Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e20313533333731.roa
File: 3139352e3231312e35312e302f32342d3234203d3e20313533333731.roa (raw, json)
Hash identifier: geB+LZVkrt1h2xdZOn9NBaFElIeNtdfBDDFJr/GZaFs=
Subject key identifier: F3:74:2C:1B:A0:47:11:42:3F:46:7D:81:4F:D4:93:26:7E:9C:48:7A
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 15D6613C268243A9E4DB550F542DA04ADEA20CB1
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e20313533333731.roa
Signing time: Sun 20 Oct 2024 19:31:00 +0000
ROA not before: Sun 20 Oct 2024 19:26:00 +0000
ROA not after: Sun 19 Oct 2025 19:31:00 +0000
asID: 153371
IP address blocks: 195.211.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Oct 2024 14:14:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:d6:61:3c:26:82:43:a9:e4:db:55:0f:54:2d:a0:4a:de:a2:0c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Oct 20 19:26:00 2024 GMT
Not After : Oct 19 19:31:00 2025 GMT
Subject: CN=F3742C1BA04711423F467D814FD493267E9C487A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:1c:6f:6e:ca:cb:f5:17:36:a2:4b:06:b9:ce:
1f:52:b1:d7:ab:20:e8:77:d2:0b:65:2f:84:06:11:
09:3b:2e:2d:d3:cc:65:29:65:20:6e:bb:1c:cb:76:
a3:0b:48:42:f9:30:6f:8a:3d:fb:fa:73:b4:3c:b2:
55:25:d3:72:3a:5d:1b:82:55:f8:da:0c:f9:2f:da:
36:23:46:78:93:2c:f2:f1:14:d5:b8:fe:7e:bc:7f:
d5:1c:fc:b3:90:62:03:1a:f0:e1:0a:11:70:a1:bb:
7b:1e:4a:58:8e:5a:1c:03:5d:9f:7b:a1:c8:56:cd:
72:3c:09:e2:a5:ed:9b:3b:77:b7:55:e4:14:18:61:
86:51:0c:c1:8f:10:f9:0b:2a:af:25:cb:0a:5b:0a:
ae:53:9c:20:6e:2f:62:61:ff:f6:56:7f:04:02:f4:
f9:c2:3e:de:0b:5c:7e:57:f4:0e:f9:9e:e3:c2:9c:
60:d6:3d:e2:62:f9:04:51:8b:19:08:70:37:bd:0f:
23:ff:81:df:2e:1c:fc:95:df:d4:44:6b:47:fa:d0:
c0:fa:43:95:4e:ce:75:3f:e9:b7:10:36:4c:32:22:
f2:e9:88:d0:00:a3:60:dd:83:51:86:dc:56:35:bb:
93:17:4b:03:ee:5f:e9:24:88:6b:a8:94:3e:b5:32:
c3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:74:2C:1B:A0:47:11:42:3F:46:7D:81:4F:D4:93:26:7E:9C:48:7A
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e20313533333731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.51.0/24
Signature Algorithm: sha256WithRSAEncryption
02:cc:82:22:09:bf:57:64:10:f5:21:b2:26:fe:f5:99:5c:47:
9b:86:e9:03:cb:13:26:be:7b:61:e5:1b:15:11:d8:38:d8:0a:
b1:97:8b:8e:ac:25:c3:cd:f9:13:ec:05:c1:23:bb:3f:eb:22:
e7:0e:48:1e:20:68:97:b5:79:f9:ea:5f:d6:00:97:d7:6e:74:
f6:ca:c8:03:43:ac:99:62:f2:fb:72:24:e6:cc:b2:78:0d:50:
0d:b0:13:1f:60:eb:80:0b:8f:80:1c:4c:e2:1e:db:f3:02:75:
93:d5:1a:e0:3f:f2:05:e1:04:d5:7f:e7:84:12:ba:c5:d5:15:
30:62:3b:ec:c2:aa:c5:4c:41:9c:2c:a7:79:00:b2:1a:b2:15:
03:fe:20:1d:ed:5c:07:a4:a9:af:bb:fb:d3:5e:a5:cf:c9:dd:
7f:3d:7b:a0:7a:42:7f:89:86:f5:fa:a5:21:55:e7:c6:b0:7d:
3a:21:e9:dd:66:6e:54:de:d4:2f:40:d0:8d:26:cd:fe:bc:4f:
82:32:b4:54:ec:64:69:d6:96:a1:ba:dd:33:7b:db:15:e4:fe:
67:79:2e:42:f1:bc:61:1e:9c:12:0b:94:41:83:0a:23:83:1a:
3d:66:00:bd:1b:e0:ba:07:4f:0f:3b:23:a8:12:97:d8:a4:e9:
06:52:50:48
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFdZhPCaCQ6nk21UPVC2gSt6iDLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDEwMjAxOTI2MDBaFw0yNTEwMTkxOTMxMDBaMDMxMTAvBgNV
BAMTKEYzNzQyQzFCQTA0NzExNDIzRjQ2N0Q4MTRGRDQ5MzI2N0U5QzQ4N0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxHG9uysv1FzaiSwa5zh9Ssder
IOh30gtlL4QGEQk7Li3TzGUpZSBuuxzLdqMLSEL5MG+KPfv6c7Q8slUl03I6XRuC
VfjaDPkv2jYjRniTLPLxFNW4/n68f9Uc/LOQYgMa8OEKEXChu3seSliOWhwDXZ97
ochWzXI8CeKl7Zs7d7dV5BQYYYZRDMGPEPkLKq8lywpbCq5TnCBuL2Jh//ZWfwQC
9PnCPt4LXH5X9A75nuPCnGDWPeJi+QRRixkIcDe9DyP/gd8uHPyV39REa0f60MD6
Q5VOznU/6bcQNkwyIvLpiNAAo2Ddg1GG3FY1u5MXSwPuX+kkiGuolD61MsPXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU83QsG6BHEUI/Rn2BT9STJn6cSHowHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzOTM1MmUzMjMxMzEyZTM1
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM1MzMzMzM3MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADD0zMwDQYJKoZIhvcNAQELBQADggEBAALMgiIJv1dkEPUhsib+9ZlcR5uG6QPL
Eya+e2HlGxUR2DjYCrGXi46sJcPN+RPsBcEjuz/rIucOSB4gaJe1efnqX9YAl9du
dPbKyANDrJli8vtyJObMsngNUA2wEx9g64ALj4AcTOIe2/MCdZPVGuA/8gXhBNV/
54QSusXVFTBiO+zCqsVMQZwsp3kAshqyFQP+IB3tXAekqa+7+9Nepc/J3X89e6B6
Qn+JhvX6pSFV58awfToh6d1mblTe1C9A0I0mzf68T4IytFTsZGnWlqG63TN72xXk
/md5LkLxvGEenBILlEGDCiODGj1mAL0b4LoHTw87I6gSl9ik6QZSUEg=
-----END CERTIFICATE-----
Generated at Wed Oct 23 22:04:12 2024 by rpki-client on console-ams.rpki-client.org