Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139342e302f32342d3234203d3e203339333638.roa
File: 3139342e33312e3139342e302f32342d3234203d3e203339333638.roa (raw, json)
Hash identifier: SFZs2oMtwnIqXXrJ+wKfTfWn9twNuN9+e0KffE2zcpE=
Subject key identifier: 4C:53:59:0B:53:21:35:56:C0:EF:23:C4:8F:87:2C:8B:4F:F7:71:99
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 72DDC010F5E02C5F90111B7A3702CA02FD04A0D7
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139342e302f32342d3234203d3e203339333638.roa
Signing time: Fri 22 Nov 2024 08:43:28 +0000
ROA not before: Fri 22 Nov 2024 08:38:28 +0000
ROA not after: Fri 21 Nov 2025 08:43:28 +0000
asID: 39368
IP address blocks: 194.31.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:dd:c0:10:f5:e0:2c:5f:90:11:1b:7a:37:02:ca:02:fd:04:a0:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Nov 22 08:38:28 2024 GMT
Not After : Nov 21 08:43:28 2025 GMT
Subject: CN=4C53590B53213556C0EF23C48F872C8B4FF77199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:39:e7:7a:ee:7f:93:2a:ce:ff:04:99:1a:35:
46:f7:db:98:7c:b9:ef:34:23:92:6d:ee:2f:96:c6:
d9:2b:cb:9c:e3:47:ef:0a:89:ac:6f:c2:95:5b:ff:
52:51:12:9e:6b:8f:b7:f1:a4:9c:59:f0:36:83:d3:
54:a2:70:13:a7:e6:30:4e:10:3e:52:6e:50:67:db:
07:dd:63:3c:b9:a9:2c:97:42:88:fd:11:a3:0a:f3:
2a:65:5d:64:32:92:1b:2d:ea:2c:d0:5f:3f:77:2f:
72:2a:e0:ec:56:81:6f:8a:5f:8a:95:2a:68:dd:c8:
4b:5b:99:b5:bc:01:07:3d:f9:21:31:c4:7b:5c:2e:
ad:20:52:6d:fd:88:fe:6c:68:29:10:00:3e:79:89:
68:af:33:82:2f:1f:99:9e:a7:d5:24:db:67:a6:ac:
5a:7a:5e:20:c6:1c:df:7d:e9:25:4d:ab:40:22:df:
76:30:09:42:89:b9:fc:f7:02:1c:d5:48:2e:11:17:
03:f1:be:bd:bd:f0:3a:03:65:58:47:54:30:8f:e3:
11:69:b0:57:d5:09:2d:34:bb:1f:ca:f4:e6:70:05:
f9:c6:3c:10:d4:aa:ab:23:c7:95:55:53:c5:0f:5c:
7c:66:2c:b4:62:23:f2:40:06:16:67:db:a3:c3:53:
6f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:53:59:0B:53:21:35:56:C0:EF:23:C4:8F:87:2C:8B:4F:F7:71:99
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139342e302f32342d3234203d3e203339333638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.194.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:c0:ed:e1:87:9c:e3:23:51:79:f4:47:4e:24:df:cc:48:1f:
89:20:c8:5c:fa:1b:72:b5:ba:6b:af:75:ce:a1:ba:87:78:08:
cc:7d:40:8f:fb:51:44:5b:3c:0a:89:7b:87:9a:23:50:4a:29:
01:fc:56:d7:1a:c4:97:ec:37:4a:48:34:51:c8:b4:26:eb:80:
58:d1:02:13:a9:94:d5:d2:75:62:6f:c3:6d:74:2e:81:6a:0c:
99:a7:fd:79:06:d9:e4:07:d6:ac:85:10:cd:ef:d6:28:e4:d6:
98:25:2b:6a:47:6f:40:44:41:34:e9:d6:45:e0:e6:80:e5:33:
70:44:1e:9e:a2:ef:fe:10:7a:c9:e0:ab:a1:ba:10:90:a7:b5:
ce:29:5f:40:4d:0a:47:11:e6:e2:e9:8d:d8:ed:92:b2:45:0a:
03:1c:8b:82:16:29:e6:ee:2e:45:4f:d9:50:79:93:bc:30:87:
83:39:66:14:fe:0d:70:4c:5b:6f:b8:09:4c:cf:d1:a2:f4:1c:
ce:01:bc:fe:60:7a:63:3b:49:28:62:c6:1a:d0:39:ac:9e:08:
f7:f9:8a:56:f9:a1:b8:6f:1f:c9:f0:03:01:ba:e1:56:7e:b5:
77:df:e0:27:6e:35:1d:3b:32:4b:9c:f5:e4:a3:21:0a:92:77:
22:c2:b2:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUct3AEPXgLF+QERt6NwLKAv0EoNcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDExMjIwODM4MjhaFw0yNTExMjEwODQzMjhaMDMxMTAvBgNV
BAMTKDRDNTM1OTBCNTMyMTM1NTZDMEVGMjNDNDhGODcyQzhCNEZGNzcxOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpOed67n+TKs7/BJkaNUb325h8
ue80I5Jt7i+Wxtkry5zjR+8KiaxvwpVb/1JREp5rj7fxpJxZ8DaD01SicBOn5jBO
ED5SblBn2wfdYzy5qSyXQoj9EaMK8yplXWQykhst6izQXz93L3Iq4OxWgW+KX4qV
KmjdyEtbmbW8AQc9+SExxHtcLq0gUm39iP5saCkQAD55iWivM4IvH5mep9Uk22em
rFp6XiDGHN996SVNq0Ai33YwCUKJufz3AhzVSC4RFwPxvr298DoDZVhHVDCP4xFp
sFfVCS00ux/K9OZwBfnGPBDUqqsjx5VVU8UPXHxmLLRiI/JABhZn26PDU28lAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUTFNZC1MhNVbA7yPEj4csi0/3cZkwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzMzNjM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh/CMA0GCSqGSIb3DQEBCwUAA4IBAQCKwO3hh5zjI1F59EdOJN/MSB+JIMhc+hty
tbprr3XOobqHeAjMfUCP+1FEWzwKiXuHmiNQSikB/FbXGsSX7DdKSDRRyLQm64BY
0QITqZTV0nVib8NtdC6BagyZp/15BtnkB9ashRDN79Yo5NaYJStqR29AREE06dZF
4OaA5TNwRB6eou/+EHrJ4KuhuhCQp7XOKV9ATQpHEebi6Y3Y7ZKyRQoDHIuCFinm
7i5FT9lQeZO8MIeDOWYU/g1wTFtvuAlMz9Gi9BzOAbz+YHpjO0koYsYa0Dmsngj3
+YpW+aG4bx/J8AMBuuFWfrV33+AnbjUdOzJLnPXkoyEKknciwrL7
-----END CERTIFICATE-----
Generated at Mon Nov 25 12:00:54 2024 by rpki-client on console-ams.rpki-client.org