Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e203236303432.roa
File: 3139342e33312e3139362e302f32342d3234203d3e203236303432.roa (raw, json)
Hash identifier: TJCDOqRNpuvZUWt7HENqz/pFdnyST78uvPnV1Mu6cLA=
Subject key identifier: 7D:8B:C4:4E:A5:EE:98:2C:58:AF:26:08:9F:2E:C0:F0:A9:AC:12:17
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 32F35CA23F212FFD39F977FA117F4D7F572FBA15
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e203236303432.roa
Signing time: Fri 16 Feb 2024 15:11:27 +0000
ROA not before: Fri 16 Feb 2024 15:06:27 +0000
ROA not after: Fri 14 Feb 2025 15:11:27 +0000
asID: 26042
IP address blocks: 194.31.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:f3:5c:a2:3f:21:2f:fd:39:f9:77:fa:11:7f:4d:7f:57:2f:ba:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Feb 16 15:06:27 2024 GMT
Not After : Feb 14 15:11:27 2025 GMT
Subject: CN=7D8BC44EA5EE982C58AF26089F2EC0F0A9AC1217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:5b:e6:79:00:65:76:4c:a1:c6:93:16:81:
57:95:bb:29:0f:d9:39:53:0c:69:a5:1f:43:26:84:
c6:81:62:a0:74:9b:04:37:eb:99:0f:59:ab:7a:10:
2e:29:09:5a:e2:91:b9:f9:0e:a3:f9:32:4b:31:bf:
86:87:8e:93:3e:0e:0b:92:5e:49:bf:f1:38:67:7b:
03:4e:28:3b:43:93:59:31:ef:bb:85:3e:59:ab:8f:
ee:89:b0:8f:f8:52:39:79:2a:7c:21:72:da:1b:38:
6f:d5:ef:5b:e2:97:65:ed:2e:0d:b2:18:7a:58:b7:
87:cc:42:0a:be:be:7f:25:27:58:82:98:c7:06:39:
e9:19:64:91:5c:40:81:a4:a1:98:24:87:13:3e:fd:
39:ec:99:43:42:b1:49:79:c4:61:01:9a:f1:e4:09:
85:63:98:4b:a3:6f:0d:77:1e:3f:34:2f:7a:9b:35:
e9:a0:88:56:8d:94:42:d1:9e:08:26:8f:fd:45:e3:
a9:01:9d:32:c2:31:d5:db:23:2e:e8:3a:eb:12:23:
02:ed:71:a8:04:45:ea:3f:4e:11:95:05:cf:c0:6e:
42:1c:ef:19:e6:d1:fe:ef:61:3f:c2:62:89:a2:65:
d9:d5:94:c3:7a:1f:5a:a9:d0:11:4c:40:77:12:8a:
ee:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:8B:C4:4E:A5:EE:98:2C:58:AF:26:08:9F:2E:C0:F0:A9:AC:12:17
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e203236303432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.196.0/24
Signature Algorithm: sha256WithRSAEncryption
58:29:af:46:6d:26:51:3c:d4:f6:b3:8b:97:b6:43:9b:67:a3:
20:0a:c3:c1:bb:9c:0e:2f:5c:4b:1f:b7:c1:79:71:17:82:70:
09:ce:5a:75:f9:96:bc:ca:3d:6a:27:08:6e:00:b3:c0:c8:96:
02:c1:03:e7:de:48:92:f3:a8:da:b1:fc:ae:c4:2d:8a:da:19:
48:10:0a:41:95:57:97:77:91:a4:fc:07:58:53:3d:38:42:fb:
b6:c8:f7:0c:86:e4:e4:50:fb:11:b6:35:db:77:a6:77:18:f1:
a7:66:47:6c:84:cb:54:2d:f8:94:22:e6:55:ba:a7:90:ad:a5:
ed:48:9c:86:54:99:05:7c:be:e0:2a:57:f6:a9:ea:4c:53:2e:
11:f1:3a:77:9c:da:aa:03:cf:41:b3:ab:0c:58:50:f3:bb:ad:
31:7b:18:07:a8:4e:9b:0d:c6:58:56:64:f2:ff:87:02:41:48:
ec:a9:01:3f:60:c2:51:b0:8c:fc:42:7a:70:78:f2:df:97:2c:
cd:47:4f:a3:8e:a1:03:39:2d:67:99:13:d0:50:b2:ac:93:f6:
64:6a:3d:6e:65:88:d2:c7:9b:60:06:07:d3:d9:e3:a2:38:30:
a3:6b:a1:f4:73:7f:59:d6:13:56:d0:ea:2c:3e:b7:bb:c6:2d:
3a:10:6e:e7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMvNcoj8hL/05+Xf6EX9Nf1cvuhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAyMTYxNTA2MjdaFw0yNTAyMTQxNTExMjdaMDMxMTAvBgNV
BAMTKDdEOEJDNDRFQTVFRTk4MkM1OEFGMjYwODlGMkVDMEYwQTlBQzEyMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe8VvmeQBldkyhxpMWgVeVuykP
2TlTDGmlH0MmhMaBYqB0mwQ365kPWat6EC4pCVrikbn5DqP5Mksxv4aHjpM+DguS
Xkm/8ThnewNOKDtDk1kx77uFPlmrj+6JsI/4Ujl5KnwhctobOG/V71vil2XtLg2y
GHpYt4fMQgq+vn8lJ1iCmMcGOekZZJFcQIGkoZgkhxM+/TnsmUNCsUl5xGEBmvHk
CYVjmEujbw13Hj80L3qbNemgiFaNlELRnggmj/1F46kBnTLCMdXbIy7oOusSIwLt
cagEReo/ThGVBc/AbkIc7xnm0f7vYT/CYomiZdnVlMN6H1qp0BFMQHcSiu7DAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfYvETqXumCxYryYIny7A8KmsEhcwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzAzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wh/EMA0GCSqGSIb3DQEBCwUAA4IBAQBYKa9GbSZRPNT2s4uXtkObZ6MgCsPBu5wO
L1xLH7fBeXEXgnAJzlp1+Za8yj1qJwhuALPAyJYCwQPn3kiS86jasfyuxC2K2hlI
EApBlVeXd5Gk/AdYUz04Qvu2yPcMhuTkUPsRtjXbd6Z3GPGnZkdshMtULfiUIuZV
uqeQraXtSJyGVJkFfL7gKlf2qepMUy4R8Tp3nNqqA89Bs6sMWFDzu60xexgHqE6b
DcZYVmTy/4cCQUjsqQE/YMJRsIz8QnpwePLflyzNR0+jjqEDOS1nmRPQULKsk/Zk
aj1uZYjSx5tgBgfT2eOiODCja6H0c39Z1hNW0OosPre7xi06EG7n
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:42 2024 by rpki-client on console-ams.rpki-client.org