Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3949.roa
File: AS3949.roa (raw, json)
Hash identifier: oTX09F0sGtSVYDdiB5nLuG5oRwQ3ommq/qN39kjuNtY=
Subject key identifier: F5:63:13:3A:41:81:F5:F1:2A:EE:9F:02:BC:48:BC:23:4D:A2:0F:1F
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 222859F292369035F3AA4EBECE9AABDF60DB8525
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3949.roa
Signing time: Tue 07 May 2024 09:46:04 +0000
ROA not before: Tue 07 May 2024 09:41:04 +0000
ROA not after: Tue 06 May 2025 09:46:04 +0000
asID: 3949
IP address blocks: 92.112.240.0/24 maxlen: 24
92.112.241.0/24 maxlen: 24
92.112.242.0/24 maxlen: 24
92.112.243.0/24 maxlen: 24
92.112.244.0/24 maxlen: 24
92.112.245.0/24 maxlen: 24
92.112.246.0/24 maxlen: 24
92.112.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:28:59:f2:92:36:90:35:f3:aa:4e:be:ce:9a:ab:df:60:db:85:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 7 09:41:04 2024 GMT
Not After : May 6 09:46:04 2025 GMT
Subject: CN=F563133A4181F5F12AEE9F02BC48BC234DA20F1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b6:fb:38:18:db:2e:9f:e5:02:84:ee:0f:e6:
f7:65:17:85:83:99:eb:2f:03:25:04:8e:8b:58:03:
73:dd:4a:7a:c7:1e:38:ee:c9:51:3b:28:7b:35:68:
8d:38:a6:b9:c0:00:bb:0a:3f:af:58:30:27:c6:6a:
2e:65:49:ba:5a:34:2a:7a:0a:2b:3e:b8:79:46:cd:
9c:00:e9:d2:b2:da:b5:8e:eb:7c:85:ab:8b:34:e7:
99:5f:42:72:25:ab:54:98:a8:0b:e4:8f:d4:9c:ed:
98:97:b5:2c:7c:8c:59:90:5b:ab:73:3a:b5:01:d3:
11:71:fd:1e:c1:f7:29:e9:5d:b6:a7:a2:ac:64:76:
21:69:fd:68:1a:6e:17:1b:04:0b:65:cd:31:77:fd:
08:e3:d4:1b:08:98:95:fd:92:08:84:5b:8f:80:cd:
0d:38:4e:46:ec:e1:e1:62:17:f4:9b:7d:60:35:49:
70:4e:fe:c2:8d:47:3e:88:b3:3f:37:85:c3:ad:07:
a6:a6:5b:f1:96:3b:a4:53:13:bf:39:8d:e5:bb:50:
9d:5f:59:ed:6b:4c:c3:aa:f3:31:27:c3:06:7f:0d:
1d:7d:56:30:26:99:ab:de:76:3a:91:98:6a:8b:33:
be:32:a3:25:4d:3d:54:08:45:dc:99:24:5f:5b:fa:
41:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:63:13:3A:41:81:F5:F1:2A:EE:9F:02:BC:48:BC:23:4D:A2:0F:1F
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3949.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.240.0/21
Signature Algorithm: sha256WithRSAEncryption
60:50:db:04:43:74:a8:87:13:fd:a0:cb:1b:65:d1:4a:92:58:
da:8a:a3:79:ff:78:ca:62:f9:3b:85:f0:a7:34:55:39:c8:90:
6e:f7:3d:87:70:12:14:40:78:cf:7f:98:83:c9:14:f8:cd:cb:
b2:6a:2e:82:20:f9:03:da:a5:09:69:b4:3e:df:eb:ac:b7:68:
e0:77:a5:af:72:2f:f5:58:10:4b:d2:8d:cf:c6:3c:7a:6e:b8:
2b:66:d0:a2:c1:37:78:3f:99:ba:95:e2:93:92:97:b4:da:60:
d2:4c:cc:e3:e1:c4:6d:a5:45:38:8d:c7:c9:94:79:17:b5:93:
75:92:83:b4:fd:70:20:86:70:ed:cb:13:e9:4e:0a:51:18:ef:
a3:be:2a:b7:f3:69:9b:5c:9e:cb:ee:19:a7:d8:84:53:38:5a:
80:6e:49:7e:be:3e:c9:ee:cf:36:68:82:53:f7:57:5b:b1:5b:
7f:11:e1:c0:67:2a:16:62:7c:26:85:d6:ad:28:33:55:11:90:
45:f6:ec:19:91:53:ea:9e:4d:0a:be:fa:16:be:71:88:b5:0d:
d9:da:e7:a2:00:33:d6:74:1a:02:11:37:ed:cc:56:52:be:49:
61:46:9e:8a:d7:15:11:15:5d:4a:5d:ea:76:c4:0d:bc:b7:b5:
ed:6f:71:06
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUIihZ8pI2kDXzqk6+zpqr32DbhSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDA1MDcwOTQxMDRaFw0yNTA1MDYwOTQ2MDRaMDMxMTAvBgNV
BAMTKEY1NjMxMzNBNDE4MUY1RjEyQUVFOUYwMkJDNDhCQzIzNERBMjBGMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8tvs4GNsun+UChO4P5vdlF4WD
mesvAyUEjotYA3PdSnrHHjjuyVE7KHs1aI04prnAALsKP69YMCfGai5lSbpaNCp6
Cis+uHlGzZwA6dKy2rWO63yFq4s055lfQnIlq1SYqAvkj9Sc7ZiXtSx8jFmQW6tz
OrUB0xFx/R7B9ynpXbanoqxkdiFp/WgabhcbBAtlzTF3/Qjj1BsImJX9kgiEW4+A
zQ04Tkbs4eFiF/SbfWA1SXBO/sKNRz6Isz83hcOtB6amW/GWO6RTE785jeW7UJ1f
We1rTMOq8zEnwwZ/DR19VjAmmavedjqRmGqLM74yoyVNPVQIRdyZJF9b+kF7AgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQU9WMTOkGB9fEq7p8CvEi8I02iDx8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzk0OS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1xw8DAN
BgkqhkiG9w0BAQsFAAOCAQEAYFDbBEN0qIcT/aDLG2XRSpJY2oqjef94ymL5O4Xw
pzRVOciQbvc9h3ASFEB4z3+Yg8kU+M3LsmougiD5A9qlCWm0Pt/rrLdo4Helr3Iv
9VgQS9KNz8Y8em64K2bQosE3eD+ZupXik5KXtNpg0kzM4+HEbaVFOI3HyZR5F7WT
dZKDtP1wIIZw7csT6U4KURjvo74qt/Npm1yey+4Zp9iEUzhagG5Jfr4+ye7PNmiC
U/dXW7FbfxHhwGcqFmJ8JoXWrSgzVRGQRfbsGZFT6p5NCr76Fr5xiLUN2drnogAz
1nQaAhE37cxWUr5JYUaeitcVERVdSl3qdsQNvLe17W9xBg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:28:07 2024 by rpki-client on console-ams.rpki-client.org