Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139372e302f32342d3234203d3e20383334.roa
File: 3139342e33312e3139372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 0Ba6XElIE9S65g0UH/J3tVC0nfyuEooniBTCVtj5y+k=
Subject key identifier: 03:03:76:B9:63:D6:E2:EA:41:AD:7F:9D:63:59:35:D3:82:46:5E:4B
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 705B3DC93F2829D7532E9E1C5E04C1F47606E2CF
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139372e302f32342d3234203d3e20383334.roa
Signing time: Fri 08 Mar 2024 00:02:23 +0000
ROA not before: Thu 07 Mar 2024 23:57:23 +0000
ROA not after: Fri 07 Mar 2025 00:02:23 +0000
asID: 834
IP address blocks: 194.31.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft
rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:5b:3d:c9:3f:28:29:d7:53:2e:9e:1c:5e:04:c1:f4:76:06:e2:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Mar 7 23:57:23 2024 GMT
Not After : Mar 7 00:02:23 2025 GMT
Subject: CN=030376B963D6E2EA41AD7F9D635935D382465E4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:44:a7:68:21:04:4e:d6:e4:4f:0f:16:bd:
51:0a:83:54:66:9b:cf:d2:6f:81:e2:8b:13:92:c3:
8a:32:41:c9:14:69:76:6c:74:16:24:e7:2f:14:e0:
72:ff:f8:72:64:60:a3:9b:05:11:68:49:08:f7:4b:
49:85:f4:7d:03:47:95:c4:65:51:bf:6b:96:79:64:
64:db:da:07:0f:fc:bf:c0:f8:c2:55:be:03:95:63:
43:0c:7c:89:52:47:ff:4f:14:14:78:4f:e4:8c:74:
1d:54:1a:97:8f:0f:b8:04:3a:f1:5c:52:9f:59:98:
20:50:6b:b9:22:f4:7c:9f:85:41:82:4e:92:f7:e9:
dc:f3:18:6a:e0:50:13:c1:85:9d:35:24:ba:a2:43:
a1:eb:62:a5:1a:22:de:5e:c7:fa:a0:5a:5a:30:99:
81:01:2b:0c:01:a3:9d:3f:42:72:dc:87:9e:c2:45:
40:d7:f4:d3:d7:98:01:7e:b1:8d:3e:52:a8:0b:aa:
d3:03:3a:42:0a:83:e9:a8:c9:68:31:b5:b0:43:38:
b8:6e:aa:93:86:fc:73:c3:d6:62:89:e2:e1:5f:20:
5d:3c:14:0a:9c:81:2e:6a:36:e3:88:c0:25:fd:0f:
5b:37:f8:40:3b:98:ba:d7:49:80:b5:40:79:cf:05:
dc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:03:76:B9:63:D6:E2:EA:41:AD:7F:9D:63:59:35:D3:82:46:5E:4B
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.197.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:4d:ad:e8:c1:78:55:b7:fa:3e:ba:36:74:74:e4:5b:39:6f:
47:41:30:ca:71:af:34:83:86:d0:2c:9f:e8:23:d1:b4:0a:31:
10:d1:56:6d:b0:5d:f9:ae:49:53:07:28:8b:fc:9f:71:f2:13:
a7:1d:ed:c6:f4:62:a2:10:b6:84:84:4c:6d:c4:a7:49:75:45:
27:13:2e:72:11:1d:69:2e:e2:45:74:42:de:d8:e8:22:2e:57:
33:d3:20:26:bc:6c:95:fe:8f:0f:f0:5c:43:20:01:58:a1:77:
52:3b:24:d1:39:e7:ae:6f:4f:7a:7d:13:ed:61:8a:48:59:93:
59:cb:70:01:ca:e8:02:35:b8:af:7d:b3:d0:b1:ad:c1:a7:8a:
ba:47:b5:76:c1:6a:15:d6:cc:50:15:7d:f7:82:3d:cf:f5:c6:
ee:af:be:53:d9:25:03:44:e4:dd:78:a7:29:73:3e:f1:63:9b:
ac:77:8d:f5:3c:fc:98:b3:09:c7:9f:33:1f:ac:6e:de:54:e9:
63:75:3b:51:6b:65:eb:a2:ce:01:42:60:58:08:72:cd:10:da:
13:00:92:23:d4:b5:3e:01:81:0c:17:5a:27:6b:c5:47:15:73:
1c:5b:36:0a:1a:48:1d:b0:3e:76:3e:3d:34:8d:04:aa:e1:aa:
31:2e:5a:e2
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUcFs9yT8oKddTLp4cXgTB9HYG4s8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAzMDcyMzU3MjNaFw0yNTAzMDcwMDAyMjNaMDMxMTAvBgNV
BAMTKDAzMDM3NkI5NjNENkUyRUE0MUFEN0Y5RDYzNTkzNUQzODI0NjVFNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuqESnaCEETtbkTw8WvVEKg1Rm
m8/Sb4HiixOSw4oyQckUaXZsdBYk5y8U4HL/+HJkYKObBRFoSQj3S0mF9H0DR5XE
ZVG/a5Z5ZGTb2gcP/L/A+MJVvgOVY0MMfIlSR/9PFBR4T+SMdB1UGpePD7gEOvFc
Up9ZmCBQa7ki9HyfhUGCTpL36dzzGGrgUBPBhZ01JLqiQ6HrYqUaIt5ex/qgWlow
mYEBKwwBo50/QnLch57CRUDX9NPXmAF+sY0+UqgLqtMDOkIKg+moyWgxtbBDOLhu
qpOG/HPD1mKJ4uFfIF08FAqcgS5qNuOIwCX9D1s3+EA7mLrXSYC1QHnPBdyzAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUAwN2uWPW4upBrX+dY1k104JGXkswHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCH8Uw
DQYJKoZIhvcNAQELBQADggEBABxNrejBeFW3+j66NnR05Fs5b0dBMMpxrzSDhtAs
n+gj0bQKMRDRVm2wXfmuSVMHKIv8n3HyE6cd7cb0YqIQtoSETG3Ep0l1RScTLnIR
HWku4kV0Qt7Y6CIuVzPTICa8bJX+jw/wXEMgAVihd1I7JNE5565vT3p9E+1hikhZ
k1nLcAHK6AI1uK99s9CxrcGnirpHtXbBahXWzFAVffeCPc/1xu6vvlPZJQNE5N14
pylzPvFjm6x3jfU8/JizCcefMx+sbt5U6WN1O1FrZeuizgFCYFgIcs0Q2hMAkiPU
tT4BgQwXWidrxUcVcxxbNgoaSB2wPnY+PTSNBKrhqjEuWuI=
-----END CERTIFICATE-----
Generated at Wed May 1 21:27:12 2024 by rpki-client on console-fra.rpki-client.org