Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139322e302f32342d3234203d3e20343030303339.roa
File: 3139332e3130392e3139322e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: 9bTSM7Mn9Nmy2wE2RufohUGZnnrvEd34vHi+AY59vwY=
Subject key identifier: 1A:C5:56:C3:6D:A7:0D:3D:E6:42:02:3A:AF:A9:62:D3:4E:B6:7F:75
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 37ABF188039442150F8E501CB9100A216505FC1F
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139322e302f32342d3234203d3e20343030303339.roa
Signing time: Wed 09 Oct 2024 09:43:24 +0000
ROA not before: Wed 09 Oct 2024 09:38:24 +0000
ROA not after: Wed 08 Oct 2025 09:43:24 +0000
asID: 400039
IP address blocks: 193.109.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Feb 2025 05:53:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:ab:f1:88:03:94:42:15:0f:8e:50:1c:b9:10:0a:21:65:05:fc:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:24 2024 GMT
Not After : Oct 8 09:43:24 2025 GMT
Subject: CN=1AC556C36DA70D3DE642023AAFA962D34EB67F75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:71:2b:04:57:3b:85:23:97:f2:49:bf:a6:25:
56:49:5f:4f:a9:f3:29:9a:56:df:e1:54:6b:78:45:
3f:6f:ac:79:94:8a:9f:f8:23:88:ef:df:29:d9:69:
71:52:4c:2f:b1:c1:ce:b5:89:6f:6f:f1:c3:b8:e2:
8a:2f:bf:88:4a:d1:11:f0:44:1d:8d:4c:a1:9f:1f:
bb:eb:97:88:84:16:4c:7a:9b:a8:c1:3a:60:17:d0:
0e:a4:fa:9e:25:ca:8b:e0:26:65:10:af:9c:81:06:
97:bf:79:98:2d:ba:2e:a1:80:19:4b:d6:29:24:4f:
df:3f:da:09:d0:8c:63:db:98:4f:cb:e1:82:a0:2d:
9e:45:7d:8d:ec:83:ad:3e:b9:7d:6a:0c:9c:56:88:
89:db:24:bf:ac:dc:20:f4:c5:c5:12:91:f8:78:a1:
8c:2e:1d:3e:f5:bd:fa:aa:58:59:7b:be:02:c1:04:
7f:ca:ca:c6:9b:a5:24:21:a5:d9:1d:e5:cb:0d:cf:
8b:f7:ac:f5:e4:14:9f:02:57:43:e8:33:30:60:59:
ff:53:ae:e1:f8:9b:62:04:b7:20:ee:9d:d4:33:77:
f9:95:d0:4f:4d:04:02:2b:97:bb:8c:e0:72:ab:90:
01:61:67:e4:2a:63:66:e0:3c:68:20:bc:e6:47:41:
f0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C5:56:C3:6D:A7:0D:3D:E6:42:02:3A:AF:A9:62:D3:4E:B6:7F:75
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139322e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.192.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:d4:02:24:d0:ce:52:ed:8e:f7:c2:5f:6e:92:06:d8:5f:22:
77:12:14:00:93:16:18:04:63:3b:83:2f:5d:f9:5e:39:a1:06:
13:d5:1c:03:c6:9b:5b:28:91:37:48:f5:8f:cb:86:f3:99:47:
9b:59:0f:15:33:15:94:a8:45:0e:68:bf:b4:a3:8c:6b:1f:e6:
b0:04:25:12:bd:e9:3e:93:70:0b:63:50:f7:25:27:65:f4:1e:
32:58:2e:d4:17:5a:49:c4:89:d9:44:a9:e9:40:82:36:d6:70:
d8:01:cd:56:f2:33:2a:cf:a7:d3:86:4c:33:93:6a:fd:12:10:
3b:fe:da:96:a1:57:c9:dd:38:aa:93:9d:c5:69:ff:51:00:e5:
a9:2f:ca:44:a9:e3:57:22:ec:8d:bc:a4:83:f9:07:e0:13:cc:
9c:47:77:e0:4c:e3:89:61:a4:15:6f:2c:5c:8d:3c:1f:e4:c0:
86:ef:3e:fd:ae:fd:1d:44:aa:6f:53:92:21:4a:38:12:7f:43:
40:97:e1:bb:e0:8f:05:45:33:91:03:49:ff:5d:61:b0:d6:3c:
e1:6d:ac:d3:19:cd:7a:88:8e:2c:a9:26:5e:57:0e:ae:dc:12:
e4:2a:d2:14:10:7e:7d:fd:ff:d7:79:be:af:54:df:f9:1a:ec:
02:de:4f:80
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUN6vxiAOUQhUPjlAcuRAKIWUF/B8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjRaFw0yNTEwMDgwOTQzMjRaMDMxMTAvBgNV
BAMTKDFBQzU1NkMzNkRBNzBEM0RFNjQyMDIzQUFGQTk2MkQzNEVCNjdGNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbcSsEVzuFI5fySb+mJVZJX0+p
8ymaVt/hVGt4RT9vrHmUip/4I4jv3ynZaXFSTC+xwc61iW9v8cO44oovv4hK0RHw
RB2NTKGfH7vrl4iEFkx6m6jBOmAX0A6k+p4lyovgJmUQr5yBBpe/eZgtui6hgBlL
1ikkT98/2gnQjGPbmE/L4YKgLZ5FfY3sg60+uX1qDJxWiInbJL+s3CD0xcUSkfh4
oYwuHT71vfqqWFl7vgLBBH/KysabpSQhpdkd5csNz4v3rPXkFJ8CV0PoMzBgWf9T
ruH4m2IEtyDundQzd/mV0E9NBAIrl7uM4HKrkAFhZ+QqY2bgPGggvOZHQfD7AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUGsVWw22nDT3mQgI6r6li0062f3UwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMDMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMFtwDANBgkqhkiG9w0BAQsFAAOCAQEAL9QCJNDOUu2O98JfbpIG2F8idxIU
AJMWGARjO4MvXfleOaEGE9UcA8abWyiRN0j1j8uG85lHm1kPFTMVlKhFDmi/tKOM
ax/msAQlEr3pPpNwC2NQ9yUnZfQeMlgu1BdaScSJ2USp6UCCNtZw2AHNVvIzKs+n
04ZMM5Nq/RIQO/7alqFXyd04qpOdxWn/UQDlqS/KRKnjVyLsjbykg/kH4BPMnEd3
4EzjiWGkFW8sXI08H+TAhu8+/a79HUSqb1OSIUo4En9DQJfhu+CPBUUzkQNJ/11h
sNY84W2s0xnNeoiOLKkmXlcOrtwS5CrSFBB+ff3/13m+r1Tf+RrsAt5PgA==
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:25:20 2025 by rpki-client