Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203334393933.roa
File: 3139342e33312e3139352e302f32342d3234203d3e203334393933.roa (raw, json)
Hash identifier: WhgIIlEcmyU6tnDp2AFwPse2lR11xsetwXhDM0lEJUg=
Subject key identifier: A7:21:BE:E1:55:BA:A7:0E:EB:B3:F6:16:4B:F6:B2:C1:87:9C:EF:78
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 23340C59D29FE4F646B6188A48FDEB50CE4FF887
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203334393933.roa
Signing time: Mon 11 Mar 2024 21:54:53 +0000
ROA not before: Mon 11 Mar 2024 21:49:53 +0000
ROA not after: Mon 10 Mar 2025 21:54:53 +0000
asID: 34993
IP address blocks: 194.31.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:34:0c:59:d2:9f:e4:f6:46:b6:18:8a:48:fd:eb:50:ce:4f:f8:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Mar 11 21:49:53 2024 GMT
Not After : Mar 10 21:54:53 2025 GMT
Subject: CN=A721BEE155BAA70EEBB3F6164BF6B2C1879CEF78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f5:96:67:0f:2c:ae:73:89:0e:7a:1a:97:89:
53:ee:75:ab:c8:bb:a0:5f:81:87:c1:38:00:6a:6b:
bb:3a:8e:f8:65:0d:63:84:6a:5c:74:14:a2:00:cf:
43:64:a7:ce:41:00:24:7b:22:72:20:a6:08:2d:49:
4a:13:4c:2f:31:86:e6:8b:39:ca:3d:95:9c:a0:9b:
8c:32:b3:5b:64:53:b9:80:6b:d4:03:66:d3:92:6e:
b7:cf:dc:2f:c7:1d:15:f4:96:e8:88:c6:d4:ba:17:
fe:6c:24:7b:2e:90:62:f7:96:f7:2f:1a:51:8d:f7:
73:8d:41:11:fa:6d:2e:b1:74:2d:fe:d4:98:63:2e:
1d:aa:92:46:5c:8e:ab:1b:b5:37:8b:67:de:5c:12:
5c:65:b1:fd:0a:a5:77:ea:8f:bd:31:f2:2b:67:1f:
83:75:ab:9e:18:21:37:cf:60:f0:59:1c:8d:f8:55:
e6:ac:ec:a1:19:49:a6:eb:74:af:1b:54:fe:46:76:
4e:ba:7d:6b:ba:e2:78:4d:d7:d2:a2:a6:bd:1c:d1:
e2:b0:13:b6:78:1a:ae:5c:b7:e6:59:52:8c:a0:e3:
fc:c9:ed:e1:e0:69:ef:fd:3d:42:d5:1e:69:54:30:
5a:34:a9:f8:18:d3:52:89:d2:0f:ae:42:6a:0d:6a:
80:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:21:BE:E1:55:BA:A7:0E:EB:B3:F6:16:4B:F6:B2:C1:87:9C:EF:78
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139352e302f32342d3234203d3e203334393933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.195.0/24
Signature Algorithm: sha256WithRSAEncryption
36:bd:6c:a7:16:5e:3b:16:9a:b3:98:1a:86:f0:e7:c3:8f:4a:
da:67:f1:ca:47:c0:43:42:97:5f:b2:a1:8f:f5:d9:bd:e5:bd:
fe:2a:b3:df:e8:0a:62:59:9c:c2:3b:73:4a:3e:d1:d3:21:8a:
57:54:76:62:98:83:bc:3e:28:5f:89:e7:ff:3f:49:1f:d7:d6:
ef:7e:03:e6:14:a8:52:69:c3:24:5b:9c:e9:30:12:03:91:ac:
7a:df:2b:a4:d4:93:66:13:3a:1c:88:8d:33:f0:3a:d9:1c:17:
7c:ff:3e:3b:53:70:7f:51:b6:da:ed:6a:3c:b2:55:9c:b4:8f:
89:51:72:3a:12:11:d6:7d:86:e6:26:34:79:eb:71:5b:3f:58:
bb:c9:8a:d6:92:87:86:c7:14:54:7f:94:28:ec:be:15:4b:4f:
54:e1:00:e2:8e:fa:b4:fc:04:69:dc:dd:d1:f6:bd:46:50:bc:
15:31:ae:1b:c3:05:22:6a:05:1a:b0:61:5a:21:d0:19:13:5c:
e9:10:73:00:a7:e1:c4:61:7c:3e:02:90:b1:1c:34:06:c7:89:
a2:8d:4e:18:15:83:a9:12:45:63:6e:a5:09:08:54:3d:2a:ec:
0e:d1:b1:7a:ad:97:9f:5e:bc:ed:d0:69:82:00:78:cd:77:0e:
77:16:98:a1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIzQMWdKf5PZGthiKSP3rUM5P+IcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAzMTEyMTQ5NTNaFw0yNTAzMTAyMTU0NTNaMDMxMTAvBgNV
BAMTKEE3MjFCRUUxNTVCQUE3MEVFQkIzRjYxNjRCRjZCMkMxODc5Q0VGNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD9ZZnDyyuc4kOehqXiVPudavI
u6BfgYfBOABqa7s6jvhlDWOEalx0FKIAz0Nkp85BACR7InIgpggtSUoTTC8xhuaL
Oco9lZygm4wys1tkU7mAa9QDZtOSbrfP3C/HHRX0luiIxtS6F/5sJHsukGL3lvcv
GlGN93ONQRH6bS6xdC3+1JhjLh2qkkZcjqsbtTeLZ95cElxlsf0KpXfqj70x8itn
H4N1q54YITfPYPBZHI34Veas7KEZSabrdK8bVP5Gdk66fWu64nhN19Kipr0c0eKw
E7Z4Gq5ct+ZZUoyg4/zJ7eHgae/9PULVHmlUMFo0qfgY01KJ0g+uQmoNaoB/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpyG+4VW6pw7rs/YWS/aywYec73gwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM0MzkzOTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh/DMA0GCSqGSIb3DQEBCwUAA4IBAQA2vWynFl47FpqzmBqG8OfDj0raZ/HKR8BD
QpdfsqGP9dm95b3+KrPf6ApiWZzCO3NKPtHTIYpXVHZimIO8Pihfief/P0kf19bv
fgPmFKhSacMkW5zpMBIDkax63yuk1JNmEzociI0z8DrZHBd8/z47U3B/Ubba7Wo8
slWctI+JUXI6EhHWfYbmJjR563FbP1i7yYrWkoeGxxRUf5Qo7L4VS09U4QDijvq0
/ARp3N3R9r1GULwVMa4bwwUiagUasGFaIdAZE1zpEHMAp+HEYXw+ApCxHDQGx4mi
jU4YFYOpEkVjbqUJCFQ9KuwO0bF6rZefXrzt0GmCAHjNdw53Fpih
-----END CERTIFICATE-----
Generated at Mon Nov 25 12:00:54 2024 by rpki-client on console-ams.rpki-client.org