Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3234322e3138382e302f32342d3234203d3e20313336373837.roa
File: 39322e3234322e3138382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: I/B13AcXZw9ZF1TTtJEv6ZhiLxuS212gnmbk7t36XZ0=
Subject key identifier: E4:00:A8:29:09:1F:22:BB:92:50:11:C6:D0:9A:5E:CE:DB:A5:65:64
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 07B96B07B70F3CC4E5D4AF0F6F07D6E62F40301C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3234322e3138382e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 11:47:10 +0000
ROA not before: Fri 27 Dec 2024 11:42:10 +0000
ROA not after: Fri 26 Dec 2025 11:47:10 +0000
asID: 136787
IP address blocks: 92.242.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:b9:6b:07:b7:0f:3c:c4:e5:d4:af:0f:6f:07:d6:e6:2f:40:30:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:10 2024 GMT
Not After : Dec 26 11:47:10 2025 GMT
Subject: CN=E400A829091F22BB925011C6D09A5ECEDBA56564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:31:95:45:35:6e:1e:f1:0a:7b:b5:4b:1c:8a:
71:8a:4e:4c:87:92:7e:76:37:32:26:17:64:4e:c1:
02:65:3e:a0:7e:ad:4f:c7:cb:3c:07:26:68:ea:80:
7c:58:3b:77:83:58:fa:de:7f:ba:8c:e3:ed:a6:05:
93:59:46:44:6b:bb:9f:c5:26:cf:f8:58:6a:ad:de:
9a:ce:75:7d:b0:27:ef:a1:68:fa:46:fb:3e:e3:b6:
24:5f:44:4d:1a:2f:76:4e:ec:06:b3:38:7d:1b:97:
02:6e:ab:40:41:fa:ef:78:75:cc:58:5b:83:13:48:
25:a8:7c:75:e4:ba:67:8d:ca:a3:05:9a:89:d2:f0:
7c:bd:86:ce:41:8e:96:1a:5b:dd:ce:3b:32:e7:11:
35:d4:a3:3f:6c:a3:80:29:fc:28:56:ce:61:ce:a9:
9f:e0:b8:86:b9:63:b0:4a:d6:48:01:89:53:7f:06:
8b:1b:77:51:4f:bc:ba:86:d5:59:4f:8b:a0:93:6a:
a7:5e:65:0e:e4:00:78:f4:63:a6:6b:ea:38:43:0b:
fc:58:54:e5:26:7f:52:4d:b3:27:57:af:25:34:96:
7f:c7:fd:30:8e:65:cf:78:f7:fc:b9:9c:d7:57:aa:
bd:8e:9e:a3:8e:a4:75:e3:ab:1e:a1:d3:2a:e5:71:
dd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:00:A8:29:09:1F:22:BB:92:50:11:C6:D0:9A:5E:CE:DB:A5:65:64
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39322e3234322e3138382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.242.188.0/24
Signature Algorithm: sha256WithRSAEncryption
57:4c:24:9c:0b:27:73:cf:6c:75:6b:b4:90:6e:b0:8f:61:b0:
df:73:9d:1d:c8:b1:22:dc:90:18:83:65:03:35:97:b9:dc:90:
83:2d:4d:86:8d:c5:4b:da:e8:35:79:2e:1f:a5:a2:95:8f:5c:
be:1a:7e:7d:5f:ab:43:b0:27:e5:48:d0:3a:b8:bd:f0:b0:8b:
4f:72:07:c2:75:b6:ec:a7:95:c2:54:d9:22:b6:5e:63:39:04:
56:c5:5c:2b:98:ec:6e:c9:47:c9:00:83:89:18:1d:21:db:3a:
95:5a:d7:5c:52:96:a1:44:c4:dd:aa:bc:c5:45:e7:79:a3:7f:
41:7a:9b:1b:aa:4c:d5:df:8d:cf:a5:15:74:14:1f:b5:f9:5e:
fd:61:d6:c7:44:24:a7:a6:33:3b:35:f3:5e:73:30:49:84:4f:
58:af:c7:b1:80:1b:1c:71:bb:1b:8c:69:c6:74:74:04:f1:a4:
69:14:0d:e5:ab:a8:de:f0:b4:db:06:50:22:90:f1:1e:2d:2c:
8b:d5:61:10:25:45:1e:a6:a4:16:04:cd:53:29:da:b8:07:96:
3c:96:24:85:06:ed:0e:28:d1:0c:59:0c:e8:38:e3:69:88:19:
9d:94:be:2a:9b:85:b7:96:b6:af:bd:e0:3e:fb:e1:9e:55:c8:
fe:96:4e:d5
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUB7lrB7cPPMTl1K8PbwfW5i9AMBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMTBaFw0yNTEyMjYxMTQ3MTBaMDMxMTAvBgNV
BAMTKEU0MDBBODI5MDkxRjIyQkI5MjUwMTFDNkQwOUE1RUNFREJBNTY1NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDMZVFNW4e8Qp7tUscinGKTkyH
kn52NzImF2ROwQJlPqB+rU/HyzwHJmjqgHxYO3eDWPref7qM4+2mBZNZRkRru5/F
Js/4WGqt3prOdX2wJ++haPpG+z7jtiRfRE0aL3ZO7AazOH0blwJuq0BB+u94dcxY
W4MTSCWofHXkumeNyqMFmonS8Hy9hs5BjpYaW93OOzLnETXUoz9so4Ap/ChWzmHO
qZ/guIa5Y7BK1kgBiVN/Bosbd1FPvLqG1VlPi6CTaqdeZQ7kAHj0Y6Zr6jhDC/xY
VOUmf1JNsydXryU0ln/H/TCOZc949/y5nNdXqr2OnqOOpHXjqx6h0yrlcd3PAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU5ACoKQkfIruSUBHG0JpeztulZWQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTMyMmUzMjM0MzIy
ZTMxMzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAFzyvDANBgkqhkiG9w0BAQsFAAOCAQEAV0wknAsnc89sdWu0kG6wj2Gw
33OdHcixItyQGINlAzWXudyQgy1Nho3FS9roNXkuH6WilY9cvhp+fV+rQ7An5UjQ
Ori98LCLT3IHwnW27KeVwlTZIrZeYzkEVsVcK5jsbslHyQCDiRgdIds6lVrXXFKW
oUTE3aq8xUXneaN/QXqbG6pM1d+Nz6UVdBQftfle/WHWx0Qkp6YzOzXzXnMwSYRP
WK/HsYAbHHG7G4xpxnR0BPGkaRQN5auo3vC02wZQIpDxHi0si9VhECVFHqakFgTN
UynauAeWPJYkhQbtDijRDFkM6DjjaYgZnZS+KpuFt5a2r73gPvvhnlXI/pZO1Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:54:51 2025 by rpki-client