Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139392e302f32342d3234203d3e203133323133.roa
File: 3139332e3130392e3139392e302f32342d3234203d3e203133323133.roa (raw, json)
Hash identifier: Xhbox++q8Gi3/97IoPMu7CwS6M+eI/F4TpDtBgjAtkA=
Subject key identifier: 64:31:43:21:53:09:A0:15:EA:A9:4C:6D:8F:DE:E6:33:1B:6E:2D:A3
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 30E7DC4F0786305E6A10D3CAE332F93E7841C6BE
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139392e302f32342d3234203d3e203133323133.roa
Signing time: Wed 09 Oct 2024 09:43:23 +0000
ROA not before: Wed 09 Oct 2024 09:38:23 +0000
ROA not after: Wed 08 Oct 2025 09:43:23 +0000
asID: 13213
IP address blocks: 193.109.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:e7:dc:4f:07:86:30:5e:6a:10:d3:ca:e3:32:f9:3e:78:41:c6:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 09:38:23 2024 GMT
Not After : Oct 8 09:43:23 2025 GMT
Subject: CN=643143215309A015EAA94C6D8FDEE6331B6E2DA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:39:8c:b2:08:40:ab:11:0b:d3:df:e5:f9:c6:
47:16:3c:04:1d:4c:e7:25:0f:e8:ea:6f:a6:ec:d9:
f4:f5:85:7b:2c:cc:20:57:27:a5:e2:92:d8:74:32:
7b:f1:7b:f5:8c:9e:c2:9e:a1:e5:40:57:a9:a5:5c:
28:2a:51:0b:d8:0b:1d:c4:60:99:b6:08:ab:7a:48:
5f:2c:c2:c2:15:85:84:42:f7:c4:aa:eb:a9:d8:79:
89:46:69:b0:16:1c:aa:32:aa:3e:59:59:4c:17:69:
86:dc:84:23:c5:18:19:02:29:5f:80:68:cb:57:86:
84:08:38:f6:39:b6:d3:27:27:de:dd:01:f6:f2:d8:
c4:52:34:82:fb:ca:a9:01:b1:e0:ef:5f:94:ce:7e:
f2:08:0d:3a:aa:2e:78:19:21:0a:0b:6f:0e:53:0b:
d9:c0:b0:6c:64:6b:25:aa:33:c9:d2:07:7b:7d:d3:
54:d4:db:06:e4:e3:ab:0d:67:17:62:49:b3:11:03:
dc:38:79:a5:a6:4e:68:5a:9d:3a:d6:a1:a2:1f:09:
17:76:c6:32:5d:49:d5:b3:f0:33:60:dd:84:a0:15:
b9:44:45:a0:30:a0:52:1b:55:92:5a:c3:96:56:35:
93:cd:d3:d4:ec:20:09:29:7a:f9:f1:47:56:2e:79:
64:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:31:43:21:53:09:A0:15:EA:A9:4C:6D:8F:DE:E6:33:1B:6E:2D:A3
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139392e302f32342d3234203d3e203133323133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.199.0/24
Signature Algorithm: sha256WithRSAEncryption
37:5c:fe:8f:74:5a:0c:80:31:7a:9c:15:99:49:55:43:f4:bb:
01:27:e0:fa:1d:e7:3b:05:19:28:c0:de:72:c0:0f:42:f2:3a:
f3:2d:af:b5:d3:df:9b:7f:07:30:32:22:6b:93:95:99:79:7a:
ff:96:80:82:75:fd:f0:83:b0:6a:a3:97:17:69:dd:02:b1:2c:
5e:33:2f:f9:64:2f:eb:04:1a:9d:49:d8:be:91:52:5e:d4:78:
32:32:57:1a:68:ed:af:83:6e:9f:9e:bd:1d:de:94:51:b7:9a:
4c:0e:59:dc:1e:4e:d1:f6:e9:1c:e2:ff:d2:49:a1:d2:b2:87:
fe:7b:25:f3:8d:a9:80:3c:85:b2:68:32:87:86:53:2c:74:29:
a8:7a:40:a0:2a:9c:ad:46:d4:d3:0e:6f:79:fe:3e:9f:0b:1f:
b5:25:b0:98:46:63:f8:f7:82:c3:c0:03:9f:af:b0:e5:4e:c6:
06:9e:d8:c6:d7:68:ca:f4:a7:01:af:71:91:ab:53:08:ac:b4:
e7:e3:59:c3:54:ae:77:0d:1b:06:0a:c3:6b:e1:da:03:a3:1c:
4d:b2:3c:6f:cd:8a:c0:b9:f5:24:fc:2d:91:d7:e8:07:c4:62:
60:b0:df:cf:8a:56:e4:6e:00:c1:93:a6:c3:c5:3e:2c:59:0a:
85:a1:ab:2e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMOfcTweGMF5qENPK4zL5PnhBxr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEwMDkwOTM4MjNaFw0yNTEwMDgwOTQzMjNaMDMxMTAvBgNV
BAMTKDY0MzE0MzIxNTMwOUEwMTVFQUE5NEM2RDhGREVFNjMzMUI2RTJEQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqOYyyCECrEQvT3+X5xkcWPAQd
TOclD+jqb6bs2fT1hXsszCBXJ6Xikth0Mnvxe/WMnsKeoeVAV6mlXCgqUQvYCx3E
YJm2CKt6SF8swsIVhYRC98Sq66nYeYlGabAWHKoyqj5ZWUwXaYbchCPFGBkCKV+A
aMtXhoQIOPY5ttMnJ97dAfby2MRSNIL7yqkBseDvX5TOfvIIDTqqLngZIQoLbw5T
C9nAsGxkayWqM8nSB3t901TU2wbk46sNZxdiSbMRA9w4eaWmTmhanTrWoaIfCRd2
xjJdSdWz8DNg3YSgFblERaAwoFIbVZJaw5ZWNZPN09TsIAkpevnxR1YueWQvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZDFDIVMJoBXqqUxtj97mMxtuLaMwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzMjMxMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBbccwDQYJKoZIhvcNAQELBQADggEBADdc/o90WgyAMXqcFZlJVUP0uwEn4Pod
5zsFGSjA3nLAD0LyOvMtr7XT35t/BzAyImuTlZl5ev+WgIJ1/fCDsGqjlxdp3QKx
LF4zL/lkL+sEGp1J2L6RUl7UeDIyVxpo7a+Dbp+evR3elFG3mkwOWdweTtH26Rzi
/9JJodKyh/57JfONqYA8hbJoMoeGUyx0Kah6QKAqnK1G1NMOb3n+Pp8LH7UlsJhG
Y/j3gsPAA5+vsOVOxgae2MbXaMr0pwGvcZGrUwistOfjWcNUrncNGwYKw2vh2gOj
HE2yPG/NisC59ST8LZHX6AfEYmCw38+KVuRuAMGTpsPFPixZCoWhqy4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:55:50 2024 by rpki-client on console-fra.rpki-client.org