Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3131392e38302e302f32342d3234203d3e20313336373837.roa
File: 39322e3131392e38302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: TC4ZY7BIycO14nns641KLcJIKydNy9CjWdulo8C5Jl0=
Subject key identifier: AA:92:6B:ED:DF:FF:E3:3F:EC:EC:65:BA:B9:8A:0B:95:0B:DD:17:29
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3154A03C99A8EF0FC69D12D9A57B0FCF646921C0
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3131392e38302e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:20 +0000
ROA not before: Fri 27 Dec 2024 11:42:20 +0000
ROA not after: Fri 26 Dec 2025 11:47:20 +0000
asID: 136787
IP address blocks: 92.119.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:46:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:54:a0:3c:99:a8:ef:0f:c6:9d:12:d9:a5:7b:0f:cf:64:69:21:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:20 2024 GMT
Not After : Dec 26 11:47:20 2025 GMT
Subject: CN=AA926BEDDFFFE33FECEC65BAB98A0B950BDD1729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b5:fd:cc:e2:d8:3d:a4:11:e0:59:66:04:ee:
f0:5c:ef:11:83:2e:79:ff:ce:05:c3:95:5b:b8:d9:
3c:7c:6d:7c:9d:a3:9a:f8:28:ca:2d:f6:30:32:82:
31:68:82:36:ce:64:cc:57:7b:58:12:09:0b:ae:d2:
a1:84:0e:c0:d8:ea:50:80:ff:f1:ea:cb:58:57:cc:
7f:a5:6a:f8:f5:b2:38:36:d8:35:bd:1c:10:cb:0c:
bd:bc:60:63:78:83:c4:3d:10:90:06:00:5f:fb:a6:
98:b7:64:ab:1a:bd:52:80:4e:59:a0:f7:36:6f:1c:
07:ce:3f:cf:0a:3d:69:71:a4:d3:ef:c8:be:69:8e:
16:3d:fe:db:7b:e0:34:a0:a5:b1:b2:54:36:0a:22:
07:cb:93:37:08:f4:44:b6:e6:5c:b3:55:4f:ba:a3:
5a:77:b5:a4:33:0a:f9:b8:f3:b9:45:42:ca:9b:5c:
c6:b5:5c:43:45:ab:9c:3a:e1:da:29:c4:cd:a7:2d:
65:c7:f4:22:c0:85:d7:13:6c:2a:85:00:4e:86:32:
6e:8b:1e:02:98:a3:89:4b:05:2a:80:13:03:b6:eb:
61:9a:d5:5b:50:f3:6d:4c:77:08:5e:17:54:6d:2d:
96:2b:34:8d:31:51:7d:2a:06:55:bf:81:b3:8e:93:
2f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:92:6B:ED:DF:FF:E3:3F:EC:EC:65:BA:B9:8A:0B:95:0B:DD:17:29
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3131392e38302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.80.0/24
Signature Algorithm: sha256WithRSAEncryption
12:a1:af:0d:9e:fc:5c:1f:fc:40:d6:db:3b:e1:d0:0c:a2:4d:
a4:ec:92:bd:c6:f6:67:38:3a:0a:39:52:9b:66:81:c2:43:b8:
7a:2f:63:b7:03:1a:30:70:98:0a:0c:59:e0:77:3c:bf:77:46:
aa:9d:a4:c3:ad:fc:c7:a2:72:fd:8d:23:2f:47:56:a0:2e:ec:
cb:4a:48:a2:f2:61:dc:29:fb:4e:db:60:49:31:5d:35:ae:bd:
14:d8:a5:14:8d:d9:c2:65:7d:0e:84:84:21:32:c6:78:b1:58:
73:37:f6:57:bb:aa:ca:0c:c4:b0:02:95:d1:4f:bc:f5:16:4f:
f5:a2:9b:af:51:0b:d7:f1:4b:ee:af:bb:ed:fc:a9:a3:ea:dd:
81:57:71:4f:8c:0d:e7:37:ed:78:3b:97:f2:da:64:e6:58:62:
71:13:0a:71:07:be:b9:f8:48:b1:3c:70:d9:0c:cb:0d:94:62:
b5:72:19:a2:4b:fc:7c:cd:a6:b5:b4:5b:56:84:00:dd:37:05:
68:87:66:36:98:3e:12:db:c7:ed:48:6d:47:69:9b:5f:9a:6f:
cb:4d:d1:a7:b2:f8:65:41:7a:e3:28:18:7f:7a:a4:89:61:0f:
84:4f:f3:4a:7a:02:0f:6e:a7:8d:e8:c2:e7:69:46:04:4f:8c:
91:50:be:06
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUMVSgPJmo7w/GnRLZpXsPz2RpIcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMjBaFw0yNTEyMjYxMTQ3MjBaMDMxMTAvBgNV
BAMTKEFBOTI2QkVEREZGRkUzM0ZFQ0VDNjVCQUI5OEEwQjk1MEJERDE3MjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWtf3M4tg9pBHgWWYE7vBc7xGD
Lnn/zgXDlVu42Tx8bXydo5r4KMot9jAygjFogjbOZMxXe1gSCQuu0qGEDsDY6lCA
//Hqy1hXzH+lavj1sjg22DW9HBDLDL28YGN4g8Q9EJAGAF/7ppi3ZKsavVKATlmg
9zZvHAfOP88KPWlxpNPvyL5pjhY9/tt74DSgpbGyVDYKIgfLkzcI9ES25lyzVU+6
o1p3taQzCvm487lFQsqbXMa1XENFq5w64dopxM2nLWXH9CLAhdcTbCqFAE6GMm6L
HgKYo4lLBSqAEwO262Ga1VtQ821MdwheF1RtLZYrNI0xUX0qBlW/gbOOky9xAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUqpJr7d//4z/s7GW6uYoLlQvdFykwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTMyMmUzMTMxMzky
ZTM4MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABcd1AwDQYJKoZIhvcNAQELBQADggEBABKhrw2e/Fwf/EDW2zvh0AyiTaTs
kr3G9mc4Ogo5UptmgcJDuHovY7cDGjBwmAoMWeB3PL93RqqdpMOt/Meicv2NIy9H
VqAu7MtKSKLyYdwp+07bYEkxXTWuvRTYpRSN2cJlfQ6EhCEyxnixWHM39le7qsoM
xLACldFPvPUWT/Wim69RC9fxS+6vu+38qaPq3YFXcU+MDec37Xg7l/LaZOZYYnET
CnEHvrn4SLE8cNkMyw2UYrVyGaJL/HzNprW0W1aEAN03BWiHZjaYPhLbx+1IbUdp
m1+ab8tN0aey+GVBeuMoGH96pIlhD4RP80p6Ag9up43owudpRgRPjJFQvgY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:49:22 2025 by rpki-client