Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39342e3130312e3131322e302f32342d3234203d3e20323132323338.roa
File: 39342e3130312e3131322e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 91jRd5ene2MHHA91hGeyjdPEswScFs+yATwEJ1RBB78=
Subject key identifier: F3:A6:8D:8E:E6:AD:81:64:55:13:46:F5:F1:99:50:C2:6B:AF:B9:54
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 9D95F29D0FB31A2D525D5C0FEB3F9FA6CD5AA2
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39342e3130312e3131322e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 07 Feb 2025 12:27:51 +0000
ROA not before: Fri 07 Feb 2025 12:22:51 +0000
ROA not after: Fri 06 Feb 2026 12:27:51 +0000
asID: 212238
IP address blocks: 94.101.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
9d:95:f2:9d:0f:b3:1a:2d:52:5d:5c:0f:eb:3f:9f:a6:cd:5a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Feb 7 12:22:51 2025 GMT
Not After : Feb 6 12:27:51 2026 GMT
Subject: CN=F3A68D8EE6AD8164551346F5F19950C26BAFB954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fd:32:c3:b4:a7:a7:f6:35:c6:61:45:86:02:
1f:5a:27:b8:db:df:e8:24:22:31:6a:91:6a:bb:19:
a1:c4:c6:fc:f2:21:69:3a:91:cc:b1:1f:10:fd:15:
28:60:64:f3:c0:47:34:18:1e:17:9b:fa:a9:0b:d0:
4e:49:34:5b:fc:c3:88:c1:e8:d3:36:26:29:9a:77:
0b:c7:29:37:f2:86:f2:70:7c:84:7e:94:1b:de:2a:
be:99:06:4d:2e:bd:f3:7f:f9:1e:e5:db:e2:3d:da:
69:4b:a8:e6:6a:5e:be:32:cd:41:04:0c:ba:63:93:
b0:20:3c:a0:e8:e2:38:3c:69:0e:41:c5:1f:75:37:
86:79:00:60:45:a9:68:b4:ad:94:32:d1:8c:b2:e2:
d5:ce:83:35:d9:2a:04:6f:a0:24:9e:9b:ff:c4:5d:
08:b6:24:34:c9:61:36:02:b2:bd:a6:18:7e:2e:88:
6a:16:68:a7:1e:db:c1:b2:b4:21:0c:13:af:e2:d0:
8e:fe:85:c1:8f:4b:73:c4:3c:9f:4f:2f:b1:29:16:
aa:f8:17:00:c9:81:cc:a0:3c:c3:a5:18:6d:37:37:
20:28:45:d5:0b:57:3a:83:c6:3a:9f:f3:c2:eb:be:
48:8f:6e:88:20:f5:ae:31:c8:0b:fb:9e:36:66:91:
bb:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A6:8D:8E:E6:AD:81:64:55:13:46:F5:F1:99:50:C2:6B:AF:B9:54
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39342e3130312e3131322e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.112.0/24
Signature Algorithm: sha256WithRSAEncryption
31:bc:2a:55:79:d5:50:77:f9:dd:de:ed:47:ea:71:6b:20:cc:
0c:2f:bc:53:2a:29:71:d7:2d:ec:e4:88:bd:cd:7c:69:cf:3c:
7f:7d:2e:22:c5:43:6e:17:a7:9f:1d:69:ea:f8:d4:cc:ac:16:
a6:ba:be:3e:ab:ee:5a:2c:f2:e9:cd:e3:6b:b4:20:9a:6a:58:
b9:66:fa:92:e7:b8:de:87:22:4d:9e:a0:10:19:f0:97:ed:bb:
0b:87:5a:b1:b6:86:46:86:db:57:64:77:19:a7:54:96:9b:e0:
6b:57:6a:0b:2e:5b:64:5d:67:88:89:d2:2f:dd:ca:cf:23:d9:
36:ea:05:35:85:88:dd:98:de:47:5c:db:f0:91:f9:ca:19:42:
d4:d1:76:15:3e:17:9f:78:c2:40:8f:bc:71:db:41:46:d0:b6:
fe:20:a5:17:5a:a5:16:7a:f5:76:66:74:f9:19:06:e4:24:dc:
f8:83:1b:44:74:25:7a:09:c9:e0:bf:1b:a8:9d:8c:d4:58:6f:
94:eb:2d:bb:27:db:de:13:67:3a:18:6c:aa:0b:7a:12:a4:a7:
ba:8c:f3:10:7d:48:90:b1:67:a9:d3:0b:87:ba:a8:3f:fb:2c:
80:a0:40:ef:d9:fb:97:50:31:34:9f:7d:d4:ac:c1:55:22:0b:
6d:cf:67:90
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUAJ2V8p0PsxotUl1cD+s/n6bNWqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAyMDcxMjIyNTFaFw0yNjAyMDYxMjI3NTFaMDMxMTAvBgNV
BAMTKEYzQTY4RDhFRTZBRDgxNjQ1NTEzNDZGNUYxOTk1MEMyNkJBRkI5NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDj/TLDtKen9jXGYUWGAh9aJ7jb
3+gkIjFqkWq7GaHExvzyIWk6kcyxHxD9FShgZPPARzQYHheb+qkL0E5JNFv8w4jB
6NM2JimadwvHKTfyhvJwfIR+lBveKr6ZBk0uvfN/+R7l2+I92mlLqOZqXr4yzUEE
DLpjk7AgPKDo4jg8aQ5BxR91N4Z5AGBFqWi0rZQy0Yyy4tXOgzXZKgRvoCSem//E
XQi2JDTJYTYCsr2mGH4uiGoWaKce28GytCEME6/i0I7+hcGPS3PEPJ9PL7EpFqr4
FwDJgcygPMOlGG03NyAoRdULVzqDxjqf88LrvkiPbogg9a4xyAv7njZmkbsjAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU86aNjuatgWRVE0b18ZlQwmuvuVQwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTM0MmUzMTMwMzEy
ZTMxMzEzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMyMzMzOC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAF5lcDANBgkqhkiG9w0BAQsFAAOCAQEAMbwqVXnVUHf53d7tR+pxayDM
DC+8Uyopcdct7OSIvc18ac88f30uIsVDbhennx1p6vjUzKwWprq+PqvuWizy6c3j
a7QgmmpYuWb6kue43ociTZ6gEBnwl+27C4dasbaGRobbV2R3GadUlpvga1dqCy5b
ZF1niInSL93KzyPZNuoFNYWI3ZjeR1zb8JH5yhlC1NF2FT4Xn3jCQI+8cdtBRtC2
/iClF1qlFnr1dmZ0+RkG5CTc+IMbRHQlegnJ4L8bqJ2M1FhvlOstuyfb3hNnOhhs
qgt6EqSnuozzEH1IkLFnqdMLh7qoP/ssgKBA79n7l1AxNJ991KzBVSILbc9nkA==
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:45:54 2025 by rpki-client