Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39342e3130312e3131342e302f32342d3234203d3e20313336373837.roa
File: 39342e3130312e3131342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: QUdQU80GAp+f0V6rX1aB1ERjYsw413x1Bjlr9KP/7UI=
Subject key identifier: C2:10:58:D2:FD:7A:DA:20:96:D9:42:0A:98:91:07:7A:A9:E1:07:C2
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 7C50772537B4CA83B9BC49316DF640E46C41B8E3
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39342e3130312e3131342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Dec 2024 15:23:36 +0000
ROA not before: Fri 20 Dec 2024 15:18:36 +0000
ROA not after: Fri 19 Dec 2025 15:23:36 +0000
asID: 136787
IP address blocks: 94.101.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:50:77:25:37:b4:ca:83:b9:bc:49:31:6d:f6:40:e4:6c:41:b8:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:36 2024 GMT
Not After : Dec 19 15:23:36 2025 GMT
Subject: CN=C21058D2FD7ADA2096D9420A9891077AA9E107C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:03:9a:02:17:90:aa:93:90:a0:a1:7f:e4:af:
33:14:c6:28:6e:4d:36:9b:9f:6b:65:15:de:46:cd:
e3:e0:64:66:90:82:de:40:ff:00:9e:fa:cf:f5:54:
ac:dd:11:e3:d3:d5:f3:bd:c8:f0:d6:4b:29:53:b9:
c1:cd:9b:00:6f:00:b7:b3:29:a8:88:0f:9f:c3:fb:
20:28:81:ec:b1:8e:ad:35:d6:dc:82:9f:d4:59:04:
3c:4a:d5:ac:e3:0d:d5:a5:e9:4a:80:4b:fe:84:06:
4e:cc:57:f4:5b:cd:21:22:b8:3f:f8:4d:a3:a0:af:
d9:4b:89:ea:a3:84:25:fc:6b:0b:0c:8c:0b:d5:6b:
77:f3:e1:d0:14:ec:ea:e4:35:4d:5f:c9:46:76:6d:
2d:17:66:5b:78:f7:4a:59:1b:df:bc:cc:66:05:c4:
77:6e:bb:3f:36:f3:28:8a:6a:9b:a6:4b:3c:82:89:
69:81:84:07:09:c4:6f:5f:bf:91:03:76:ab:a6:c6:
9e:10:c2:b5:77:ba:f5:67:c7:c8:8d:c5:21:8c:ff:
a5:1b:3d:30:75:8b:b9:45:3a:16:33:78:19:11:d2:
04:9d:66:2f:b2:eb:0e:37:4b:f5:e1:f5:50:97:b5:
18:f2:dc:60:09:e0:9e:c5:1d:cd:09:52:03:18:9b:
dc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:10:58:D2:FD:7A:DA:20:96:D9:42:0A:98:91:07:7A:A9:E1:07:C2
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/39342e3130312e3131342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.114.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:cb:ac:ff:41:ca:72:ed:38:5f:65:65:53:c2:90:35:f7:6d:
d5:cb:a2:d1:54:66:63:b0:30:b5:f5:21:ff:68:56:79:85:f2:
36:1f:4c:77:4a:1f:65:b5:7f:3f:e1:92:73:0e:ad:35:e1:3f:
e6:25:21:d8:28:cc:b4:7d:e5:28:cf:f7:77:3f:05:61:58:c4:
43:ff:d4:11:86:8a:fd:33:3c:8f:3f:9f:25:9b:8c:0a:51:a6:
b6:91:09:3d:a6:ff:94:e9:06:84:9c:d1:73:83:76:7b:ee:93:
1c:64:44:b0:4a:40:49:ed:8c:83:b2:92:aa:87:6b:71:8b:5f:
6b:39:74:c6:a5:35:cf:f3:d5:58:ab:0f:75:bf:77:17:a9:96:
cd:60:5b:90:cf:2c:ba:c2:66:d9:7f:0f:6d:3f:3b:0a:7a:3b:
73:2d:11:21:e0:ab:42:1c:74:75:ad:ce:b8:77:38:da:e3:d9:
55:6d:44:87:08:ae:1e:21:cf:96:2f:bc:8a:93:49:95:1b:16:
29:32:4c:a8:e8:47:3b:4a:1b:45:26:77:dc:cc:c5:5c:e1:9c:
e9:60:84:a2:ec:4f:15:4a:26:ba:aa:97:66:55:44:25:83:6e:
83:7e:c2:3e:5b:10:8b:cb:96:8e:95:e4:06:a2:82:88:6e:70:
b6:b0:a6:d7
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUfFB3JTe0yoO5vEkxbfZA5GxBuOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzZaFw0yNTEyMTkxNTIzMzZaMDMxMTAvBgNV
BAMTKEMyMTA1OEQyRkQ3QURBMjA5NkQ5NDIwQTk4OTEwNzdBQTlFMTA3QzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDA5oCF5Cqk5CgoX/krzMUxihu
TTabn2tlFd5GzePgZGaQgt5A/wCe+s/1VKzdEePT1fO9yPDWSylTucHNmwBvALez
KaiID5/D+yAogeyxjq011tyCn9RZBDxK1azjDdWl6UqAS/6EBk7MV/RbzSEiuD/4
TaOgr9lLieqjhCX8awsMjAvVa3fz4dAU7OrkNU1fyUZ2bS0XZlt490pZG9+8zGYF
xHduuz828yiKapumSzyCiWmBhAcJxG9fv5EDdqumxp4QwrV3uvVnx8iNxSGM/6Ub
PTB1i7lFOhYzeBkR0gSdZi+y6w43S/Xh9VCXtRjy3GAJ4J7FHc0JUgMYm9xVAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUwhBY0v162iCW2UIKmJEHeqnhB8IwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zOTM0MmUzMTMwMzEy
ZTMxMzEzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAF5lcjANBgkqhkiG9w0BAQsFAAOCAQEAusus/0HKcu04X2VlU8KQNfdt
1cui0VRmY7AwtfUh/2hWeYXyNh9Md0ofZbV/P+GScw6tNeE/5iUh2CjMtH3lKM/3
dz8FYVjEQ//UEYaK/TM8jz+fJZuMClGmtpEJPab/lOkGhJzRc4N2e+6THGREsEpA
Se2Mg7KSqodrcYtfazl0xqU1z/PVWKsPdb93F6mWzWBbkM8susJm2X8PbT87Cno7
cy0RIeCrQhx0da3OuHc42uPZVW1EhwiuHiHPli+8ipNJlRsWKTJMqOhHO0obRSZ3
3MzFXOGc6WCEouxPFUomuqqXZlVEJYNug37CPlsQi8uWjpXkBqKCiG5wtrCm1w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:03:10 2025 by rpki-client