Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233352e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233352e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: e6fKLtzqKV4vVVMK/UiNChu+j/WHpA2fqogQ5G2TDRo=
Subject key identifier: CB:2D:06:3C:3F:E4:D0:29:66:32:4E:58:33:78:5C:E0:CC:51:69:F4
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 320AB3730DC4E46BF68C30F113B9838DD6EFF616
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233352e302f32342d3234203d3e203438303730.roa
Signing time: Tue 25 Jul 2023 15:01:26 +0000
ROA not before: Tue 25 Jul 2023 14:56:26 +0000
ROA not after: Tue 23 Jul 2024 15:01:26 +0000
asID: 48070
IP address blocks: 94.126.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:0a:b3:73:0d:c4:e4:6b:f6:8c:30:f1:13:b9:83:8d:d6:ef:f6:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jul 25 14:56:26 2023 GMT
Not After : Jul 23 15:01:26 2024 GMT
Subject: CN=CB2D063C3FE4D02966324E5833785CE0CC5169F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ef:0a:60:37:b2:6b:5e:4b:43:00:dc:0e:e4:
db:b9:59:cc:5b:20:2f:58:0a:d0:d3:0a:1b:51:63:
65:2d:ab:03:12:a0:42:0d:72:5d:4e:5d:7b:ad:18:
95:8a:3d:75:d7:42:c7:20:a2:e7:9a:99:80:a8:70:
01:5d:cc:ea:62:10:36:95:74:0e:de:75:45:c6:76:
b6:32:a9:00:25:09:40:d5:c4:bf:b8:12:1a:9f:66:
1c:8d:ae:bd:16:2e:b8:2d:61:39:1b:63:e9:da:e0:
f7:8a:a5:3f:35:ff:f3:75:df:48:12:5d:61:a4:04:
c7:1a:61:c0:11:ab:19:52:19:c0:63:98:bd:9c:ae:
d8:12:6f:3b:a0:e3:07:ba:ec:8b:ef:f2:1e:a9:0e:
15:e6:7c:9b:cc:fe:65:ad:f0:0d:a8:9a:7c:a5:03:
55:6e:4d:f3:e1:43:69:6f:b4:54:6b:7d:8c:f9:23:
dc:59:29:44:07:19:53:6a:c7:6c:bb:64:cf:8a:b1:
91:2b:aa:28:10:7b:ae:c9:63:5b:a2:9f:f4:ba:8e:
be:54:76:d7:ab:63:7f:19:2a:da:bc:d1:6e:91:c0:
04:93:6e:24:6e:4c:75:44:cf:7e:61:b5:ce:92:12:
57:0a:5e:ee:87:c6:fb:f9:87:aa:a1:d8:77:49:15:
b3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:2D:06:3C:3F:E4:D0:29:66:32:4E:58:33:78:5C:E0:CC:51:69:F4
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233352e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.235.0/24
Signature Algorithm: sha256WithRSAEncryption
39:f1:65:48:ea:88:bb:0c:2a:fc:21:4e:c2:08:b4:f3:71:35:
da:1e:54:45:e3:13:87:24:87:58:d7:fe:4b:9e:51:62:9a:f6:
f9:6c:2c:1d:a6:6f:d4:b9:f5:87:d6:62:07:50:74:7d:d1:f2:
8e:ed:3e:73:ec:84:68:59:f6:14:3e:1f:36:71:58:43:3b:70:
74:5f:a2:13:dc:f6:8f:e0:ee:b4:8a:e7:18:06:22:85:1a:d3:
1b:6d:60:98:1b:4b:55:e2:d2:a4:48:25:66:a6:ed:eb:ae:9b:
b1:77:54:4e:30:8e:fb:0c:1e:bf:d4:45:d6:b2:8d:cb:b5:3d:
5e:49:26:9f:94:0c:37:58:d4:95:f1:91:b5:c4:d8:7d:45:20:
87:34:29:ea:92:9c:7c:94:bd:dd:55:a6:c2:0b:93:fa:30:4e:
ed:04:ee:d6:74:3a:74:ee:54:8a:40:53:f5:5f:17:d5:cf:63:
26:48:22:0a:ca:e1:53:1d:8b:73:c5:bf:dc:f9:27:7e:69:5c:
0a:42:fe:2d:c8:40:c1:a1:3d:62:e1:8a:09:41:cb:85:49:49:
27:d7:59:06:f8:fc:d9:16:ed:bd:9c:4d:b1:6a:34:e5:6b:de:
96:ac:32:1e:fd:cb:0b:92:78:7d:0c:30:2a:1d:38:a4:0c:d6:
e7:8e:62:08
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMgqzcw3E5Gv2jDDxE7mDjdbv9hYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yMzA3MjUxNDU2MjZaFw0yNDA3MjMxNTAxMjZaMDMxMTAvBgNV
BAMTKENCMkQwNjNDM0ZFNEQwMjk2NjMyNEU1ODMzNzg1Q0UwQ0M1MTY5RjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU7wpgN7JrXktDANwO5Nu5Wcxb
IC9YCtDTChtRY2UtqwMSoEINcl1OXXutGJWKPXXXQscgoueamYCocAFdzOpiEDaV
dA7edUXGdrYyqQAlCUDVxL+4EhqfZhyNrr0WLrgtYTkbY+na4PeKpT81//N130gS
XWGkBMcaYcARqxlSGcBjmL2crtgSbzug4we67Ivv8h6pDhXmfJvM/mWt8A2omnyl
A1VuTfPhQ2lvtFRrfYz5I9xZKUQHGVNqx2y7ZM+KsZErqigQe67JY1uin/S6jr5U
dterY38ZKtq80W6RwASTbiRuTHVEz35htc6SElcKXu6Hxvv5h6qh2HdJFbOpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUyy0GPD/k0ClmMk5YM3hc4MxRafQwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7rMA0GCSqGSIb3DQEBCwUAA4IBAQA58WVI6oi7DCr8IU7CCLTzcTXaHlRF4xOH
JIdY1/5LnlFimvb5bCwdpm/UufWH1mIHUHR90fKO7T5z7IRoWfYUPh82cVhDO3B0
X6IT3PaP4O60iucYBiKFGtMbbWCYG0tV4tKkSCVmpu3rrpuxd1ROMI77DB6/1EXW
so3LtT1eSSaflAw3WNSV8ZG1xNh9RSCHNCnqkpx8lL3dVabCC5P6ME7tBO7WdDp0
7lSKQFP1XxfVz2MmSCIKyuFTHYtzxb/c+Sd+aVwKQv4tyEDBoT1i4YoJQcuFSUkn
11kG+PzZFu29nE2xajTla96WrDIe/csLknh9DDAqHTikDNbnjmII
-----END CERTIFICATE-----
Generated at Fri Jun 21 08:54:24 2024 by rpki-client on console-fra.rpki-client.org