Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3131382e35342e302f32342d3234203d3e20313336373837.roa
File: 39322e3131382e35342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: tujAfkv38sTl2PPlKXpI3ZmJNZYPP6jxNsgUoY4FIQk=
Subject key identifier: FA:D3:81:A0:77:D5:F7:CC:26:2A:3F:9D:1B:E2:01:18:71:7A:99:7F
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 257EC56CE3196DB431197E41E0F06BA26F5AA244
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3131382e35342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:30 +0000
ROA not before: Fri 20 Dec 2024 15:18:30 +0000
ROA not after: Fri 19 Dec 2025 15:23:30 +0000
asID: 136787
IP address blocks: 92.118.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:7e:c5:6c:e3:19:6d:b4:31:19:7e:41:e0:f0:6b:a2:6f:5a:a2:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:30 2024 GMT
Not After : Dec 19 15:23:30 2025 GMT
Subject: CN=FAD381A077D5F7CC262A3F9D1BE20118717A997F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8e:ae:68:89:2c:04:78:14:8a:cb:1f:c3:27:
6e:9b:32:19:a1:99:cd:db:dc:6e:ab:d4:fe:52:86:
5a:03:3b:5f:2e:4b:a9:32:7f:79:52:52:d1:96:76:
eb:0a:2d:b7:d0:86:d3:3b:e7:00:db:c9:b6:61:ab:
8f:f1:da:34:24:b5:a6:f1:db:2b:59:17:f7:6a:76:
2d:15:f6:10:a8:74:2a:81:f5:72:ec:ad:8e:db:df:
75:d5:a2:80:b7:ec:e6:22:33:17:56:4e:9e:05:f4:
5e:6d:87:cd:31:a2:bd:7e:f6:23:b4:60:56:17:70:
19:84:d0:97:fc:a7:be:b0:ea:d7:95:da:66:bc:61:
44:de:f1:b4:97:23:a4:4b:05:cf:6a:74:31:2a:b3:
f5:ef:fa:f7:f5:6d:d5:80:36:7e:a3:75:13:ab:1a:
88:6a:5b:7c:d1:3e:d0:4b:bb:b8:ff:2b:dd:fe:d6:
1e:08:c6:77:37:6f:05:ae:ac:6e:50:27:a6:a6:0a:
c8:d8:3c:9a:0b:fc:8b:ed:73:ca:ce:d4:77:d7:28:
4f:42:ce:91:8e:f0:12:5d:d9:c7:24:49:db:be:9b:
c1:de:dc:6e:6e:92:99:f5:00:a9:ed:9e:a5:7c:05:
c7:5b:e5:0f:f2:84:24:e7:12:5e:64:26:e8:f6:aa:
13:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D3:81:A0:77:D5:F7:CC:26:2A:3F:9D:1B:E2:01:18:71:7A:99:7F
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3131382e35342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.54.0/24
Signature Algorithm: sha256WithRSAEncryption
07:5b:61:e2:1e:0a:c3:8a:a1:1d:85:c2:21:50:1a:c8:8f:90:
16:02:b9:7d:25:49:49:ad:0b:ab:d7:da:0b:08:2d:0d:8f:4a:
b5:d8:29:dd:d5:56:ef:f3:95:ce:32:80:2e:7f:25:57:0c:12:
ec:c8:b3:c2:f1:3c:30:01:9d:54:eb:5e:72:62:71:af:b7:3f:
a0:46:90:7d:72:b2:92:be:e8:a7:78:1b:3f:72:00:37:20:e1:
73:de:fe:d0:75:32:8f:c0:db:7c:b9:1e:b8:b0:02:91:4c:2e:
27:ee:db:0c:7e:77:ff:06:4c:44:52:94:27:9c:06:04:a8:fb:
7e:43:74:5f:c5:5f:35:46:34:19:55:44:21:f4:de:75:bd:6e:
e3:25:2f:a3:f6:cb:3a:94:5e:da:25:6d:07:d6:dd:d4:35:7c:
ae:93:06:46:d9:e2:eb:f8:2e:0c:3f:fe:e0:6a:a0:e6:a5:cc:
53:d0:b2:a3:e0:11:7f:fa:b3:85:96:82:c7:49:37:d1:8b:72:
7a:c7:88:e9:dc:d5:ab:b0:12:a2:79:d4:38:d0:37:3c:c9:d6:
2d:08:ae:9a:4f:ce:c1:69:1f:c1:36:e3:9e:4e:d3:b4:88:7b:
a2:97:45:c9:63:6e:c2:a8:98:b0:26:5b:71:8e:49:4c:b3:7c:
64:d1:ad:36
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUJX7FbOMZbbQxGX5B4PBrom9aokQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzBaFw0yNTEyMTkxNTIzMzBaMDMxMTAvBgNV
BAMTKEZBRDM4MUEwNzdENUY3Q0MyNjJBM0Y5RDFCRTIwMTE4NzE3QTk5N0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCjq5oiSwEeBSKyx/DJ26bMhmh
mc3b3G6r1P5ShloDO18uS6kyf3lSUtGWdusKLbfQhtM75wDbybZhq4/x2jQktabx
2ytZF/dqdi0V9hCodCqB9XLsrY7b33XVooC37OYiMxdWTp4F9F5th80xor1+9iO0
YFYXcBmE0Jf8p76w6teV2ma8YUTe8bSXI6RLBc9qdDEqs/Xv+vf1bdWANn6jdROr
GohqW3zRPtBLu7j/K93+1h4Ixnc3bwWurG5QJ6amCsjYPJoL/Ivtc8rO1HfXKE9C
zpGO8BJd2cckSdu+m8He3G5ukpn1AKntnqV8Bcdb5Q/yhCTnEl5kJuj2qhNdAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU+tOBoHfV98wmKj+dG+IBGHF6mX8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTMyMmUzMTMxMzgy
ZTM1MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABcdjYwDQYJKoZIhvcNAQELBQADggEBAAdbYeIeCsOKoR2FwiFQGsiPkBYC
uX0lSUmtC6vX2gsILQ2PSrXYKd3VVu/zlc4ygC5/JVcMEuzIs8LxPDABnVTrXnJi
ca+3P6BGkH1yspK+6Kd4Gz9yADcg4XPe/tB1Mo/A23y5HriwApFMLifu2wx+d/8G
TERSlCecBgSo+35DdF/FXzVGNBlVRCH03nW9buMlL6P2yzqUXtolbQfW3dQ1fK6T
BkbZ4uv4Lgw//uBqoOalzFPQsqPgEX/6s4WWgsdJN9GLcnrHiOnc1auwEqJ51DjQ
NzzJ1i0IrppPzsFpH8E2455O07SIe6KXRcljbsKomLAmW3GOSUyzfGTRrTY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:54:46 2025 by rpki-client