Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/3139352e3139312e34392e302f32342d3234203d3e20313337323335.roa
File: 3139352e3139312e34392e302f32342d3234203d3e20313337323335.roa (raw, json)
Hash identifier: kJhH0vqYZkg5DzM5Pl/a0l5Kw1f8OmOrtk6aMG31fmc=
Subject key identifier: 9B:FA:45:F1:D5:1E:51:E3:20:45:3F:C0:35:70:FA:A0:EA:EB:18:5B
Certificate issuer: /CN=ac428c8eed241857f73d0f3d483abecb240519d0
Certificate serial: 252A840346FB42590E2C133548C8A7752826C1E6
Authority key identifier: AC:42:8C:8E:ED:24:18:57:F7:3D:0F:3D:48:3A:BE:CB:24:05:19:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rEKMju0kGFf3PQ89SDq-yyQFGdA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/3139352e3139312e34392e302f32342d3234203d3e20313337323335.roa
Signing time: Wed 21 Aug 2024 06:20:19 +0000
ROA not before: Wed 21 Aug 2024 06:15:19 +0000
ROA not after: Wed 20 Aug 2025 06:20:19 +0000
asID: 137235
IP address blocks: 195.191.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/AC428C8EED241857F73D0F3D483ABECB240519D0.crl
rsync://rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/AC428C8EED241857F73D0F3D483ABECB240519D0.mft
rsync://rpki.ripe.net/repository/DEFAULT/rEKMju0kGFf3PQ89SDq-yyQFGdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Nov 2024 19:58:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:2a:84:03:46:fb:42:59:0e:2c:13:35:48:c8:a7:75:28:26:c1:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac428c8eed241857f73d0f3d483abecb240519d0
Validity
Not Before: Aug 21 06:15:19 2024 GMT
Not After : Aug 20 06:20:19 2025 GMT
Subject: CN=9BFA45F1D51E51E320453FC03570FAA0EAEB185B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:96:4a:9f:88:8a:9a:5d:9f:18:fb:52:62:a0:
50:b3:91:9e:76:ac:c4:93:84:ae:5d:56:67:2d:e9:
9e:bf:6f:cc:8c:66:53:ea:a7:5a:b7:69:f1:72:07:
a4:fd:a8:dd:3a:c1:b5:72:25:80:70:6d:81:be:be:
32:bb:d8:cc:67:1c:3d:53:4e:61:fa:f1:61:60:80:
f7:e8:61:42:a0:b6:ae:56:32:77:9d:67:aa:c6:26:
70:ac:bf:e9:52:85:be:55:3e:e6:04:25:44:6b:ff:
d2:b1:66:c1:5a:40:86:38:13:db:b3:47:c2:59:02:
da:4e:5c:fb:f3:de:b4:d6:93:86:9e:49:a8:93:57:
31:25:2d:5e:54:fa:f1:ed:4a:5a:b9:84:22:d6:aa:
0d:5e:73:97:95:30:70:ed:6e:10:d8:07:39:2d:ca:
f7:18:40:10:20:0e:66:dd:89:fc:98:59:86:76:8c:
57:49:5f:4a:2d:7f:ea:44:4b:13:ff:e1:72:5e:d8:
52:f5:0b:3c:f6:87:2e:da:6d:4b:79:5d:0b:a7:21:
a2:75:24:25:a7:0b:a7:09:db:25:70:38:85:e5:fe:
a8:96:12:9b:1a:2b:07:98:9b:c4:6d:04:21:67:e3:
44:08:42:89:fc:ff:e0:92:5f:c7:7d:91:9a:01:e1:
18:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FA:45:F1:D5:1E:51:E3:20:45:3F:C0:35:70:FA:A0:EA:EB:18:5B
X509v3 Authority Key Identifier:
keyid:AC:42:8C:8E:ED:24:18:57:F7:3D:0F:3D:48:3A:BE:CB:24:05:19:D0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/AC428C8EED241857F73D0F3D483ABECB240519D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rEKMju0kGFf3PQ89SDq-yyQFGdA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1309bdce-70e3-46ae-8f05-0c3ada8f8a42/0/3139352e3139312e34392e302f32342d3234203d3e20313337323335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.49.0/24
Signature Algorithm: sha256WithRSAEncryption
02:8f:55:ec:5d:ed:0e:26:2a:cb:82:87:40:fa:39:b1:16:eb:
df:e4:ce:88:6e:36:f5:9d:71:e0:68:70:13:67:e2:8c:8b:d3:
5b:ba:98:b0:32:d5:ed:6a:b3:b2:21:f3:5f:28:e7:b8:2a:0a:
6e:da:5b:2d:98:fc:f3:25:49:21:6f:0a:c0:54:52:6d:df:36:
5e:ec:d8:78:73:09:92:6e:c0:12:00:3e:d6:90:0f:75:00:66:
5b:ac:17:c6:ce:23:f4:02:48:a6:06:b8:3c:b4:e6:6c:c7:92:
3c:f4:d1:6e:3d:9e:0c:87:68:8a:4a:42:4b:c3:42:64:53:09:
0b:4c:fd:66:6b:a4:a3:2c:55:88:31:4a:40:a2:cb:07:5d:ad:
0a:da:11:cb:15:85:a6:c0:cf:69:f2:a5:42:77:cf:e5:fa:10:
6d:9d:d2:23:dc:60:f4:17:1c:6a:28:29:1f:e9:6d:fb:07:6c:
d3:07:cf:54:0c:44:fb:f0:ae:44:03:f2:6e:2d:73:8a:e1:5f:
50:ad:86:fd:d9:8e:3c:9f:a6:31:fe:ab:70:da:3e:dd:31:90:
c0:99:d2:ba:53:86:5a:ab:ce:df:a1:0f:ad:17:cb:70:bf:93:
68:41:3c:14:f7:de:fa:ca:2a:c6:ca:d9:74:66:8a:b4:ad:2d:
ee:2a:62:31
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJSqEA0b7QlkOLBM1SMindSgmweYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWM0MjhjOGVlZDI0MTg1N2Y3M2QwZjNkNDgzYWJlY2Iy
NDA1MTlkMDAeFw0yNDA4MjEwNjE1MTlaFw0yNTA4MjAwNjIwMTlaMDMxMTAvBgNV
BAMTKDlCRkE0NUYxRDUxRTUxRTMyMDQ1M0ZDMDM1NzBGQUEwRUFFQjE4NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4lkqfiIqaXZ8Y+1JioFCzkZ52
rMSThK5dVmct6Z6/b8yMZlPqp1q3afFyB6T9qN06wbVyJYBwbYG+vjK72MxnHD1T
TmH68WFggPfoYUKgtq5WMnedZ6rGJnCsv+lShb5VPuYEJURr/9KxZsFaQIY4E9uz
R8JZAtpOXPvz3rTWk4aeSaiTVzElLV5U+vHtSlq5hCLWqg1ec5eVMHDtbhDYBzkt
yvcYQBAgDmbdifyYWYZ2jFdJX0otf+pESxP/4XJe2FL1Czz2hy7abUt5XQunIaJ1
JCWnC6cJ2yVwOIXl/qiWEpsaKweYm8RtBCFn40QIQon8/+CSX8d9kZoB4Rg1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUm/pF8dUeUeMgRT/ANXD6oOrrGFswHwYDVR0j
BBgwFoAUrEKMju0kGFf3PQ89SDq+yyQFGdAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTMwOWJkY2UtNzBlMy00NmFlLThmMDUtMGMzYWRhOGY4
YTQyLzAvQUM0MjhDOEVFRDI0MTg1N0Y3M0QwRjNENDgzQUJFQ0IyNDA1MTlEMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JFS01qdTBrR0ZmM1BRODlTRHEteXlR
RkdkQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMTMwOWJkY2Ut
NzBlMy00NmFlLThmMDUtMGMzYWRhOGY4YTQyLzAvMzEzOTM1MmUzMTM5MzEyZTM0
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczMjMzMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADDvzEwDQYJKoZIhvcNAQELBQADggEBAAKPVexd7Q4mKsuCh0D6ObEW69/kzohu
NvWdceBocBNn4oyL01u6mLAy1e1qs7Ih818o57gqCm7aWy2Y/PMlSSFvCsBUUm3f
Nl7s2HhzCZJuwBIAPtaQD3UAZlusF8bOI/QCSKYGuDy05mzHkjz00W49ngyHaIpK
QkvDQmRTCQtM/WZrpKMsVYgxSkCiywddrQraEcsVhabAz2nypUJ3z+X6EG2d0iPc
YPQXHGooKR/pbfsHbNMHz1QMRPvwrkQD8m4tc4rhX1Cthv3ZjjyfpjH+q3DaPt0x
kMCZ0rpThlqrzt+hD60Xy3C/k2hBPBT33vrKKsbK2XRmirStLe4qYjE=
-----END CERTIFICATE-----
Generated at Tue Nov 5 02:48:33 2024 by rpki-client on console-ams.rpki-client.org