Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e203631333137.roa
File: 3139342e3136392e3231372e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: 474jzNnuQAItvZPNABYk3t45B/99SxTTX0Rwgq2BOog=
Subject key identifier: B6:81:81:FC:A0:80:F8:8F:ED:08:2C:9B:84:6D:74:8D:40:11:50:B0
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 29AE8F0695643DCACD27498756672B12E2BB56FC
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e203631333137.roa
Signing time: Tue 09 Jan 2024 22:27:23 +0000
ROA not before: Tue 09 Jan 2024 22:22:23 +0000
ROA not after: Tue 07 Jan 2025 22:27:23 +0000
asID: 61317
IP address blocks: 194.169.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:ae:8f:06:95:64:3d:ca:cd:27:49:87:56:67:2b:12:e2:bb:56:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jan 9 22:22:23 2024 GMT
Not After : Jan 7 22:27:23 2025 GMT
Subject: CN=B68181FCA080F88FED082C9B846D748D401150B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8c:0f:da:e2:b0:0f:08:93:ae:d3:0b:5c:ab:
10:43:e3:7f:81:eb:50:c0:f7:39:38:cd:00:8b:b8:
c8:fa:6e:8e:0d:77:34:0c:f3:62:b9:12:18:fd:c7:
55:3d:b8:37:78:11:e9:cb:49:5a:72:4b:99:7c:c8:
c6:1e:96:75:6e:7c:0a:ed:1a:f2:e5:e9:60:21:e5:
08:50:2a:39:26:5d:a8:dd:57:78:f2:6b:48:ca:f1:
09:73:52:59:04:7a:43:bf:46:3d:72:99:cf:30:d3:
10:af:37:96:f3:ae:48:12:59:2e:63:37:06:5f:79:
43:19:3f:d1:46:40:55:55:05:74:6c:f2:c6:97:ab:
45:18:4a:33:19:c9:20:a1:d2:f3:d5:52:50:d9:64:
6a:ae:ba:7b:c3:58:3e:22:f6:c9:c2:4a:4e:41:20:
2a:a6:bd:a5:ac:2a:4f:67:16:fc:ae:f3:9e:26:9b:
e4:2f:8f:2a:fb:55:7e:42:c8:91:b3:f2:24:5c:2d:
69:a6:2e:dc:99:09:c6:53:26:81:1d:21:fd:9d:67:
5f:07:b8:3f:97:25:25:0e:d2:66:95:0f:06:5a:c0:
7d:45:a5:c3:32:20:68:94:92:88:ef:7f:7d:79:7b:
19:ab:22:a4:12:2b:ce:33:6d:87:4c:6e:18:66:e7:
1e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:81:81:FC:A0:80:F8:8F:ED:08:2C:9B:84:6D:74:8D:40:11:50:B0
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
47:b3:c4:ab:3a:31:f5:88:cc:ce:d4:9a:3a:2c:2d:93:ce:13:
8b:b3:81:9a:74:b7:95:b5:16:bc:1c:be:be:3f:61:94:5a:a5:
e4:1f:56:c0:d9:62:46:9d:82:84:9d:cc:eb:59:c1:5a:6e:e4:
e1:50:3c:3c:db:4f:02:58:bc:26:01:05:91:ec:bb:a2:21:30:
94:7e:a8:82:81:77:f7:74:e5:6d:38:13:33:08:47:c6:63:2b:
94:74:6c:9e:39:22:14:91:50:26:7e:8a:c9:c7:b7:91:75:96:
86:6e:ab:f6:a5:20:08:14:22:7c:6c:e9:31:d3:22:84:ea:d2:
47:d5:7a:5e:2b:24:c6:78:c2:06:c6:3e:ea:ce:20:c7:fa:6e:
e9:3d:7a:3e:6a:48:d6:65:3b:88:08:01:c8:11:8b:1a:a1:ce:
17:39:e4:de:34:12:60:f1:5e:03:d2:c3:c9:62:e8:a3:e7:46:
46:22:65:01:a1:47:7e:53:3f:79:f3:66:9f:bf:8b:bb:a5:70:
66:ca:2b:ee:c2:97:0b:45:fb:3c:b0:15:03:c3:33:9e:5e:2f:
0d:ec:fd:e6:a6:58:b0:a1:6e:ff:83:45:75:d2:ca:59:fc:ae:
b6:aa:99:31:05:e0:8b:7f:9d:43:91:51:c9:cc:73:77:11:49:
16:25:d1:b8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKa6PBpVkPcrNJ0mHVmcrEuK7VvwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDAxMDkyMjIyMjNaFw0yNTAxMDcyMjI3MjNaMDMxMTAvBgNV
BAMTKEI2ODE4MUZDQTA4MEY4OEZFRDA4MkM5Qjg0NkQ3NDhENDAxMTUwQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDajA/a4rAPCJOu0wtcqxBD43+B
61DA9zk4zQCLuMj6bo4NdzQM82K5Ehj9x1U9uDd4EenLSVpyS5l8yMYelnVufArt
GvLl6WAh5QhQKjkmXajdV3jya0jK8QlzUlkEekO/Rj1ymc8w0xCvN5bzrkgSWS5j
NwZfeUMZP9FGQFVVBXRs8saXq0UYSjMZySCh0vPVUlDZZGquunvDWD4i9snCSk5B
ICqmvaWsKk9nFvyu854mm+Qvjyr7VX5CyJGz8iRcLWmmLtyZCcZTJoEdIf2dZ18H
uD+XJSUO0maVDwZawH1FpcMyIGiUkojvf315exmrIqQSK84zbYdMbhhm5x4lAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtoGB/KCA+I/tCCybhG10jUARULAwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTM0MmUzMTM2MzkyZTMy
MzEzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCqdkwDQYJKoZIhvcNAQELBQADggEBAEezxKs6MfWIzM7UmjosLZPOE4uzgZp0
t5W1Frwcvr4/YZRapeQfVsDZYkadgoSdzOtZwVpu5OFQPDzbTwJYvCYBBZHsu6Ih
MJR+qIKBd/d05W04EzMIR8ZjK5R0bJ45IhSRUCZ+isnHt5F1loZuq/alIAgUInxs
6THTIoTq0kfVel4rJMZ4wgbGPurOIMf6buk9ej5qSNZlO4gIAcgRixqhzhc55N40
EmDxXgPSw8li6KPnRkYiZQGhR35TP3nzZp+/i7ulcGbKK+7ClwtF+zywFQPDM55e
Lw3s/eamWLChbv+DRXXSyln8rraqmTEF4It/nUORUcnMc3cRSRYl0bg=
-----END CERTIFICATE-----
Generated at Sat May 4 11:36:52 2024 by rpki-client on console-fra.rpki-client.org