Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3133322e332e302f32342d3234203d3e20313336373837.roa
File: 39312e3133322e332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: TCyMi3+LgZaWKMsGMsA+07HCQZmfq7bg6FdTYexIqak=
Subject key identifier: BF:41:60:87:DD:EB:FD:43:EF:B9:F6:97:60:0A:C9:8A:9B:C2:5F:F2
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 13F0F1F64C0B91D820D0D31F1089C70C8BF1A26A
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3133322e332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:13 +0000
ROA not before: Fri 27 Dec 2024 11:42:13 +0000
ROA not after: Fri 26 Dec 2025 11:47:13 +0000
asID: 136787
IP address blocks: 91.132.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:f0:f1:f6:4c:0b:91:d8:20:d0:d3:1f:10:89:c7:0c:8b:f1:a2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:13 2024 GMT
Not After : Dec 26 11:47:13 2025 GMT
Subject: CN=BF416087DDEBFD43EFB9F697600AC98A9BC25FF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f3:7f:7a:54:80:0f:aa:d7:94:90:83:6a:ae:
44:c7:f7:25:36:3e:43:63:0a:e7:bc:06:45:c2:18:
e2:3f:16:b4:fa:08:ff:f7:2c:ed:77:ed:c2:f1:a6:
f8:c8:11:98:3d:92:14:e7:02:b0:14:ee:f2:2e:6e:
79:d7:7b:5c:05:36:3f:1a:c4:3d:2d:af:df:f7:2f:
df:9f:da:ec:98:64:29:7c:a6:0f:a2:03:62:3a:c8:
eb:3e:41:4a:90:d3:96:84:32:62:e9:02:70:2c:27:
81:14:5c:89:bf:97:d8:a3:92:d7:f9:8d:bb:e8:22:
5b:97:37:f4:19:50:d1:2c:93:c8:98:8c:ef:e2:26:
37:2f:61:4b:65:ff:d0:18:c6:05:12:b2:9e:20:14:
1b:b6:f5:50:88:e3:d2:35:32:94:9e:0f:b0:be:1c:
0b:d7:8d:b9:eb:61:19:1e:b7:1b:b3:40:71:0b:c8:
1e:1a:dc:f4:27:a5:0a:48:56:26:ce:e5:a5:92:46:
6b:f0:e9:5a:50:54:9a:18:25:e5:1b:4f:1f:a6:bb:
68:46:3c:b2:29:42:47:a0:7a:d5:f8:94:16:5e:e5:
ab:99:7a:17:f4:bb:9e:55:df:1f:75:a8:c9:5d:75:
23:c8:2d:9a:0e:7e:39:28:73:7d:2d:29:67:db:3f:
91:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:41:60:87:DD:EB:FD:43:EF:B9:F6:97:60:0A:C9:8A:9B:C2:5F:F2
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3133322e332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.3.0/24
Signature Algorithm: sha256WithRSAEncryption
87:dc:7d:7f:b2:a5:c6:53:07:90:c5:13:ff:82:b8:50:77:bd:
17:18:a5:b9:0b:89:94:66:7f:65:90:bd:f0:63:e9:4b:1a:86:
d6:e2:a7:65:95:b9:6c:64:1a:05:ea:60:06:4a:22:99:0a:f1:
ab:5d:67:c0:b4:44:c6:53:6d:12:bc:9e:c0:c5:a6:0a:99:ee:
42:7d:90:e7:08:21:b0:e5:78:d3:8b:62:88:97:e2:14:cb:66:
97:ec:0e:0d:8e:9c:42:03:3e:af:bb:57:84:08:9b:29:e0:44:
30:e8:a0:db:d6:76:7a:73:8a:01:97:0c:ad:f3:1c:cf:d8:55:
26:18:ce:d2:80:00:f8:e9:c4:16:32:37:42:0c:b3:30:e6:f3:
02:d9:88:ad:2d:6b:3f:57:b9:69:0e:8f:5b:0f:7e:51:55:73:
ca:9f:27:46:06:b5:5b:e1:a5:07:dd:14:0c:ac:39:b1:80:9d:
fd:83:0d:5f:e7:a7:2f:b4:8c:de:12:65:41:f0:98:91:75:c1:
f0:92:c2:61:4c:51:ab:74:aa:68:71:6f:08:69:da:83:4f:ac:
a3:85:d5:61:30:a8:0b:3a:db:fe:a8:88:e5:cc:e6:c2:f3:a9:
e1:3a:1c:71:61:94:5c:8c:40:82:07:c4:01:d3:2b:b8:58:1b:
00:93:32:c0
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUE/Dx9kwLkdgg0NMfEInHDIvxomowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTNaFw0yNTEyMjYxMTQ3MTNaMDMxMTAvBgNV
BAMTKEJGNDE2MDg3RERFQkZENDNFRkI5RjY5NzYwMEFDOThBOUJDMjVGRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk8396VIAPqteUkINqrkTH9yU2
PkNjCue8BkXCGOI/FrT6CP/3LO137cLxpvjIEZg9khTnArAU7vIubnnXe1wFNj8a
xD0tr9/3L9+f2uyYZCl8pg+iA2I6yOs+QUqQ05aEMmLpAnAsJ4EUXIm/l9ijktf5
jbvoIluXN/QZUNEsk8iYjO/iJjcvYUtl/9AYxgUSsp4gFBu29VCI49I1MpSeD7C+
HAvXjbnrYRketxuzQHELyB4a3PQnpQpIVibO5aWSRmvw6VpQVJoYJeUbTx+mu2hG
PLIpQkegetX4lBZe5auZehf0u55V3x91qMlddSPILZoOfjkoc30tKWfbP5HnAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUv0Fgh93r/UPvufaXYArJipvCX/IwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTMxMmUzMTMzMzIy
ZTMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAW4QDMA0GCSqGSIb3DQEBCwUAA4IBAQCH3H1/sqXGUweQxRP/grhQd70XGKW5
C4mUZn9lkL3wY+lLGobW4qdllblsZBoF6mAGSiKZCvGrXWfAtETGU20SvJ7AxaYK
me5CfZDnCCGw5XjTi2KIl+IUy2aX7A4NjpxCAz6vu1eECJsp4EQw6KDb1nZ6c4oB
lwyt8xzP2FUmGM7SgAD46cQWMjdCDLMw5vMC2YitLWs/V7lpDo9bD35RVXPKnydG
BrVb4aUH3RQMrDmxgJ39gw1f56cvtIzeEmVB8JiRdcHwksJhTFGrdKpocW8IadqD
T6yjhdVhMKgLOtv+qIjlzObC86nhOhxxYZRcjECCB8QB0yu4WBsAkzLA
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:56:18 2025 by rpki-client