Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139352e302f32342d3234203d3e203634323637.roa
File: 3139332e3130392e3139352e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: PD0hw/Q6q8jQKdcOV03OObDMWt2KctSmlXrspQx7Asg=
Subject key identifier: 1E:71:5F:AB:56:B2:9D:B6:D5:5C:6F:98:08:72:8E:14:E1:9C:10:F1
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 737C7509A4FAA4A420C4BF3A657564EE282A94C7
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139352e302f32342d3234203d3e203634323637.roa
Signing time: Wed 09 Oct 2024 09:43:22 +0000
ROA not before: Wed 09 Oct 2024 09:38:22 +0000
ROA not after: Wed 08 Oct 2025 09:43:22 +0000
asID: 64267
IP address blocks: 193.109.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:7c:75:09:a4:fa:a4:a4:20:c4:bf:3a:65:75:64:ee:28:2a:94:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:22 2024 GMT
Not After : Oct 8 09:43:22 2025 GMT
Subject: CN=1E715FAB56B29DB6D55C6F9808728E14E19C10F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:14:29:27:9c:c9:8b:46:f5:64:11:ea:07:a8:
c2:65:f9:b6:f0:92:70:c4:89:4d:a4:e1:5e:01:ee:
c8:dc:84:48:42:ac:8a:92:cf:c3:f9:ef:be:84:e0:
41:4f:44:66:bf:03:5d:de:61:59:21:76:f6:25:66:
b1:3e:ce:10:40:ad:66:e9:af:07:97:f2:b0:0e:3f:
57:34:f5:74:b9:8c:b4:18:94:4f:f8:02:fa:75:e0:
af:9c:f2:99:28:9d:55:27:8e:db:87:91:db:af:50:
1d:65:8e:d0:83:ea:30:09:fb:1c:d2:b7:96:b3:cb:
6b:40:93:46:b6:c9:e8:b1:1c:36:b1:56:85:ca:02:
65:2f:8b:bd:d2:31:f5:5d:40:af:a5:cc:0b:08:26:
b3:18:6f:36:fe:f4:9d:ec:c4:5c:6e:d3:c6:8c:db:
21:02:aa:19:3b:ad:b2:a2:0d:01:c4:79:25:40:a5:
be:c3:d2:9d:a7:3f:96:db:3f:aa:72:33:e8:57:04:
83:53:98:1e:7f:86:82:70:4d:6c:1f:d7:93:0d:46:
24:a3:90:a5:39:4c:89:00:bd:a4:09:84:6f:71:77:
8b:64:d4:cd:b4:59:85:4f:2a:36:c1:13:cc:8c:16:
e6:a6:58:1c:9a:dc:8f:27:06:33:c3:d1:13:d5:81:
2e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:71:5F:AB:56:B2:9D:B6:D5:5C:6F:98:08:72:8E:14:E1:9C:10:F1
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139352e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.195.0/24
Signature Algorithm: sha256WithRSAEncryption
85:d5:aa:a0:70:e6:40:9f:12:21:84:7a:24:a1:c4:a3:d1:de:
f8:14:53:e7:3c:74:2c:89:67:61:6b:e0:64:70:aa:8e:ae:5b:
a2:dd:79:10:76:71:1f:fe:92:ed:48:1a:48:7d:0a:cc:ce:70:
12:81:78:ce:6e:dd:02:48:b0:d6:25:79:2e:99:9a:00:b4:d7:
1f:6b:e9:de:e5:0e:66:7a:03:ef:90:5f:de:75:86:6e:42:65:
4d:b7:e1:d5:65:30:d1:d2:09:85:26:81:fb:aa:21:4d:14:53:
da:81:65:4e:09:25:09:6b:95:af:da:65:36:f0:9b:af:97:0f:
5c:02:8c:a1:97:46:a8:09:26:be:cb:df:62:55:cf:68:8d:44:
14:dc:e1:ba:c7:35:b6:30:e2:06:3e:f2:d1:4a:31:71:3c:5f:
c6:00:ee:7c:7b:33:9a:89:98:71:a2:24:83:ec:10:89:83:34:
00:4f:9a:05:ef:27:18:33:46:d6:9d:eb:e6:98:e2:b6:4d:e7:
29:33:4d:6d:1f:d6:cc:78:3c:55:91:20:90:3b:32:17:36:bf:
21:d9:35:25:8e:a8:12:00:00:4f:e5:79:ee:47:d6:0e:ee:62:
3f:04:d1:cf:8a:62:7e:0c:4a:fc:d4:6c:95:42:1f:70:93:4c:
15:20:6c:53
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUc3x1CaT6pKQgxL86ZXVk7igqlMcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjJaFw0yNTEwMDgwOTQzMjJaMDMxMTAvBgNV
BAMTKDFFNzE1RkFCNTZCMjlEQjZENTVDNkY5ODA4NzI4RTE0RTE5QzEwRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOFCknnMmLRvVkEeoHqMJl+bbw
knDEiU2k4V4B7sjchEhCrIqSz8P5776E4EFPRGa/A13eYVkhdvYlZrE+zhBArWbp
rweX8rAOP1c09XS5jLQYlE/4Avp14K+c8pkonVUnjtuHkduvUB1ljtCD6jAJ+xzS
t5azy2tAk0a2yeixHDaxVoXKAmUvi73SMfVdQK+lzAsIJrMYbzb+9J3sxFxu08aM
2yECqhk7rbKiDQHEeSVApb7D0p2nP5bbP6pyM+hXBINTmB5/hoJwTWwf15MNRiSj
kKU5TIkAvaQJhG9xd4tk1M20WYVPKjbBE8yMFuamWBya3I8nBjPD0RPVgS7fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHnFfq1aynbbVXG+YCHKOFOGcEPEwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzQzMjM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBbcMwDQYJKoZIhvcNAQELBQADggEBAIXVqqBw5kCfEiGEeiShxKPR3vgUU+c8
dCyJZ2Fr4GRwqo6uW6LdeRB2cR/+ku1IGkh9CszOcBKBeM5u3QJIsNYleS6ZmgC0
1x9r6d7lDmZ6A++QX951hm5CZU234dVlMNHSCYUmgfuqIU0UU9qBZU4JJQlrla/a
ZTbwm6+XD1wCjKGXRqgJJr7L32JVz2iNRBTc4brHNbYw4gY+8tFKMXE8X8YA7nx7
M5qJmHGiJIPsEImDNABPmgXvJxgzRtad6+aY4rZN5ykzTW0f1sx4PFWRIJA7Mhc2
vyHZNSWOqBIAAE/lee5H1g7uYj8E0c+KYn4MSvzUbJVCH3CTTBUgbFM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org