Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203132383236.roa
File: 3139342e33312e3139352e302f32342d3234203d3e203132383236.roa (raw, json)
Hash identifier: CHPNPT0z1FxJrnbYsQhHJ9NQadQdz3mVof1cRz2i8vw=
Subject key identifier: 38:26:10:9A:DA:77:6D:90:76:76:47:65:B2:C5:71:71:D2:0C:0A:04
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 2A3BCF330009C0AFB603F5E6E688F95C7DEC5BBD
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203132383236.roa
Signing time: Mon 11 Mar 2024 21:54:53 +0000
ROA not before: Mon 11 Mar 2024 21:49:53 +0000
ROA not after: Mon 10 Mar 2025 21:54:53 +0000
asID: 12826
IP address blocks: 194.31.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:3b:cf:33:00:09:c0:af:b6:03:f5:e6:e6:88:f9:5c:7d:ec:5b:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Mar 11 21:49:53 2024 GMT
Not After : Mar 10 21:54:53 2025 GMT
Subject: CN=3826109ADA776D9076764765B2C57171D20C0A04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:53:2e:eb:c0:87:85:6e:d8:76:e9:07:55:5a:
a1:2f:d3:f5:a3:55:07:a6:0e:75:6b:0b:08:56:e3:
40:89:0d:d5:d4:a9:51:70:0b:b3:79:07:e0:a0:75:
f8:9f:2b:6a:a2:fe:18:51:b1:5f:49:e3:83:28:69:
11:c8:1a:15:a2:e0:dd:c6:75:da:1a:83:ef:e0:2d:
b2:01:96:c8:01:e4:ca:4f:1a:86:b9:08:93:e3:54:
15:24:6c:aa:7a:d9:3f:dd:7c:88:61:38:4d:b0:88:
e5:a0:bf:67:0a:10:6c:15:3b:8e:40:eb:d4:3d:bd:
d4:82:4b:88:4f:54:2f:b3:00:7f:5b:8b:35:2f:8f:
95:ff:5c:37:5d:d8:5c:2c:ae:98:9d:54:ce:a7:ec:
e5:29:ba:fa:c6:b6:5d:50:a9:8c:7d:89:49:1d:9e:
a5:e5:bb:7b:73:c7:fd:b7:89:5f:f3:23:3f:c7:ca:
0d:20:4f:ab:96:2f:c5:0b:40:7c:c2:e7:73:01:f0:
2e:46:d3:cd:91:5b:4b:4a:bd:c1:47:22:7f:77:e7:
21:0c:30:5c:fa:5e:8d:0f:85:e0:7a:57:75:14:9d:
55:00:d0:1a:3a:ca:48:dd:dc:9c:0d:0e:4d:05:8f:
1f:7e:5f:5c:48:df:bd:86:6b:61:a8:d6:96:de:d2:
68:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:26:10:9A:DA:77:6D:90:76:76:47:65:B2:C5:71:71:D2:0C:0A:04
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203132383236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.195.0/24
Signature Algorithm: sha256WithRSAEncryption
88:62:f4:be:33:7a:ed:be:bc:45:ab:2e:16:65:b3:dc:25:c5:
b0:1e:7a:80:e3:53:ce:5b:0f:08:2d:bc:96:27:19:8b:de:87:
ee:9f:77:99:af:0d:c1:4d:d0:37:3c:31:bd:89:5d:a1:c7:cd:
5f:2e:06:8e:27:5a:dc:fc:87:3b:f3:4b:75:61:7c:2f:8a:70:
be:1e:d6:ec:4e:c2:af:a6:0d:56:19:37:17:b6:e9:04:28:9c:
98:3a:bd:42:16:05:64:04:70:18:3b:25:fa:31:d1:0c:3c:ed:
bf:d1:a5:41:f7:3f:03:bb:65:7a:d2:30:4a:2e:14:91:48:8f:
c2:bf:54:c7:47:13:92:ad:56:ca:32:4f:f2:77:31:5f:6d:22:
db:70:94:5a:e1:d1:e6:d7:9b:19:ac:98:90:3f:c8:fc:39:40:
39:e7:4d:06:50:fa:5a:d5:de:c5:6c:ef:75:ff:1e:79:02:90:
4b:17:71:02:6b:22:f9:82:8a:c3:bc:93:c6:f4:9e:71:45:8c:
f2:2f:66:87:04:2f:77:0a:cc:60:63:e4:27:fe:95:e7:34:cc:
e4:57:89:ad:3d:99:56:5e:0d:99:2d:d1:b2:0b:a0:68:ef:ee:
6b:8b:87:f6:eb:d7:3b:c0:6d:2f:a2:f0:36:33:01:93:48:ad:
39:89:94:01
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKjvPMwAJwK+2A/Xm5oj5XH3sW70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAzMTEyMTQ5NTNaFw0yNTAzMTAyMTU0NTNaMDMxMTAvBgNV
BAMTKDM4MjYxMDlBREE3NzZEOTA3Njc2NDc2NUIyQzU3MTcxRDIwQzBBMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+Uy7rwIeFbth26QdVWqEv0/Wj
VQemDnVrCwhW40CJDdXUqVFwC7N5B+CgdfifK2qi/hhRsV9J44MoaRHIGhWi4N3G
ddoag+/gLbIBlsgB5MpPGoa5CJPjVBUkbKp62T/dfIhhOE2wiOWgv2cKEGwVO45A
69Q9vdSCS4hPVC+zAH9bizUvj5X/XDdd2FwsrpidVM6n7OUpuvrGtl1QqYx9iUkd
nqXlu3tzx/23iV/zIz/Hyg0gT6uWL8ULQHzC53MB8C5G082RW0tKvcFHIn935yEM
MFz6Xo0PheB6V3UUnVUA0Bo6ykjd3JwNDk0Fjx9+X1xI372Ga2Go1pbe0mjbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOCYQmtp3bZB2dkdlssVxcdIMCgQwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMyMzgzMjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh/DMA0GCSqGSIb3DQEBCwUAA4IBAQCIYvS+M3rtvrxFqy4WZbPcJcWwHnqA41PO
Ww8ILbyWJxmL3ofun3eZrw3BTdA3PDG9iV2hx81fLgaOJ1rc/Ic780t1YXwvinC+
HtbsTsKvpg1WGTcXtukEKJyYOr1CFgVkBHAYOyX6MdEMPO2/0aVB9z8Du2V60jBK
LhSRSI/Cv1THRxOSrVbKMk/ydzFfbSLbcJRa4dHm15sZrJiQP8j8OUA5500GUPpa
1d7FbO91/x55ApBLF3ECayL5gorDvJPG9J5xRYzyL2aHBC93CsxgY+Qn/pXnNMzk
V4mtPZlWXg2ZLdGyC6Bo7+5ri4f269c7wG0vovA2MwGTSK05iZQB
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:42 2024 by rpki-client on console-ams.rpki-client.org