Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3133322e312e302f32342d3234203d3e20313336373837.roa
File: 39312e3133322e312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: I3KB6DfOncPWrW35A3Cdc3yUxAv7RuSVk7kmeuroCMI=
Subject key identifier: 7B:A5:E0:2D:31:5D:4B:69:8C:72:53:CD:F7:AD:47:2D:2D:E5:01:64
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4E84E5DFE286E1BC44B64710D1B9D2CCE3D63CD1
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3133322e312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:34 +0000
ROA not before: Fri 27 Dec 2024 11:42:34 +0000
ROA not after: Fri 26 Dec 2025 11:47:34 +0000
asID: 136787
IP address blocks: 91.132.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:84:e5:df:e2:86:e1:bc:44:b6:47:10:d1:b9:d2:cc:e3:d6:3c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:34 2024 GMT
Not After : Dec 26 11:47:34 2025 GMT
Subject: CN=7BA5E02D315D4B698C7253CDF7AD472D2DE50164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:73:ae:00:50:22:ac:7d:93:69:67:95:17:dc:
c8:50:4d:ee:65:60:ec:5b:d7:95:24:ed:ac:5f:77:
0d:4a:e9:90:81:c2:8e:4b:b9:e8:af:84:9a:26:7c:
e0:a8:bd:cd:7e:6d:5d:98:58:17:77:b2:af:df:a1:
ef:b3:a7:6a:25:2f:49:bf:da:e0:03:4e:70:d5:4c:
90:18:4b:fd:31:e9:6c:0a:89:36:e6:94:9b:ee:05:
d7:ff:10:db:4d:1b:73:3b:1e:fb:d5:be:74:02:52:
bd:b6:27:b4:64:0b:9c:6f:65:33:b8:e3:2a:a7:ff:
53:1f:90:12:92:b6:65:fd:d6:55:a6:27:86:8d:69:
ff:cd:a5:71:6c:c2:f0:9d:d3:f4:23:f9:4a:c4:48:
96:c1:0c:d7:fe:70:02:9d:a8:dc:b6:bc:60:5f:80:
57:c9:b4:1b:46:f9:2f:99:de:be:9e:7a:6e:7a:0d:
ef:57:16:8e:f3:f0:c8:5e:6b:d8:eb:a1:94:ba:7f:
72:8c:94:35:ab:ac:30:59:42:85:ff:4b:7a:c3:ba:
e0:44:0f:77:8b:bf:57:03:78:3f:7a:1d:a5:b3:18:
bc:c2:c0:45:42:48:cc:e3:02:12:c9:62:91:b2:e3:
04:b2:a1:c9:aa:d8:f2:46:c0:1a:5f:0a:d1:62:36:
ea:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A5:E0:2D:31:5D:4B:69:8C:72:53:CD:F7:AD:47:2D:2D:E5:01:64
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3133322e312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.1.0/24
Signature Algorithm: sha256WithRSAEncryption
66:01:61:c3:f9:4e:52:6e:1c:ba:a6:10:91:22:ff:0e:cc:63:
e0:c9:a4:6e:1b:87:0e:75:47:03:e2:3e:76:57:41:dc:f4:7f:
62:0f:ab:07:9f:5e:24:9d:2a:c3:c4:19:8b:e2:3d:bb:94:36:
2d:0f:84:1d:eb:35:09:ed:1e:e6:be:ba:ba:63:63:3f:3b:15:
02:30:47:a4:90:8e:d9:b7:eb:3f:2e:ec:e9:83:d4:9a:93:e1:
2d:a4:3a:bc:4e:65:30:1f:ee:bf:d0:c7:a2:4a:d6:b4:5b:1d:
39:7f:bf:1e:e4:3c:c4:5a:ba:36:d6:49:7f:18:81:80:c2:a8:
a2:4b:fc:05:50:d7:01:bf:bd:74:a6:ca:4b:8e:f5:91:c4:6d:
bc:b8:c9:b4:d4:56:91:50:65:b7:6e:b2:a8:dd:61:ca:cc:29:
7c:86:f4:12:9b:3a:cd:4e:bd:c0:0d:29:3b:ba:16:42:e1:79:
fb:6f:12:95:3e:32:39:10:f0:c3:24:56:d2:fc:82:be:55:52:
87:5d:12:2f:92:6f:3d:2e:2e:1b:e5:a0:81:1e:bd:89:89:d6:
a3:2c:91:d5:2f:5f:49:fb:ec:86:04:2e:17:d0:23:0c:5f:1b:
4f:4e:02:43:d7:5c:51:16:7d:76:63:0f:d0:fc:19:4d:da:f7:
18:04:74:ac
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUToTl3+KG4bxEtkcQ0bnSzOPWPNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzRaFw0yNTEyMjYxMTQ3MzRaMDMxMTAvBgNV
BAMTKDdCQTVFMDJEMzE1RDRCNjk4QzcyNTNDREY3QUQ0NzJEMkRFNTAxNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/c64AUCKsfZNpZ5UX3MhQTe5l
YOxb15Uk7axfdw1K6ZCBwo5LueivhJomfOCovc1+bV2YWBd3sq/foe+zp2olL0m/
2uADTnDVTJAYS/0x6WwKiTbmlJvuBdf/ENtNG3M7HvvVvnQCUr22J7RkC5xvZTO4
4yqn/1MfkBKStmX91lWmJ4aNaf/NpXFswvCd0/Qj+UrESJbBDNf+cAKdqNy2vGBf
gFfJtBtG+S+Z3r6eem56De9XFo7z8Mhea9jroZS6f3KMlDWrrDBZQoX/S3rDuuBE
D3eLv1cDeD96HaWzGLzCwEVCSMzjAhLJYpGy4wSyocmq2PJGwBpfCtFiNuqvAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUe6XgLTFdS2mMclPN961HLS3lAWQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTMxMmUzMTMzMzIy
ZTMxMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAW4QBMA0GCSqGSIb3DQEBCwUAA4IBAQBmAWHD+U5Sbhy6phCRIv8OzGPgyaRu
G4cOdUcD4j52V0Hc9H9iD6sHn14knSrDxBmL4j27lDYtD4Qd6zUJ7R7mvrq6Y2M/
OxUCMEekkI7Zt+s/Luzpg9Sak+EtpDq8TmUwH+6/0MeiSta0Wx05f78e5DzEWro2
1kl/GIGAwqiiS/wFUNcBv710pspLjvWRxG28uMm01FaRUGW3brKo3WHKzCl8hvQS
mzrNTr3ADSk7uhZC4Xn7bxKVPjI5EPDDJFbS/IK+VVKHXRIvkm89Li4b5aCBHr2J
idajLJHVL19J++yGBC4X0CMMXxtPTgJD11xRFn12Yw/Q/BlN2vcYBHSs
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:41:25 2025 by rpki-client