
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e20383334.roa
File: 3139342e3136392e3231372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 0UBFnvf24yDnJ02T0I0Fsq2au+/wkVFDbn688KvTY0I=
Subject key identifier: 7F:B6:17:9A:6B:E0:92:5B:CC:8C:44:9C:2A:5B:D3:75:89:0D:55:FF
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 771A33126D4B263C33BFD80CB17A8F9EEC7C4FD5
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e20383334.roa
Signing time: Tue 03 Dec 2024 10:48:57 +0000
ROA not before: Tue 03 Dec 2024 10:43:57 +0000
ROA not after: Tue 02 Dec 2025 10:48:57 +0000
asID: 834
IP address blocks: 194.169.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Feb 2025 05:53:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:1a:33:12:6d:4b:26:3c:33:bf:d8:0c:b1:7a:8f:9e:ec:7c:4f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Dec 3 10:43:57 2024 GMT
Not After : Dec 2 10:48:57 2025 GMT
Subject: CN=7FB6179A6BE0925BCC8C449C2A5BD375890D55FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:59:cc:85:4d:c1:59:cc:22:6d:b4:a0:24:fe:
76:00:6c:39:71:d4:26:6e:36:bb:27:89:73:9c:06:
8e:42:e8:ff:ba:a2:b4:7f:ab:12:f4:d3:40:bb:e5:
c0:90:b4:16:d9:66:5a:b2:a9:9e:98:2a:25:a1:85:
b6:e3:fe:5f:15:78:a4:18:ae:99:ee:71:ba:fa:d2:
d0:07:ba:3b:92:15:3e:10:01:63:85:cd:44:8d:68:
46:75:91:c7:0c:20:c3:4a:56:3e:10:c7:71:8f:9d:
97:2d:fc:e1:5d:8c:28:c5:3f:d7:48:f5:00:e4:ef:
a7:d8:37:1f:88:e8:ec:0f:94:b3:6d:52:df:3c:2f:
df:8d:3d:ac:c0:18:35:d8:01:33:c6:4f:b5:15:a4:
2c:46:b4:9f:6c:90:28:fe:9e:58:a4:8d:cc:8d:53:
00:76:3a:71:d8:50:39:91:9a:f8:84:06:65:3e:f3:
87:ba:57:4d:60:64:08:f8:de:60:61:6b:87:99:6b:
fe:c2:b2:bb:60:14:20:00:79:49:04:9f:76:91:23:
70:5f:83:54:6e:71:0e:bf:7d:73:1f:45:84:0e:91:
bc:37:5c:c4:16:9f:72:7e:0c:46:1a:92:52:c9:55:
94:51:ac:1b:70:f8:df:1e:ca:93:d2:5f:e6:b7:1b:
17:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B6:17:9A:6B:E0:92:5B:CC:8C:44:9C:2A:5B:D3:75:89:0D:55:FF
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:0f:d2:3e:3d:ce:83:c8:61:f5:ef:72:94:0b:e6:ad:9a:9d:
dd:5e:f6:af:47:91:f0:4a:a3:23:9d:13:8f:01:88:64:ae:0a:
40:68:64:dc:19:7a:42:71:5d:f4:3a:c4:63:26:bd:a9:75:2e:
4e:21:15:ff:69:5d:08:45:02:6d:3b:ec:7b:b8:b4:b8:a9:95:
97:85:8c:7b:96:bc:30:c9:c7:70:b6:31:42:86:bb:ff:54:49:
47:8b:fd:1e:e8:ee:c8:a0:da:57:3f:c5:03:72:85:0d:1a:b2:
f0:2e:3d:9d:86:da:4b:e1:62:d7:87:01:f9:36:0b:7d:5a:d3:
dc:03:33:38:0a:f9:9e:d2:2f:16:56:bc:11:56:ec:01:21:24:
91:eb:08:90:11:71:16:91:1d:22:c4:3c:c9:f3:db:00:1e:22:
29:ed:f7:7b:03:6f:18:76:86:ad:86:a3:38:63:0f:68:82:8a:
52:5a:64:e7:63:4b:b1:46:53:e4:f0:b1:e8:6f:cc:d7:d4:d6:
23:26:4f:5c:9d:0b:c1:a5:55:a9:55:7b:ed:a2:11:59:c6:13:
d1:1f:75:49:fe:bb:68:ea:51:21:80:6d:39:56:60:0b:b0:81:
9d:61:78:26:8e:46:31:92:81:e9:56:f5:6a:dc:d9:50:86:ca:
26:8c:06:73
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUdxozEm1LJjwzv9gMsXqPnux8T9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEyMDMxMDQzNTdaFw0yNTEyMDIxMDQ4NTdaMDMxMTAvBgNV
BAMTKDdGQjYxNzlBNkJFMDkyNUJDQzhDNDQ5QzJBNUJEMzc1ODkwRDU1RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnWcyFTcFZzCJttKAk/nYAbDlx
1CZuNrsniXOcBo5C6P+6orR/qxL000C75cCQtBbZZlqyqZ6YKiWhhbbj/l8VeKQY
rpnucbr60tAHujuSFT4QAWOFzUSNaEZ1kccMIMNKVj4Qx3GPnZct/OFdjCjFP9dI
9QDk76fYNx+I6OwPlLNtUt88L9+NPazAGDXYATPGT7UVpCxGtJ9skCj+nlikjcyN
UwB2OnHYUDmRmviEBmU+84e6V01gZAj43mBha4eZa/7CsrtgFCAAeUkEn3aRI3Bf
g1RucQ6/fXMfRYQOkbw3XMQWn3J+DEYaklLJVZRRrBtw+N8eypPSX+a3GxeLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUf7YXmmvgklvMjEScKlvTdYkNVf8wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTM0MmUzMTM2MzkyZTMy
MzEzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKp
2TANBgkqhkiG9w0BAQsFAAOCAQEAHQ/SPj3Og8hh9e9ylAvmrZqd3V72r0eR8Eqj
I50TjwGIZK4KQGhk3Bl6QnFd9DrEYya9qXUuTiEV/2ldCEUCbTvse7i0uKmVl4WM
e5a8MMnHcLYxQoa7/1RJR4v9HujuyKDaVz/FA3KFDRqy8C49nYbaS+Fi14cB+TYL
fVrT3AMzOAr5ntIvFla8EVbsASEkkesIkBFxFpEdIsQ8yfPbAB4iKe33ewNvGHaG
rYajOGMPaIKKUlpk52NLsUZT5PCx6G/M19TWIyZPXJ0LwaVVqVV77aIRWcYT0R91
Sf67aOpRIYBtOVZgC7CBnWF4Jo5GMZKB6Vb1atzZUIbKJowGcw==
-----END CERTIFICATE-----
Generated at Fri Feb 14 14:55:23 2025 by rpki-client