Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3137362e3131362e31392e302f32342d3234203d3e20323034313730.roa
File: 3137362e3131362e31392e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: IZk2I2kO0wjHc1xqgTBsN+PWCcLSDrSWXZyxL0U0Wx8=
Subject key identifier: 8D:6A:0A:49:5E:BF:CE:E9:3F:08:27:75:A2:92:C3:4E:2A:BA:47:8D
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 43E3759E9B5DB2C2BDB0F5BF569490C1B691FFFE
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3137362e3131362e31392e302f32342d3234203d3e20323034313730.roa
Signing time: Mon 30 Dec 2024 15:41:17 +0000
ROA not before: Mon 30 Dec 2024 15:36:17 +0000
ROA not after: Mon 29 Dec 2025 15:41:17 +0000
asID: 204170
IP address blocks: 176.116.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:28:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:e3:75:9e:9b:5d:b2:c2:bd:b0:f5:bf:56:94:90:c1:b6:91:ff:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:17 2024 GMT
Not After : Dec 29 15:41:17 2025 GMT
Subject: CN=8D6A0A495EBFCEE93F082775A292C34E2ABA478D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6e:d9:dd:f6:04:da:3c:10:5a:1b:40:3e:78:
de:85:bd:19:54:e7:71:be:97:c5:06:87:64:28:2f:
79:a0:79:c9:11:4e:0d:e6:c9:6a:dd:50:41:3a:e4:
9d:9a:ff:f5:a2:99:2b:4b:f4:2e:eb:ae:09:e5:c9:
4d:84:28:6e:e3:18:71:40:84:c9:a6:16:13:1d:d1:
80:9c:08:fc:74:92:8a:07:d3:2e:07:f9:d9:cb:0b:
0d:94:d1:b5:89:cf:d7:e6:08:01:81:91:fc:47:19:
6d:c1:4e:97:d3:7b:79:fb:6b:2b:60:78:e8:b5:23:
16:7f:7b:75:1c:52:c2:56:79:a6:6f:f6:42:7a:ad:
57:d3:92:4d:cb:a7:ef:c4:cf:63:d8:bb:55:90:32:
f2:1f:3e:98:cb:71:56:61:09:d7:a1:c0:e7:4e:47:
bc:ff:fe:2a:a9:52:1d:0a:48:e2:d9:88:b4:c2:40:
00:b2:41:a1:72:6b:a4:3f:c4:8d:cc:ec:50:91:47:
01:09:df:8c:7d:8c:bd:9b:2a:1b:95:45:dd:61:e1:
a2:2f:70:40:09:d6:ad:d7:24:b1:b1:3a:22:62:51:
dd:a6:05:f6:ba:2c:df:84:58:6e:17:64:c1:59:e1:
d0:8b:fc:2e:25:ac:7e:e5:59:2e:32:02:c2:c1:51:
64:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:6A:0A:49:5E:BF:CE:E9:3F:08:27:75:A2:92:C3:4E:2A:BA:47:8D
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3137362e3131362e31392e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.19.0/24
Signature Algorithm: sha256WithRSAEncryption
91:16:1d:a0:70:6b:7b:5d:3b:d4:1f:18:17:cb:76:49:7b:95:
b3:9a:0a:9b:45:0e:20:8a:2e:4b:6e:fc:08:ad:c7:f0:27:7a:
39:11:10:52:ec:aa:bc:71:7c:7f:85:10:70:97:d2:d6:55:22:
ef:95:ab:d4:89:df:8d:15:5f:d6:09:f6:df:12:d4:e7:33:91:
92:e3:10:05:5e:65:e9:3c:72:d9:18:12:60:59:41:54:a3:66:
30:6d:dc:5c:6d:0e:4f:4b:06:c3:97:fb:63:19:27:e0:c1:47:
5f:37:75:75:58:5f:70:d1:2c:e9:7c:7f:60:cd:37:97:3f:6b:
fc:40:a8:87:1f:29:b0:88:8d:78:e2:ad:7b:aa:56:b7:75:6c:
a7:83:df:68:4f:e5:99:d4:3c:ab:6e:2b:e7:c0:7c:2e:46:5c:
23:c2:b2:5e:88:dd:27:b9:aa:f9:ef:40:b6:9f:e3:df:e6:0c:
20:78:4a:49:e3:ac:b8:2b:a5:43:c8:e9:04:e9:ea:03:5b:f0:
f5:a6:f7:76:3f:dc:14:3d:81:7b:cf:34:74:61:39:15:23:95:
6c:e3:f7:1e:b3:4e:98:dc:c6:84:c2:bd:9c:28:f7:d4:7f:a3:
40:ce:d8:54:37:a1:21:03:5c:35:38:1e:9d:36:74:16:48:87:
e4:f4:a2:96
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQ+N1nptdssK9sPW/VpSQwbaR//4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MTdaFw0yNTEyMjkxNTQxMTdaMDMxMTAvBgNV
BAMTKDhENkEwQTQ5NUVCRkNFRTkzRjA4Mjc3NUEyOTJDMzRFMkFCQTQ3OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTbtnd9gTaPBBaG0A+eN6FvRlU
53G+l8UGh2QoL3mgeckRTg3myWrdUEE65J2a//WimStL9C7rrgnlyU2EKG7jGHFA
hMmmFhMd0YCcCPx0kooH0y4H+dnLCw2U0bWJz9fmCAGBkfxHGW3BTpfTe3n7aytg
eOi1IxZ/e3UcUsJWeaZv9kJ6rVfTkk3Lp+/Ez2PYu1WQMvIfPpjLcVZhCdehwOdO
R7z//iqpUh0KSOLZiLTCQACyQaFya6Q/xI3M7FCRRwEJ34x9jL2bKhuVRd1h4aIv
cEAJ1q3XJLGxOiJiUd2mBfa6LN+EWG4XZMFZ4dCL/C4lrH7lWS4yAsLBUWTJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjWoKSV6/zuk/CCd1opLDTiq6R40wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzNzM2MmUzMTMxMzYyZTMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzMTM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwdBMwDQYJKoZIhvcNAQELBQADggEBAJEWHaBwa3tdO9QfGBfLdkl7lbOaCptF
DiCKLktu/Aitx/AnejkREFLsqrxxfH+FEHCX0tZVIu+Vq9SJ340VX9YJ9t8S1Ocz
kZLjEAVeZek8ctkYEmBZQVSjZjBt3FxtDk9LBsOX+2MZJ+DBR183dXVYX3DRLOl8
f2DNN5c/a/xAqIcfKbCIjXjirXuqVrd1bKeD32hP5ZnUPKtuK+fAfC5GXCPCsl6I
3Se5qvnvQLaf49/mDCB4SknjrLgrpUPI6QTp6gNb8PWm93Y/3BQ9gXvPNHRhORUj
lWzj9x6zTpjcxoTCvZwo99R/o0DO2FQ3oSEDXDU4Hp02dBZIh+T0opY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:38:53 2025 by rpki-client