Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/0/3139332e33342e3139392e3132382f32362d3236203d3e2030.roa
File: 3139332e33342e3139392e3132382f32362d3236203d3e2030.roa (raw, json)
Hash identifier: eOQTwh7vkdtPeD9Z6S+azJ35o/wr1ntXvlf6L5dFg3E=
Subject key identifier: BD:D3:85:1E:60:79:AC:1C:DA:B6:13:4E:1B:CE:87:7E:DB:19:3B:91
Certificate issuer: /CN=7c4bb19365741b7885e0a322377b13b581d82e0e
Certificate serial: 322D4F0596E2266C63EACB201AE64F0B0BC9BCA6
Authority key identifier: 7C:4B:B1:93:65:74:1B:78:85:E0:A3:22:37:7B:13:B5:81:D8:2E:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fEuxk2V0G3iF4KMiN3sTtYHYLg4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/0/3139332e33342e3139392e3132382f32362d3236203d3e2030.roa
Signing time: Sun 07 Apr 2024 17:33:22 +0000
ROA not before: Sun 07 Apr 2024 17:28:22 +0000
ROA not after: Sun 06 Apr 2025 17:33:22 +0000
asID: 0
IP address blocks: 193.34.199.128/26 maxlen: 26
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/0/7C4BB19365741B7885E0A322377B13B581D82E0E.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/0/7C4BB19365741B7885E0A322377B13B581D82E0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/fEuxk2V0G3iF4KMiN3sTtYHYLg4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:2d:4f:05:96:e2:26:6c:63:ea:cb:20:1a:e6:4f:0b:0b:c9:bc:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c4bb19365741b7885e0a322377b13b581d82e0e
Validity
Not Before: Apr 7 17:28:22 2024 GMT
Not After : Apr 6 17:33:22 2025 GMT
Subject: CN=BDD3851E6079AC1CDAB6134E1BCE877EDB193B91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:15:42:21:e9:4a:33:db:a4:76:b0:67:29:52:
44:a2:dc:37:48:2d:15:41:5c:70:31:c4:85:7b:64:
cb:c9:b9:32:55:c5:c6:f6:81:f8:3d:af:6e:a8:d9:
b2:f5:d4:42:1e:0d:a1:3a:17:3e:dd:95:5a:c4:2b:
b5:0a:85:3f:e6:cb:b5:ef:fc:f8:b6:d4:5a:58:9b:
56:a2:ae:c2:90:74:78:15:cb:dc:1f:c5:38:ba:64:
d9:59:48:2e:e9:1f:29:9d:39:fb:eb:4c:7a:84:70:
63:92:84:e1:4b:05:59:84:a4:9c:72:10:7b:b5:5c:
5d:7e:e2:63:0a:0d:2c:3b:b9:9f:3a:15:e7:63:3e:
2c:22:c3:f9:99:95:19:e9:20:91:78:e0:e4:f1:5c:
a1:ac:dd:de:01:5a:6c:4a:7e:7b:3c:26:0a:3c:f5:
0d:88:49:1c:14:f1:7f:9a:71:dc:5b:87:80:98:6d:
4f:f2:c0:38:aa:cf:02:9d:01:50:6b:47:04:7a:50:
b2:e8:5c:37:19:e9:14:82:71:f1:88:b1:8c:21:78:
45:d4:41:bd:3c:09:a7:82:38:ab:a1:69:b7:e9:df:
88:d5:82:10:89:28:24:7a:73:aa:1e:32:26:db:a6:
51:e8:9d:e2:04:61:c2:73:4e:d4:3e:a1:85:b6:05:
37:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:D3:85:1E:60:79:AC:1C:DA:B6:13:4E:1B:CE:87:7E:DB:19:3B:91
X509v3 Authority Key Identifier:
keyid:7C:4B:B1:93:65:74:1B:78:85:E0:A3:22:37:7B:13:B5:81:D8:2E:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/0/7C4BB19365741B7885E0A322377B13B581D82E0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEuxk2V0G3iF4KMiN3sTtYHYLg4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/0/3139332e33342e3139392e3132382f32362d3236203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.199.128/26
Signature Algorithm: sha256WithRSAEncryption
0e:c7:ca:b0:69:5e:14:ac:c4:af:22:4f:08:f3:d7:d8:96:d0:
50:5f:78:93:01:7b:f1:54:9b:da:ac:e2:aa:c9:de:43:33:95:
52:cd:c9:58:18:e5:88:b4:c6:a0:96:73:aa:3a:87:c4:3f:a1:
d7:50:47:16:4a:01:43:76:42:e4:90:4a:1e:ac:b3:65:89:ff:
c5:4a:1b:7d:eb:97:41:3c:4b:a0:66:bb:78:cf:3c:5d:40:8e:
6d:86:a2:60:b8:a6:8a:76:d5:9a:48:69:1e:fb:ea:19:01:42:
ea:bc:04:5f:4b:48:fa:c6:ff:57:90:20:96:62:1a:b9:77:1b:
e4:08:87:da:d8:7b:0b:64:06:80:13:67:89:da:db:da:a9:e8:
7d:e7:7e:be:4b:32:4c:4b:ca:99:3c:41:56:11:1b:b5:58:fe:
d2:52:e8:bd:b2:78:3f:6d:1c:b5:63:95:7c:ee:9b:50:9b:9c:
41:d0:19:0f:22:47:79:41:c2:b7:89:0d:c6:43:0c:48:5f:38:
27:ac:94:fc:60:35:cd:cf:93:99:fd:c5:96:da:e8:2d:42:65:
fd:3d:03:bf:f3:5d:9f:98:a7:e4:e9:cd:1f:d8:25:fb:6e:5f:
2e:ff:8f:73:39:73:7e:16:61:80:97:ed:2e:7d:75:0d:df:05:
3b:ad:a1:f8
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUMi1PBZbiJmxj6ssgGuZPCwvJvKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2M0YmIxOTM2NTc0MWI3ODg1ZTBhMzIyMzc3YjEzYjU4
MWQ4MmUwZTAeFw0yNDA0MDcxNzI4MjJaFw0yNTA0MDYxNzMzMjJaMDMxMTAvBgNV
BAMTKEJERDM4NTFFNjA3OUFDMUNEQUI2MTM0RTFCQ0U4NzdFREIxOTNCOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnFUIh6Uoz26R2sGcpUkSi3DdI
LRVBXHAxxIV7ZMvJuTJVxcb2gfg9r26o2bL11EIeDaE6Fz7dlVrEK7UKhT/my7Xv
/Pi21FpYm1airsKQdHgVy9wfxTi6ZNlZSC7pHymdOfvrTHqEcGOShOFLBVmEpJxy
EHu1XF1+4mMKDSw7uZ86FedjPiwiw/mZlRnpIJF44OTxXKGs3d4BWmxKfns8Jgo8
9Q2ISRwU8X+acdxbh4CYbU/ywDiqzwKdAVBrRwR6ULLoXDcZ6RSCcfGIsYwheEXU
Qb08CaeCOKuhabfp34jVghCJKCR6c6oeMibbplHoneIEYcJzTtQ+oYW2BTfzAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUvdOFHmB5rBzathNOG86HftsZO5EwHwYDVR0j
BBgwFoAUfEuxk2V0G3iF4KMiN3sTtYHYLg4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmNhODExZjgtZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcx
NjhmLzAvN0M0QkIxOTM2NTc0MUI3ODg1RTBBMzIyMzc3QjEzQjU4MUQ4MkUwRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZFdXhrMlYwRzNpRjRLTWlOM3NUdFlI
WUxnNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmNhODExZjgt
ZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcxNjhmLzAvMzEzOTMzMmUzMzM0MmUzMTM5
MzkyZTMxMzIzODJmMzIzNjJkMzIzNjIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgABMAcDBQbBIseA
MA0GCSqGSIb3DQEBCwUAA4IBAQAOx8qwaV4UrMSvIk8I89fYltBQX3iTAXvxVJva
rOKqyd5DM5VSzclYGOWItMaglnOqOofEP6HXUEcWSgFDdkLkkEoerLNlif/FSht9
65dBPEugZrt4zzxdQI5thqJguKaKdtWaSGke++oZAULqvARfS0j6xv9XkCCWYhq5
dxvkCIfa2HsLZAaAE2eJ2tvaqeh9536+SzJMS8qZPEFWERu1WP7SUui9sng/bRy1
Y5V87ptQm5xB0BkPIkd5QcK3iQ3GQwxIXzgnrJT8YDXNz5OZ/cWW2ugtQmX9PQO/
812fmKfk6c0f2CX7bl8u/49zOXN+FmGAl+0ufXUN3wU7raH4
-----END CERTIFICATE-----
Generated at Sat May 4 01:54:32 2024 by rpki-client on console-fra.rpki-client.org