Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3231342e36342e302f32342d3234203d3e20323132323338.roa
File: 39312e3231342e36342e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: YcDduizfxEPEtDhktpoBqtlnsQiQchnLoRVD6OJXais=
Subject key identifier: 7B:0A:5C:07:AD:E7:78:87:9B:CE:9C:9D:E4:4B:98:1B:12:78:B4:55
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1B84A74FB61B3317B988F2DE1496471DDA9E2280
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3231342e36342e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 27 Dec 2024 11:47:26 +0000
ROA not before: Fri 27 Dec 2024 11:42:26 +0000
ROA not after: Fri 26 Dec 2025 11:47:26 +0000
asID: 212238
IP address blocks: 91.214.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:84:a7:4f:b6:1b:33:17:b9:88:f2:de:14:96:47:1d:da:9e:22:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:26 2024 GMT
Not After : Dec 26 11:47:26 2025 GMT
Subject: CN=7B0A5C07ADE778879BCE9C9DE44B981B1278B455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1c:c4:89:91:45:76:90:7a:23:ad:67:d3:53:
71:dc:bd:ad:14:81:7a:70:cd:58:89:2f:29:a9:82:
d0:d1:8e:93:51:50:42:c1:0b:c5:4e:b4:82:64:d4:
22:5f:c6:80:c1:6f:9c:09:1e:50:9c:5f:cb:3a:4d:
4a:be:52:3c:01:48:d9:34:66:0f:07:6a:e4:c7:45:
df:be:94:c5:af:f9:40:8f:74:ce:11:9b:1a:b9:dd:
20:20:63:6d:66:5c:35:1b:4b:f7:ce:c1:e7:11:59:
23:27:cc:b9:ef:97:38:f4:6a:5c:58:6d:82:4b:e1:
4c:c5:9c:01:f6:f1:ba:54:e6:50:01:79:3f:06:c3:
b3:aa:0e:94:1b:bb:7d:cc:63:cf:e0:51:10:58:e9:
2b:f6:02:e6:87:df:90:05:a6:66:bb:ad:2f:d0:19:
81:72:b2:25:79:bb:ea:96:60:98:85:b0:ec:0d:4f:
cb:1c:2f:42:cd:f3:f4:02:d5:b8:82:84:8f:08:04:
ab:7a:d0:52:ab:b3:69:a8:08:26:d3:00:2c:3e:8c:
b4:59:36:be:ce:9d:2c:8e:91:a3:40:47:43:47:1a:
38:17:0f:5a:0e:74:24:82:24:a3:f3:f5:b4:2c:b9:
5a:14:00:16:b5:30:bd:ae:59:4c:bc:8b:c9:bc:34:
00:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:0A:5C:07:AD:E7:78:87:9B:CE:9C:9D:E4:4B:98:1B:12:78:B4:55
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3231342e36342e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.64.0/24
Signature Algorithm: sha256WithRSAEncryption
69:6d:7f:de:ea:b8:d6:fd:a2:63:d4:ab:6b:92:95:d8:48:47:
61:35:81:8a:df:21:26:ad:34:37:8e:1b:7d:13:6f:be:f4:68:
a4:f1:d1:a0:f3:b6:77:62:cd:85:ce:af:78:c6:0c:2e:21:88:
37:2c:17:98:b0:78:df:3f:92:f9:d2:08:48:f4:4b:2e:3d:64:
6c:8a:54:d3:a7:3e:56:5f:14:09:d6:9c:ff:96:ea:50:b9:89:
cb:f1:91:76:6b:16:16:53:39:4a:75:1c:a5:cb:5f:de:0a:aa:
fb:cc:86:9e:77:27:7f:ea:49:fc:d1:5e:e3:ae:e2:5d:32:54:
99:3e:f0:1e:8c:df:8a:99:8e:47:e2:51:74:16:5c:35:c3:a5:
0d:ba:9c:f8:0a:84:ed:ea:b1:fd:86:b6:09:73:ee:ce:cc:dd:
93:12:80:83:c1:ef:a5:49:94:ef:7a:59:bf:41:ce:60:bb:c2:
29:32:2e:27:8d:91:10:9c:fb:8a:78:7e:73:ca:ec:b2:a9:3f:
8d:5a:b9:b5:db:ce:06:b4:80:dc:8a:20:3a:a2:81:e5:98:e9:
a8:bc:78:f5:f5:c6:ab:30:6a:c8:b5:7a:27:32:3e:87:03:6d:
f7:74:62:78:f4:ad:57:9d:92:4d:d4:89:32:a4:79:6a:35:34:
1f:67:65:38
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUG4SnT7YbMxe5iPLeFJZHHdqeIoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjZaFw0yNTEyMjYxMTQ3MjZaMDMxMTAvBgNV
BAMTKDdCMEE1QzA3QURFNzc4ODc5QkNFOUM5REU0NEI5ODFCMTI3OEI0NTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2HMSJkUV2kHojrWfTU3Hcva0U
gXpwzViJLympgtDRjpNRUELBC8VOtIJk1CJfxoDBb5wJHlCcX8s6TUq+UjwBSNk0
Zg8HauTHRd++lMWv+UCPdM4Rmxq53SAgY21mXDUbS/fOwecRWSMnzLnvlzj0alxY
bYJL4UzFnAH28bpU5lABeT8Gw7OqDpQbu33MY8/gURBY6Sv2AuaH35AFpma7rS/Q
GYFysiV5u+qWYJiFsOwNT8scL0LN8/QC1biChI8IBKt60FKrs2moCCbTACw+jLRZ
Nr7OnSyOkaNAR0NHGjgXD1oOdCSCJKPz9bQsuVoUABa1ML2uWUy8i8m8NAD5AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUewpcB63neIebzpyd5EuYGxJ4tFUwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTMxMmUzMjMxMzQy
ZTM2MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABb1kAwDQYJKoZIhvcNAQELBQADggEBAGltf97quNb9omPUq2uSldhIR2E1
gYrfISatNDeOG30Tb770aKTx0aDztndizYXOr3jGDC4hiDcsF5iweN8/kvnSCEj0
Sy49ZGyKVNOnPlZfFAnWnP+W6lC5icvxkXZrFhZTOUp1HKXLX94KqvvMhp53J3/q
SfzRXuOu4l0yVJk+8B6M34qZjkfiUXQWXDXDpQ26nPgKhO3qsf2Gtglz7s7M3ZMS
gIPB76VJlO96Wb9BzmC7wikyLieNkRCc+4p4fnPK7LKpP41aubXbzga0gNyKIDqi
geWY6ai8ePX1xqswasi1eicyPocDbfd0Ynj0rVedkk3UiTKkeWo1NB9nZTg=
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:05:43 2025 by rpki-client