db:0b:61:2c:9c:89:36:17:54:7d:dc:
26:62:6c:d9:a9:ef:fe:47:40:b4:f0:14:dd:87:5f:
cc:8b:13:e0:8c:aa:29:a5:93:f8:fc:82:73:b5:8f:
ed:21:85:3b:6a:fa:c4:a3:d5:b5:e1:c5:82:fa:92:
90:00:6e:e7:bc:c9:b8:e2:0c:d8:80:a3:2c:10:fe:
69:3e:a8:5f:a2:73:f0:ef:d4:20:5d:43:3c:77:ef:
f4:31:41:72:b5:59:17:66:02:7f:c3:05:82:63:91:
45:d8:e6:8c:55:16:b4:71:92:ef:8c:43:dc:4f:f9:
3e:a7:0f:8d:e7:bf:2b:72:7c:f9:1d:6a:ee:a8:d0:
b1:ff:34:d4:ee:d7:58:65:a3:06:5b:51:0f:2e:e6:
ba:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6A:EE:CB:83:55:DE:F0:62:5E:A2:AB:F2:68:81:06:BA:C2:E4:3F
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38332e3137312e3234382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.248.0/23
Signature Algorithm: sha256WithRSAEncryption
60:14:fc:43:62:63:18:d3:fc:44:a6:64:13:6b:ed:7b:9a:26:
fc:39:98:e5:5d:ab:d2:92:22:13:53:14:a2:aa:ec:27:19:3e:
98:34:dc:10:31:15:41:a5:d3:12:2c:83:96:14:f5:e0:dd:cc:
40:cb:c2:56:f1:0f:c2:2f:c2:4f:9e:c0:d3:fd:84:80:b6:e0:
14:a7:aa:ff:c6:05:e9:79:92:c3:90:cc:84:37:54:ad:05:20:
a2:58:cc:f7:f9:9e:ee:dd:81:ee:6f:13:3a:93:f1:15:7b:a0:
97:04:5c:8c:ef:df:af:a6:b7:9c:f0:c0:db:0d:9e:db:ec:f3:
35:4c:1c:99:da:9a:b1:65:26:19:b7:a0:fe:84:85:2f:4b:4d:
5a:5b:8f:72:06:22:2f:7b:13:d5:a8:42:fa:56:d4:7c:b2:33:
c3:67:31:32:18:22:90:6c:f6:26:15:be:81:37:3d:07:ce:cd:
88:56:f4:3b:3d:d4:dc:4a:0f:ab:ec:db:b9:5d:90:14:e1:b5:
67:ca:5f:1b:b1:cb:ca:d6:b1:54:28:df:5e:3d:32:24:88:ae:
e8:a7:bf:e7:43:c0:33:4e:51:e6:a1:fa:30:ee:b7:5d:e0:7c:
b6:72:35:26:07:38:9c:c3:e8:77:53:a6:57:09:47:85:93:66:
4a:e1:37:29
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUS+CJTgFns68EaAWroqk5lKCAcL8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzZaFw0yNTEyMTkxNTIzMzZaMDMxMTAvBgNV
BAMTKDc2NkFFRUNCODM1NURFRjA2MjVFQTJBQkYyNjg4MTA2QkFDMkU0M0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDILJjrONZn5/SsNMHGLashS3j2
OjzTuNr5V2ddg5XG1mp5HyVbm9HzeFFnd2orEethnm6cOVaoQTsKm5Ynz7P/yjIN
iB57il9PJdSRGpt+72MgvLcrqss6Bi3ihJbDa9rasYpfQK1qPSag06/bC2EsnIk2
F1R93CZibNmp7/5HQLTwFN2HX8yLE+CMqimlk/j8gnO1j+0hhTtq+sSj1bXhxYL6
kpAAbue8ybjiDNiAoywQ/mk+qF+ic/Dv1CBdQzx37/QxQXK1WRdmAn/DBYJjkUXY
5oxVFrRxku+MQ9xP+T6nD43nvytyfPkdau6o0LH/NNTu11hlowZbUQ8u5rp9AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUdmruy4NV3vBiXqKr8miBBrrC5D8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODMzMmUzMTM3MzEy
ZTMyMzQzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFTq/gwDQYJKoZIhvcNAQELBQADggEBAGAU/ENiYxjT/ESmZBNr7XuaJvw5
mOVdq9KSIhNTFKKq7CcZPpg03BAxFUGl0xIsg5YU9eDdzEDLwlbxD8Ivwk+ewNP9
hIC24BSnqv/GBel5ksOQzIQ3VK0FIKJYzPf5nu7dge5vEzqT8RV7oJcEXIzv36+m
t5zwwNsNntvs8zVMHJnamrFlJhm3oP6EhS9LTVpbj3IGIi97E9WoQvpW1HyyM8Nn
MTIYIpBs9iYVvoE3PQfOzYhW9Ds91NxKD6vs27ldkBThtWfKXxuxy8rWsVQo3149
MiSIruinv+dDwDNOUeah+jDut13gfLZyNSYHOJzD6HdTplcJR4WTZkrhNyk=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:18:31 2025 by rpki-client