Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3131382e35332e302f32342d3234203d3e20313336373837.roa
File: 39322e3131382e35332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 3BufmFRztwquoKnzxCU4212mQACKrDBUU6RMO02E2Zk=
Subject key identifier: 0E:D9:6C:DA:1E:6B:2C:7A:FD:ED:DA:16:17:66:25:9D:5B:5C:E0:0C
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 4B9A64AB7D72CA91E72730C9B9CE442D1B416C9F
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3131382e35332e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:36 +0000
ROA not before: Fri 20 Dec 2024 15:18:36 +0000
ROA not after: Fri 19 Dec 2025 15:23:36 +0000
asID: 136787
IP address blocks: 92.118.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:9a:64:ab:7d:72:ca:91:e7:27:30:c9:b9:ce:44:2d:1b:41:6c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:36 2024 GMT
Not After : Dec 19 15:23:36 2025 GMT
Subject: CN=0ED96CDA1E6B2C7AFDEDDA161766259D5B5CE00C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:50:35:c6:c1:e2:6a:0a:e4:b3:74:2a:04:d1:
a3:bf:3a:86:49:33:cf:31:3a:3f:9e:6f:e6:de:e6:
3c:ac:99:13:30:c1:b6:62:1d:7a:81:b7:31:8d:f9:
08:1c:ce:aa:e5:d4:3f:ce:b6:8d:d4:be:45:56:dd:
f9:d0:48:66:13:03:54:0b:3b:ab:d5:5c:fe:5b:5c:
21:59:4a:63:09:01:5a:04:d3:90:e7:ee:0a:a1:83:
57:76:9e:b3:be:be:c7:18:da:db:f2:5f:94:34:1e:
30:b2:43:8b:83:fc:bd:19:d3:37:09:65:85:f2:c9:
05:19:1b:9a:7c:af:ae:4b:52:a9:ef:76:5b:ff:b6:
3f:15:10:22:80:c3:3c:56:22:67:96:d9:27:41:6c:
dc:51:a6:63:61:0c:67:d2:66:b2:8c:1b:73:8e:1e:
5c:18:79:7b:7f:fd:48:a5:87:c4:e2:f8:74:a3:90:
2a:15:37:b6:1f:4a:2f:3e:a0:36:0c:36:77:9a:cf:
34:4f:4b:14:dd:57:aa:c7:d1:08:56:0b:ce:5b:ca:
bf:83:b7:e2:4b:20:df:73:c9:3d:d9:56:07:45:c1:
cc:46:1a:11:35:0c:32:ae:aa:42:b9:4d:c3:78:5f:
4e:ce:2a:cd:c4:f8:cb:75:c6:d2:6b:3f:a7:4a:e5:
33:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:D9:6C:DA:1E:6B:2C:7A:FD:ED:DA:16:17:66:25:9D:5B:5C:E0:0C
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3131382e35332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.53.0/24
Signature Algorithm: sha256WithRSAEncryption
28:d0:8c:ff:a8:e8:0d:c1:28:91:27:dc:d4:41:b4:b7:42:ff:
cd:3a:3c:43:f1:7a:b3:52:69:a3:e0:09:99:b1:83:0d:2b:60:
32:03:7f:6c:35:13:64:ae:50:15:16:ad:bb:b5:e9:7b:58:df:
0b:7e:be:94:a5:e8:87:41:c4:51:d9:ea:18:5c:17:d3:2b:5b:
58:1e:0e:57:69:50:ca:17:45:11:35:01:0e:86:05:e4:22:89:
8a:b5:89:d4:93:9b:a3:19:44:01:8f:30:b5:b8:3b:2c:30:64:
d5:30:c9:d9:9e:c2:c9:79:9b:e3:f8:73:6b:e6:1e:44:77:97:
9e:f0:50:83:aa:81:14:6c:f7:ed:07:fe:8a:aa:1d:15:63:62:
7c:c8:6e:56:c6:5f:22:8a:3e:ca:95:82:2c:66:2b:fe:ba:5c:
89:3c:2f:af:90:d8:4a:78:5a:c1:8d:b2:94:b6:12:8f:09:d5:
34:f0:e0:a2:b2:3a:3d:15:0f:4b:54:f2:73:0e:9b:69:72:ba:
b6:cc:78:8d:00:5d:8a:af:52:5f:0f:2f:7f:31:c6:b3:56:ec:
b5:57:40:60:1b:9c:0d:84:91:2e:15:f8:41:3d:42:0f:99:07:
ea:a8:3a:bc:51:a8:9a:c2:86:9a:a9:23:00:ef:07:63:2c:a9:
b6:89:aa:ea
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUS5pkq31yypHnJzDJuc5ELRtBbJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzZaFw0yNTEyMTkxNTIzMzZaMDMxMTAvBgNV
BAMTKDBFRDk2Q0RBMUU2QjJDN0FGREVEREExNjE3NjYyNTlENUI1Q0UwMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCUDXGweJqCuSzdCoE0aO/OoZJ
M88xOj+eb+be5jysmRMwwbZiHXqBtzGN+Qgczqrl1D/Oto3UvkVW3fnQSGYTA1QL
O6vVXP5bXCFZSmMJAVoE05Dn7gqhg1d2nrO+vscY2tvyX5Q0HjCyQ4uD/L0Z0zcJ
ZYXyyQUZG5p8r65LUqnvdlv/tj8VECKAwzxWImeW2SdBbNxRpmNhDGfSZrKMG3OO
HlwYeXt//Uilh8Ti+HSjkCoVN7YfSi8+oDYMNneazzRPSxTdV6rH0QhWC85byr+D
t+JLIN9zyT3ZVgdFwcxGGhE1DDKuqkK5TcN4X07OKs3E+Mt1xtJrP6dK5TOhAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUDtls2h5rLHr97doWF2YlnVtc4AwwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTMyMmUzMTMxMzgy
ZTM1MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABcdjUwDQYJKoZIhvcNAQELBQADggEBACjQjP+o6A3BKJEn3NRBtLdC/806
PEPxerNSaaPgCZmxgw0rYDIDf2w1E2SuUBUWrbu16XtY3wt+vpSl6IdBxFHZ6hhc
F9MrW1geDldpUMoXRRE1AQ6GBeQiiYq1idSTm6MZRAGPMLW4OywwZNUwydmewsl5
m+P4c2vmHkR3l57wUIOqgRRs9+0H/oqqHRVjYnzIblbGXyKKPsqVgixmK/66XIk8
L6+Q2Ep4WsGNspS2Eo8J1TTw4KKyOj0VD0tU8nMOm2lyurbMeI0AXYqvUl8PL38x
xrNW7LVXQGAbnA2EkS4V+EE9Qg+ZB+qoOrxRqJrChpqpIwDvB2MsqbaJquo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:24:48 2025 by rpki-client