Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38352e3230382e3135362e302f32342d3234203d3e20313336373837.roa
File: 38352e3230382e3135362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: qDwdA0yxWkP+Uein8Ne73IC7TaCTVtBq09Fx9UgvJbA=
Subject key identifier: 25:08:65:BB:FE:7A:B5:D1:21:FC:DC:FE:88:78:95:B4:DC:5A:CA:02
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 713CC1C4863E1A6A0D1EAE30096887D34ECA94F9
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38352e3230382e3135362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:26 +0000
ROA not before: Fri 20 Dec 2024 15:18:26 +0000
ROA not after: Fri 19 Dec 2025 15:23:26 +0000
asID: 136787
IP address blocks: 85.208.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:3c:c1:c4:86:3e:1a:6a:0d:1e:ae:30:09:68:87:d3:4e:ca:94:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:26 2024 GMT
Not After : Dec 19 15:23:26 2025 GMT
Subject: CN=250865BBFE7AB5D121FCDCFE887895B4DC5ACA02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:92:99:1c:45:f2:a1:60:8f:ee:46:fa:01:72:
c3:28:82:11:ff:0c:d6:ea:bd:c6:7c:42:b0:57:ef:
0f:e4:39:15:d5:f1:42:e5:cc:14:36:af:d3:3a:9f:
5e:58:44:66:ea:b9:f5:4b:73:6c:4c:5f:c0:e8:9e:
cc:0b:0a:04:11:e9:29:ff:b1:74:9d:01:8e:f6:e5:
5d:86:6d:06:f2:c3:37:33:1e:ff:50:27:4d:e6:a3:
02:27:80:42:cf:95:1a:8c:0f:46:aa:a7:fe:e5:1c:
fe:6e:20:79:59:23:bc:e5:34:e4:ae:27:7f:cf:70:
0b:5b:08:3b:e3:b6:58:81:29:6c:c4:4c:ce:8c:80:
07:31:05:39:2c:2c:f0:1d:b8:d9:bd:65:d7:f6:8d:
da:1c:2f:5f:23:87:ee:c2:fc:37:08:a4:c5:3c:8f:
b8:93:44:1d:fb:e8:68:fb:c8:aa:64:dc:ad:ba:07:
80:f4:4b:0d:9f:d6:2b:94:20:b8:4d:3f:8a:03:c6:
8c:5a:66:ed:3b:bc:99:6e:8f:0a:55:f4:d8:60:2a:
1d:21:29:5b:ef:cc:07:22:f7:74:b3:06:33:dc:52:
3a:ad:b3:b2:07:32:0c:4d:17:80:a9:0f:bf:b4:72:
1b:54:a2:b2:23:eb:08:48:b1:22:35:86:cc:fb:63:
03:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:08:65:BB:FE:7A:B5:D1:21:FC:DC:FE:88:78:95:B4:DC:5A:CA:02
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/38352e3230382e3135362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.156.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:a9:0e:9f:8c:c7:a0:d7:1f:a7:07:44:cb:c9:a2:6f:ec:8b:
02:8c:84:7d:37:99:77:dd:b8:36:67:43:f8:6e:d1:d2:a0:b9:
18:e8:3b:45:16:ec:ae:d8:8d:91:fd:83:b5:42:81:9a:66:c0:
b0:3e:c9:df:1c:c8:3d:7b:80:23:e5:0a:55:e4:48:84:29:1b:
5c:5e:81:46:a0:21:27:a1:8a:05:30:66:12:d8:d6:01:59:3b:
cb:99:f2:36:6d:a2:77:f6:e3:21:cf:cb:aa:3c:99:ed:d8:52:
78:3a:fc:76:db:7f:3b:69:e5:c1:5a:d8:88:be:f5:e4:a7:9a:
6f:68:aa:54:8b:f7:34:ce:3b:1f:68:fd:be:47:e9:1f:f3:4a:
fa:8f:9f:70:7d:48:f3:4e:95:18:01:58:4e:aa:46:83:a6:e2:
5f:e4:86:4e:09:2f:85:15:ae:4e:48:56:8e:79:1a:d7:7a:51:
05:f6:f0:e7:55:d2:d6:16:4a:13:43:71:d0:56:7c:9b:e5:e3:
08:b4:0f:94:bb:40:57:5c:b4:63:76:4b:21:6d:7b:3b:31:42:
b1:5e:ef:15:c7:f4:d9:04:23:28:53:4a:f8:4e:07:59:21:3c:
f7:be:68:3e:07:04:6a:73:c8:9c:fd:b6:9e:30:b3:22:72:75:
a8:85:77:56
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUcTzBxIY+GmoNHq4wCWiH007KlPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MjZaFw0yNTEyMTkxNTIzMjZaMDMxMTAvBgNV
BAMTKDI1MDg2NUJCRkU3QUI1RDEyMUZDRENGRTg4Nzg5NUI0REM1QUNBMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzkpkcRfKhYI/uRvoBcsMoghH/
DNbqvcZ8QrBX7w/kORXV8ULlzBQ2r9M6n15YRGbqufVLc2xMX8DonswLCgQR6Sn/
sXSdAY725V2GbQbywzczHv9QJ03mowIngELPlRqMD0aqp/7lHP5uIHlZI7zlNOSu
J3/PcAtbCDvjtliBKWzETM6MgAcxBTksLPAduNm9Zdf2jdocL18jh+7C/DcIpMU8
j7iTRB376Gj7yKpk3K26B4D0Sw2f1iuUILhNP4oDxoxaZu07vJlujwpV9NhgKh0h
KVvvzAci93SzBjPcUjqts7IHMgxNF4CpD7+0chtUorIj6whIsSI1hsz7YwNJAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUJQhlu/56tdEh/Nz+iHiVtNxaygIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zODM1MmUzMjMwMzgy
ZTMxMzUzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAFXQnDANBgkqhkiG9w0BAQsFAAOCAQEADqkOn4zHoNcfpwdEy8mib+yL
AoyEfTeZd924NmdD+G7R0qC5GOg7RRbsrtiNkf2DtUKBmmbAsD7J3xzIPXuAI+UK
VeRIhCkbXF6BRqAhJ6GKBTBmEtjWAVk7y5nyNm2id/bjIc/LqjyZ7dhSeDr8dtt/
O2nlwVrYiL715Keab2iqVIv3NM47H2j9vkfpH/NK+o+fcH1I806VGAFYTqpGg6bi
X+SGTgkvhRWuTkhWjnka13pRBfbw51XS1hZKE0Nx0FZ8m+XjCLQPlLtAV1y0Y3ZL
IW17OzFCsV7vFcf02QQjKFNK+E4HWSE8975oPgcEanPInP22njCzInJ1qIV3Vg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:46:24 2025 by rpki-client