Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3231342e36372e302f32342d3234203d3e20313336373837.roa
File: 39312e3231342e36372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: bSZaDsJydbItI/Ef2MmQqsfQUVyj1i1eJk6zdjOlFUc=
Subject key identifier: C3:B7:1B:FA:73:A2:BF:D4:7C:D8:00:EA:20:4F:3A:EF:09:59:8F:51
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3BC077A93F28FA5DCEF65F41DE3A3605404CBDB3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3231342e36372e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:45 +0000
ROA not before: Fri 27 Dec 2024 11:42:45 +0000
ROA not after: Fri 26 Dec 2025 11:47:45 +0000
asID: 136787
IP address blocks: 91.214.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:c0:77:a9:3f:28:fa:5d:ce:f6:5f:41:de:3a:36:05:40:4c:bd:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:45 2024 GMT
Not After : Dec 26 11:47:45 2025 GMT
Subject: CN=C3B71BFA73A2BFD47CD800EA204F3AEF09598F51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:35:9e:ff:6f:b0:7d:c1:51:ff:93:b0:b1:30:
59:84:81:36:71:6e:a1:80:5a:24:4a:f6:03:0d:da:
b8:1c:09:e0:ae:89:98:96:d7:01:ca:43:e4:0d:f3:
03:c2:82:24:57:f0:f8:da:7e:58:41:db:c3:3b:6a:
0f:25:56:b7:cf:4a:67:ae:88:15:b1:48:5e:45:06:
02:7d:be:84:60:bf:d7:fa:82:b0:8f:fc:ba:d7:27:
8d:a0:a5:3b:fb:c2:21:5b:4c:9c:56:04:c1:e2:20:
6e:eb:76:b1:dc:dc:7d:a8:d2:be:38:22:6c:d2:3c:
f7:6d:8f:be:63:ab:07:44:ce:59:a2:82:44:1e:ec:
c8:15:89:d1:80:70:8a:bf:34:16:ba:74:3e:2f:ed:
16:7d:24:c2:f9:7c:d8:75:48:fb:d7:e7:83:3c:a1:
70:7d:86:22:88:51:6c:de:7a:1b:9e:1c:c0:e7:d7:
ff:eb:d7:49:f2:69:9d:74:46:36:1f:cb:43:d9:e2:
0a:8f:d9:41:9a:c2:5e:82:94:91:1c:17:3f:c2:a5:
b9:72:9e:ca:ef:ac:07:37:2f:1e:cf:75:75:ca:ec:
45:f0:48:c4:06:ca:d8:53:f1:99:9e:e3:a2:d9:bb:
cb:13:3b:f7:26:fa:6c:09:4e:35:4d:88:61:d0:c9:
c1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B7:1B:FA:73:A2:BF:D4:7C:D8:00:EA:20:4F:3A:EF:09:59:8F:51
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39312e3231342e36372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.67.0/24
Signature Algorithm: sha256WithRSAEncryption
65:01:cb:7c:66:21:dc:79:ad:a4:a5:a7:ff:f6:82:62:26:f0:
1b:c9:3b:96:78:6e:ca:fe:12:8c:ab:65:60:e2:99:11:5e:f5:
2f:06:d7:35:2f:e5:1d:5c:35:92:46:c4:52:54:8c:4e:76:98:
36:51:71:28:39:70:4b:59:c4:f0:07:38:a2:90:33:5c:66:7b:
9a:c7:a5:2b:73:08:f7:73:03:6d:74:1d:e4:f0:94:92:ea:90:
22:9c:04:d2:08:7a:af:51:81:80:c1:10:ad:5d:72:63:d8:13:
3b:af:aa:ce:2f:2e:c0:ff:b5:94:fc:cd:65:09:e9:1e:15:3d:
e2:60:9c:8c:b4:3f:b1:2d:a6:42:55:f6:51:0f:13:9c:45:ba:
08:fa:31:b7:63:97:68:7b:13:bb:37:30:03:e4:f3:9e:73:48:
75:27:57:c3:ea:f1:c7:6c:38:8d:a4:20:5b:29:9f:8a:d7:ac:
6c:33:83:52:2d:8d:73:79:87:e9:84:37:7f:9f:59:6a:57:fe:
4d:3b:48:f6:31:5f:cd:f6:fd:1e:49:8e:6f:43:4c:22:bc:aa:
b9:43:ad:18:f4:d2:4b:81:48:fd:54:7f:b7:2c:4c:48:10:af:
97:67:44:3c:2b:c4:98:5c:3b:9e:82:bc:4a:aa:58:49:ce:5b:
a2:ea:04:16
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUO8B3qT8o+l3O9l9B3jo2BUBMvbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyNDVaFw0yNTEyMjYxMTQ3NDVaMDMxMTAvBgNV
BAMTKEMzQjcxQkZBNzNBMkJGRDQ3Q0Q4MDBFQTIwNEYzQUVGMDk1OThGNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrNZ7/b7B9wVH/k7CxMFmEgTZx
bqGAWiRK9gMN2rgcCeCuiZiW1wHKQ+QN8wPCgiRX8PjaflhB28M7ag8lVrfPSmeu
iBWxSF5FBgJ9voRgv9f6grCP/LrXJ42gpTv7wiFbTJxWBMHiIG7rdrHc3H2o0r44
ImzSPPdtj75jqwdEzlmigkQe7MgVidGAcIq/NBa6dD4v7RZ9JML5fNh1SPvX54M8
oXB9hiKIUWzeehueHMDn1//r10nyaZ10RjYfy0PZ4gqP2UGawl6ClJEcFz/Cpbly
nsrvrAc3Lx7PdXXK7EXwSMQGythT8Zme46LZu8sTO/cm+mwJTjVNiGHQycEzAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUw7cb+nOiv9R82ADqIE867wlZj1EwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTMxMmUzMjMxMzQy
ZTM2MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABb1kMwDQYJKoZIhvcNAQELBQADggEBAGUBy3xmIdx5raSlp//2gmIm8BvJ
O5Z4bsr+EoyrZWDimRFe9S8G1zUv5R1cNZJGxFJUjE52mDZRcSg5cEtZxPAHOKKQ
M1xme5rHpStzCPdzA210HeTwlJLqkCKcBNIIeq9RgYDBEK1dcmPYEzuvqs4vLsD/
tZT8zWUJ6R4VPeJgnIy0P7EtpkJV9lEPE5xFugj6Mbdjl2h7E7s3MAPk855zSHUn
V8Pq8cdsOI2kIFspn4rXrGwzg1ItjXN5h+mEN3+fWWpX/k07SPYxX832/R5Jjm9D
TCK8qrlDrRj00kuBSP1Uf7csTEgQr5dnRDwrxJhcO56CvEqqWEnOW6LqBBY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:48:25 2025 by rpki-client