Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139342e302f32342d3234203d3e203631333137.roa
File: 3139332e3130392e3139342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: MK15unIyyhNtkx2+qPJ7mQVmJovEWJ58KZbP3Pa21u0=
Subject key identifier: 3D:C9:F8:21:24:0B:31:88:91:41:9B:35:A3:70:FB:79:67:E0:23:58
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 64148850F8A549F20677C7CB32B86D9ADA0B1D18
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139342e302f32342d3234203d3e203631333137.roa
Signing time: Wed 09 Oct 2024 09:43:24 +0000
ROA not before: Wed 09 Oct 2024 09:38:24 +0000
ROA not after: Wed 08 Oct 2025 09:43:24 +0000
asID: 61317
IP address blocks: 193.109.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:14:88:50:f8:a5:49:f2:06:77:c7:cb:32:b8:6d:9a:da:0b:1d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:24 2024 GMT
Not After : Oct 8 09:43:24 2025 GMT
Subject: CN=3DC9F821240B318891419B35A370FB7967E02358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2f:fb:f8:e9:bb:7e:31:0c:16:c5:9a:f8:7f:
69:ae:e6:8b:42:a3:26:5e:b3:7e:2e:02:d7:53:c0:
94:38:03:d9:31:34:f6:8e:f4:ac:2c:f6:74:5f:1a:
36:db:91:e2:ae:b9:00:35:15:c0:ba:67:57:82:7e:
4c:37:27:74:68:e9:ef:d7:43:14:73:5d:70:55:7d:
95:48:44:d6:70:3d:a3:22:25:05:3e:55:cd:f1:d5:
2a:f9:2b:17:15:3f:4f:0e:b9:e6:6f:85:6b:7a:cf:
de:0d:f1:8a:a9:7d:58:6b:fa:22:ec:5c:8f:2a:c2:
bf:f7:a6:05:43:6c:f0:bc:7b:67:3e:e5:a7:fb:b4:
49:a4:3b:d3:89:f9:08:88:22:aa:fc:eb:46:4c:cd:
90:09:8c:89:40:8d:4b:44:7e:15:5c:e9:80:9d:8d:
f1:2d:bf:bf:0d:d6:da:bb:93:e4:d6:7b:b1:0e:5e:
c1:3e:b7:54:9d:92:f7:01:c4:13:fc:d8:a7:26:23:
16:85:c7:54:6a:dd:d5:7a:bf:75:10:aa:45:4b:5d:
0b:9e:d0:3a:26:87:77:7c:40:61:40:f2:95:61:ef:
d0:f4:45:6f:cc:54:80:65:01:3f:e6:83:26:09:df:
47:b6:5c:f6:f7:27:97:c7:9d:58:4b:f2:54:2d:77:
4e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:C9:F8:21:24:0B:31:88:91:41:9B:35:A3:70:FB:79:67:E0:23:58
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.194.0/24
Signature Algorithm: sha256WithRSAEncryption
46:ce:b6:33:7f:f9:1a:dc:04:d3:d0:74:a8:4c:b8:a4:8a:16:
1c:35:18:2d:f6:d8:d1:d6:a1:5a:09:d2:69:49:b0:b0:86:33:
64:d8:41:23:36:38:ae:33:1f:cf:2a:44:cb:6b:57:87:1d:07:
70:e3:1a:b9:fd:b3:24:18:90:92:02:14:e6:aa:a0:c9:97:1d:
d5:36:57:87:73:48:01:80:40:8a:76:c1:b5:40:06:e4:07:6e:
ff:0a:ea:bb:33:05:d6:fc:f1:a5:92:06:1f:45:32:a5:d0:b7:
14:24:ba:31:62:00:cf:00:d9:5d:0f:1f:f2:88:4e:9f:78:3e:
fa:64:89:37:fe:60:cb:55:73:65:1b:4c:f2:1a:02:fc:ed:e9:
04:68:fd:99:4e:89:4f:66:3f:d8:75:60:25:5c:c9:90:ff:70:
8c:bc:6d:93:b0:02:55:39:6d:09:63:b5:53:40:47:89:7d:6d:
ca:d3:f6:71:78:85:65:80:91:6e:b5:29:bb:27:fa:a2:f3:59:
5d:05:ef:d7:19:f2:68:3a:be:e7:a5:08:6d:2e:58:db:4a:f4:
5a:7d:62:d3:dd:fa:b7:83:29:5f:b5:9f:b1:34:20:be:4b:10:
6a:02:c9:3a:0e:ed:a1:f7:9f:e3:2f:6b:44:4c:0a:fe:11:68:
83:62:bc:0a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZBSIUPilSfIGd8fLMrhtmtoLHRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjRaFw0yNTEwMDgwOTQzMjRaMDMxMTAvBgNV
BAMTKDNEQzlGODIxMjQwQjMxODg5MTQxOUIzNUEzNzBGQjc5NjdFMDIzNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpL/v46bt+MQwWxZr4f2mu5otC
oyZes34uAtdTwJQ4A9kxNPaO9Kws9nRfGjbbkeKuuQA1FcC6Z1eCfkw3J3Ro6e/X
QxRzXXBVfZVIRNZwPaMiJQU+Vc3x1Sr5KxcVP08OueZvhWt6z94N8YqpfVhr+iLs
XI8qwr/3pgVDbPC8e2c+5af7tEmkO9OJ+QiIIqr860ZMzZAJjIlAjUtEfhVc6YCd
jfEtv78N1tq7k+TWe7EOXsE+t1SdkvcBxBP82KcmIxaFx1Rq3dV6v3UQqkVLXQue
0Domh3d8QGFA8pVh79D0RW/MVIBlAT/mgyYJ30e2XPb3J5fHnVhL8lQtd07fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPcn4ISQLMYiRQZs1o3D7eWfgI1gwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBbcIwDQYJKoZIhvcNAQELBQADggEBAEbOtjN/+RrcBNPQdKhMuKSKFhw1GC32
2NHWoVoJ0mlJsLCGM2TYQSM2OK4zH88qRMtrV4cdB3DjGrn9syQYkJICFOaqoMmX
HdU2V4dzSAGAQIp2wbVABuQHbv8K6rszBdb88aWSBh9FMqXQtxQkujFiAM8A2V0P
H/KITp94PvpkiTf+YMtVc2UbTPIaAvzt6QRo/ZlOiU9mP9h1YCVcyZD/cIy8bZOw
AlU5bQljtVNAR4l9bcrT9nF4hWWAkW61Kbsn+qLzWV0F79cZ8mg6vuelCG0uWNtK
9Fp9YtPd+reDKV+1n7E0IL5LEGoCyToO7aH3n+Mva0RMCv4RaINivAo=
-----END CERTIFICATE-----
Generated at Sun Nov 24 14:06:23 2024 by rpki-client on console-ams.rpki-client.org