Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38352e3230322e38322e302f32342d3332203d3e203536383736.roa
File: 38352e3230322e38322e302f32342d3332203d3e203536383736.roa (raw, json)
Hash identifier: Hg++MQsNZnrjRowrGXydll4RPAEDlPyooCJE45OrzdQ=
Subject key identifier: 5D:18:80:E9:78:35:CC:DA:B0:EF:49:BA:81:8E:BA:EC:9F:50:28:76
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 024FDF826DC26F22B0A296836CEA6E9587E0A50A
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38352e3230322e38322e302f32342d3332203d3e203536383736.roa
Signing time: Fri 27 Dec 2024 11:47:36 +0000
ROA not before: Fri 27 Dec 2024 11:42:36 +0000
ROA not after: Fri 26 Dec 2025 11:47:36 +0000
asID: 56876
IP address blocks: 85.202.82.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:4f:df:82:6d:c2:6f:22:b0:a2:96:83:6c:ea:6e:95:87:e0:a5:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:36 2024 GMT
Not After : Dec 26 11:47:36 2025 GMT
Subject: CN=5D1880E97835CCDAB0EF49BA818EBAEC9F502876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1b:ce:c1:63:01:ec:48:ea:cf:4c:b3:df:05:
0f:d6:42:32:7d:ae:b8:8f:78:9b:2a:25:5d:77:9c:
8e:f0:54:5d:63:be:d2:76:af:95:05:30:e1:09:1c:
db:59:55:c0:54:7b:77:a8:67:49:4c:68:59:d7:40:
93:cd:43:f8:69:7f:2d:c8:8d:31:54:86:92:6b:24:
c8:72:82:a2:07:6b:63:a8:d4:38:e4:46:7e:c0:18:
74:2b:51:92:50:26:b6:6c:db:e2:8f:88:10:54:40:
c7:d5:96:e6:ff:79:44:c9:f8:61:b6:3d:9a:5f:7f:
fb:88:6a:5d:d3:f5:b2:e5:83:02:f5:16:0c:4e:37:
0b:6e:8c:ff:87:2e:fa:a7:19:7d:73:db:fb:fa:ea:
51:65:d1:51:3a:c1:b5:7c:fb:d0:ce:2c:7a:63:9b:
47:5c:a3:8f:1b:74:43:93:a8:bb:00:ec:54:81:83:
36:21:ea:65:c8:58:f1:c4:06:6f:c5:4e:35:1a:eb:
9c:3a:62:a2:35:63:9b:87:b5:1a:fa:2f:2b:84:5a:
cb:c3:c6:dc:f5:eb:55:ef:48:a1:06:fe:e5:68:8c:
06:45:7b:ee:62:16:8e:0a:50:22:a3:15:95:8c:d3:
88:4c:8e:a3:2b:15:95:ae:23:e2:38:e7:52:22:2f:
a7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:18:80:E9:78:35:CC:DA:B0:EF:49:BA:81:8E:BA:EC:9F:50:28:76
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38352e3230322e38322e302f32342d3332203d3e203536383736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.82.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:b4:f1:81:26:cf:bc:fc:91:6a:31:48:07:64:bb:14:7d:a6:
fe:e2:cc:a0:ad:89:49:5c:1f:8a:f1:76:15:3f:bd:9f:22:88:
75:89:fd:dd:60:e3:20:53:9f:4c:c8:08:31:8d:6c:51:93:76:
15:bd:4a:3b:75:20:c1:09:d5:66:74:df:d6:e7:ec:ac:c6:23:
ad:62:99:ca:a1:c2:9a:b7:77:66:04:25:dd:be:2e:e3:82:19:
b2:4a:10:7e:6e:03:40:c5:c6:9e:03:6e:c1:a0:85:e6:22:dc:
f2:07:a3:00:59:e0:10:68:1c:06:96:6b:3d:6e:20:c4:de:9b:
23:c2:a7:46:21:a8:a0:ca:86:92:c6:17:59:59:01:2f:0a:12:
5e:64:67:f8:52:ae:12:88:35:62:f7:aa:d9:d3:22:29:32:8e:
d9:fc:0d:9a:d2:3e:8e:80:e9:53:ca:c3:11:e2:89:ff:c9:0c:
93:19:7e:c7:41:f7:0e:7e:fc:15:f6:53:9b:39:f4:4d:90:0e:
c4:3a:c5:c2:f5:9b:8b:27:8e:db:56:52:47:ce:7f:32:5a:fc:
17:af:6a:99:0f:e2:05:18:82:fc:7d:eb:75:e4:ff:d7:1e:2f:
9f:ea:ed:a2:8f:12:17:65:12:62:30:47:4b:ab:93:22:4f:86:
65:37:1c:41
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUAk/fgm3CbyKwopaDbOpulYfgpQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzZaFw0yNTEyMjYxMTQ3MzZaMDMxMTAvBgNV
BAMTKDVEMTg4MEU5NzgzNUNDREFCMEVGNDlCQTgxOEVCQUVDOUY1MDI4NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWG87BYwHsSOrPTLPfBQ/WQjJ9
rriPeJsqJV13nI7wVF1jvtJ2r5UFMOEJHNtZVcBUe3eoZ0lMaFnXQJPNQ/hpfy3I
jTFUhpJrJMhygqIHa2Oo1DjkRn7AGHQrUZJQJrZs2+KPiBBUQMfVlub/eUTJ+GG2
PZpff/uIal3T9bLlgwL1FgxONwtujP+HLvqnGX1z2/v66lFl0VE6wbV8+9DOLHpj
m0dco48bdEOTqLsA7FSBgzYh6mXIWPHEBm/FTjUa65w6YqI1Y5uHtRr6LyuEWsvD
xtz161XvSKEG/uVojAZFe+5iFo4KUCKjFZWM04hMjqMrFZWuI+I451IiL6czAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUXRiA6Xg1zNqw70m6gY667J9QKHYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODM1MmUzMjMwMzIy
ZTM4MzIyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTM2MzgzNzM2LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAVcpSMA0GCSqGSIb3DQEBCwUAA4IBAQB/tPGBJs+8/JFqMUgHZLsUfab+4syg
rYlJXB+K8XYVP72fIoh1if3dYOMgU59MyAgxjWxRk3YVvUo7dSDBCdVmdN/W5+ys
xiOtYpnKocKat3dmBCXdvi7jghmyShB+bgNAxcaeA27BoIXmItzyB6MAWeAQaBwG
lms9biDE3psjwqdGIaigyoaSxhdZWQEvChJeZGf4Uq4SiDVi96rZ0yIpMo7Z/A2a
0j6OgOlTysMR4on/yQyTGX7HQfcOfvwV9lObOfRNkA7EOsXC9ZuLJ47bVlJHzn8y
WvwXr2qZD+IFGIL8fet15P/XHi+f6u2ijxIXZRJiMEdLq5MiT4ZlNxxB
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:13:15 2025 by rpki-client