Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139362e302f32342d3234203d3e203230333236.roa
File: 3139332e3130392e3139362e302f32342d3234203d3e203230333236.roa (raw, json)
Hash identifier: OMFfLYQ9WvUE+mmep+WOrBOYjUpAkY2bfL62ADYoAxM=
Subject key identifier: 3D:7E:A0:A2:9A:8B:78:16:4E:F9:EC:E9:9C:C4:02:0F:0E:7A:E1:1C
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 08E234F35DE4D148050C3E3B13FFFAFA29EB3E9C
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139362e302f32342d3234203d3e203230333236.roa
Signing time: Thu 31 Oct 2024 15:57:01 +0000
ROA not before: Thu 31 Oct 2024 15:52:01 +0000
ROA not after: Thu 30 Oct 2025 15:57:01 +0000
asID: 20326
IP address blocks: 193.109.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:e2:34:f3:5d:e4:d1:48:05:0c:3e:3b:13:ff:fa:fa:29:eb:3e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 31 15:52:01 2024 GMT
Not After : Oct 30 15:57:01 2025 GMT
Subject: CN=3D7EA0A29A8B78164EF9ECE99CC4020F0E7AE11C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7d:c7:2d:5e:92:73:ed:7e:da:5d:8a:75:c1:
28:0e:5c:d1:9a:88:1c:4e:91:8b:00:0d:52:a2:f0:
84:0a:63:95:c0:fc:29:fc:cb:f5:c0:83:6e:6c:53:
bb:e9:21:b0:bf:c4:f2:62:b7:9b:ce:00:89:8c:fa:
31:fb:0c:2c:1f:5a:96:9a:d3:43:d0:93:c7:fa:71:
7a:5a:e2:b6:06:86:f4:1b:e3:48:70:55:7c:7b:d8:
0f:9f:a9:8b:79:c4:42:70:1a:76:6a:b9:ca:dd:59:
ad:7d:73:e6:92:f7:7a:b9:39:91:12:37:83:ec:33:
b6:53:1f:7e:01:1f:48:1b:92:fa:f3:ed:74:2a:1c:
8b:4b:43:37:4f:31:71:84:43:51:b6:61:ff:42:bf:
ba:d4:17:3c:ac:9b:d3:a8:56:78:26:1b:79:93:4e:
2a:b2:9c:39:1e:79:b3:a6:ca:4f:8c:ec:c3:6c:fe:
54:59:0d:d5:39:cd:33:fe:c1:7c:36:ef:e2:8e:04:
41:1c:e6:78:fc:2f:a2:60:5c:ac:77:98:b5:21:fd:
1e:e1:3f:b0:32:c0:02:96:2e:61:66:4f:35:0c:4a:
c0:b3:d0:30:a4:9d:e6:da:4f:98:af:d1:bd:fa:95:
4f:31:24:9e:f2:ac:94:6e:d4:28:53:b9:e0:31:19:
31:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7E:A0:A2:9A:8B:78:16:4E:F9:EC:E9:9C:C4:02:0F:0E:7A:E1:1C
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139362e302f32342d3234203d3e203230333236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.196.0/24
Signature Algorithm: sha256WithRSAEncryption
00:a6:42:f0:08:71:92:71:43:01:f2:1d:4e:05:dd:75:ae:34:
5e:70:11:17:05:2b:83:25:a3:17:1a:7a:4d:8a:df:1c:2f:d9:
f0:b2:30:ec:9b:f4:1f:22:24:3f:fa:64:4b:14:ac:1b:7e:79:
f7:6a:94:8e:8b:32:40:64:7e:66:f9:e7:10:42:7f:67:32:4a:
db:9f:04:fa:8e:ad:57:f3:58:77:23:52:84:e3:dc:7a:f3:20:
c5:b1:b3:8b:61:38:63:e6:c4:4a:ea:2d:41:10:86:02:38:8a:
26:d2:83:58:1d:d9:90:36:6d:45:bb:7b:d4:af:58:bb:6b:a1:
3e:1c:b4:a6:89:bb:96:70:ac:de:97:15:b6:cc:87:a1:2b:fc:
18:6e:cd:3c:99:2f:70:ec:e3:6d:41:b8:b3:35:8b:60:8c:08:
d3:50:77:0a:1a:ec:a2:61:89:29:c7:10:27:be:2a:1e:9f:60:
4e:5a:27:fd:65:3b:06:25:4a:f2:e0:0d:a9:dd:6d:06:a6:aa:
1c:8d:a0:1f:ad:57:1f:6c:29:6b:47:d3:c9:07:6a:03:23:95:
68:b0:bc:79:b7:68:87:07:e6:dc:0b:06:03:42:1a:f9:89:00:
a5:7d:1a:31:66:43:0d:0d:4f:f3:7a:b2:b9:e6:c9:14:33:4a:
88:8e:53:97
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCOI0813k0UgFDD47E//6+inrPpwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMzExNTUyMDFaFw0yNTEwMzAxNTU3MDFaMDMxMTAvBgNV
BAMTKDNEN0VBMEEyOUE4Qjc4MTY0RUY5RUNFOTlDQzQwMjBGMEU3QUUxMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrfcctXpJz7X7aXYp1wSgOXNGa
iBxOkYsADVKi8IQKY5XA/Cn8y/XAg25sU7vpIbC/xPJit5vOAImM+jH7DCwfWpaa
00PQk8f6cXpa4rYGhvQb40hwVXx72A+fqYt5xEJwGnZqucrdWa19c+aS93q5OZES
N4PsM7ZTH34BH0gbkvrz7XQqHItLQzdPMXGEQ1G2Yf9Cv7rUFzysm9OoVngmG3mT
TiqynDkeebOmyk+M7MNs/lRZDdU5zTP+wXw27+KOBEEc5nj8L6JgXKx3mLUh/R7h
P7AywAKWLmFmTzUMSsCz0DCknebaT5iv0b36lU8xJJ7yrJRu1ChTueAxGTEpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPX6gopqLeBZO+ezpnMQCDw564RwwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMyMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBbcQwDQYJKoZIhvcNAQELBQADggEBAACmQvAIcZJxQwHyHU4F3XWuNF5wERcF
K4Mloxcaek2K3xwv2fCyMOyb9B8iJD/6ZEsUrBt+efdqlI6LMkBkfmb55xBCf2cy
StufBPqOrVfzWHcjUoTj3HrzIMWxs4thOGPmxErqLUEQhgI4iibSg1gd2ZA2bUW7
e9SvWLtroT4ctKaJu5ZwrN6XFbbMh6Er/BhuzTyZL3Ds421BuLM1i2CMCNNQdwoa
7KJhiSnHECe+Kh6fYE5aJ/1lOwYlSvLgDandbQamqhyNoB+tVx9sKWtH08kHagMj
lWiwvHm3aIcH5twLBgNCGvmJAKV9GjFmQw0NT/N6srnmyRQzSoiOU5c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 07:03:44 2024 by rpki-client on console-fra.rpki-client.org