Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e203230343733.roa
File: 3139332e3130392e3139382e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: 5KzlaRxlRtRd6+54W6trgSFOuhZ1u2WwtRW4Q9vvoDw=
Subject key identifier: AE:7B:B2:00:B4:AC:B5:9E:54:08:2B:9D:45:BE:1C:C9:DD:7E:62:53
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 0D2FD3632E9F1DEFA2526DA9EF2E748233C87F97
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e203230343733.roa
Signing time: Thu 26 Sep 2024 16:37:16 +0000
ROA not before: Thu 26 Sep 2024 16:32:16 +0000
ROA not after: Thu 25 Sep 2025 16:37:16 +0000
asID: 20473
IP address blocks: 193.109.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:2f:d3:63:2e:9f:1d:ef:a2:52:6d:a9:ef:2e:74:82:33:c8:7f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 26 16:32:16 2024 GMT
Not After : Sep 25 16:37:16 2025 GMT
Subject: CN=AE7BB200B4ACB59E54082B9D45BE1CC9DD7E6253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9d:4a:d8:a3:02:9c:ad:14:af:da:b0:e7:63:
b0:89:81:c4:44:40:40:f9:e0:83:af:9f:e8:f1:31:
d8:cf:39:6f:5c:f6:12:f4:7e:45:97:7f:62:fd:86:
a8:66:05:ea:09:58:84:59:50:2d:59:e2:ab:fb:ca:
fe:27:3f:7d:5f:15:21:89:27:a9:33:38:1c:2f:f9:
62:1a:37:12:a5:3b:47:a6:98:7c:31:2c:78:19:37:
23:d5:f6:17:b6:50:4f:dc:88:31:fb:0e:13:aa:9a:
8d:f3:9b:ac:a0:55:b1:c5:b4:16:fc:32:77:90:d4:
fc:a9:fb:67:8e:79:0c:1a:3f:ad:36:c0:75:14:90:
36:30:29:77:7a:a5:85:64:74:33:e6:30:b0:f7:1d:
41:b0:a3:0d:f6:8c:c2:d0:d6:3d:f8:b9:f8:06:b0:
a1:e9:a6:d5:bb:61:3b:e4:93:96:09:d0:37:c7:41:
6e:0b:03:71:82:a9:5b:00:f2:17:07:80:88:c4:21:
30:05:87:2e:35:18:d6:b1:7b:79:23:1b:26:0a:73:
f8:32:53:d1:18:0a:6e:0e:cf:1c:30:de:53:a5:c8:
6a:40:4e:ff:79:0b:14:8c:20:b0:9e:7c:f8:3e:fa:
f0:0b:7b:94:83:fc:e5:56:d6:e6:38:90:3b:a8:74:
75:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7B:B2:00:B4:AC:B5:9E:54:08:2B:9D:45:BE:1C:C9:DD:7E:62:53
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
17:6f:87:a5:83:da:d8:fd:7a:eb:fb:75:49:1a:c0:9a:9d:df:
b4:18:27:2b:59:ec:c7:8a:73:c2:cf:77:d4:76:c8:9f:04:df:
76:91:06:f3:21:a7:11:54:df:ff:89:06:0f:02:0f:b0:0a:2c:
f0:8b:39:01:c4:cd:60:24:fa:49:61:3a:79:06:b3:c1:52:3f:
e9:e7:9c:1d:57:55:27:8a:45:05:3d:20:66:f0:50:30:d8:2b:
11:32:93:f4:57:26:32:77:c1:64:ff:45:a9:bc:ab:3d:ae:62:
3a:39:a7:0f:6c:3e:34:f8:ae:da:de:89:1a:59:70:55:83:e7:
4d:bf:b7:9a:e7:94:32:17:ae:4e:2c:bf:f1:f7:8c:2a:64:96:
57:c7:88:a7:30:ab:41:2a:29:6a:f7:62:ab:2f:8d:4d:72:bf:
e3:61:b3:c5:53:35:82:94:94:f9:18:4b:67:2d:a7:ca:67:f0:
2c:b8:8c:e8:53:66:ad:5d:fd:6d:e0:01:f9:c8:a9:81:e8:e2:
4e:55:4b:bd:35:4b:79:b3:3d:a8:9d:5a:4c:4f:5e:b5:b3:c9:
45:41:82:ca:66:4d:14:25:f0:2b:60:83:b0:d7:c6:99:67:cb:
17:77:73:6f:87:12:82:5f:32:99:2a:f4:3a:0c:be:07:6d:73:
c6:05:79:f7
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDS/TYy6fHe+iUm2p7y50gjPIf5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA5MjYxNjMyMTZaFw0yNTA5MjUxNjM3MTZaMDMxMTAvBgNV
BAMTKEFFN0JCMjAwQjRBQ0I1OUU1NDA4MkI5RDQ1QkUxQ0M5REQ3RTYyNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvnUrYowKcrRSv2rDnY7CJgcRE
QED54IOvn+jxMdjPOW9c9hL0fkWXf2L9hqhmBeoJWIRZUC1Z4qv7yv4nP31fFSGJ
J6kzOBwv+WIaNxKlO0emmHwxLHgZNyPV9he2UE/ciDH7DhOqmo3zm6ygVbHFtBb8
MneQ1Pyp+2eOeQwaP602wHUUkDYwKXd6pYVkdDPmMLD3HUGwow32jMLQ1j34ufgG
sKHpptW7YTvkk5YJ0DfHQW4LA3GCqVsA8hcHgIjEITAFhy41GNaxe3kjGyYKc/gy
U9EYCm4Ozxww3lOlyGpATv95CxSMILCefPg++vALe5SD/OVW1uY4kDuodHVJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrnuyALSstZ5UCCudRb4cyd1+YlMwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBbcYwDQYJKoZIhvcNAQELBQADggEBABdvh6WD2tj9euv7dUkawJqd37QYJytZ
7MeKc8LPd9R2yJ8E33aRBvMhpxFU3/+JBg8CD7AKLPCLOQHEzWAk+klhOnkGs8FS
P+nnnB1XVSeKRQU9IGbwUDDYKxEyk/RXJjJ3wWT/Ram8qz2uYjo5pw9sPjT4rtre
iRpZcFWD502/t5rnlDIXrk4sv/H3jCpkllfHiKcwq0EqKWr3YqsvjU1yv+Nhs8VT
NYKUlPkYS2ctp8pn8Cy4jOhTZq1d/W3gAfnIqYHo4k5VS701S3mzPaidWkxPXrWz
yUVBgspmTRQl8Ctgg7DXxplnyxd3c2+HEoJfMpkq9DoMvgdtc8YFefc=
-----END CERTIFICATE-----
Generated at Thu Nov 21 14:22:19 2024 by rpki-client on console-ams.rpki-client.org