Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e20323134353336.roa
File: 3139352e3231312e35312e302f32342d3234203d3e20323134353336.roa (raw, json)
Hash identifier: GUO5cGXzjDKJp0PpUIs8XgiEZKE9O/YADNWqUgVAo6M=
Subject key identifier: F8:33:2F:2A:A6:94:71:E6:59:DF:41:7B:15:C8:BA:54:E7:DF:40:EB
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 68571A5C1FB0F6427BB34741118165DB25DE123D
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e20323134353336.roa
Signing time: Sat 20 Jul 2024 06:15:02 +0000
ROA not before: Sat 20 Jul 2024 06:10:02 +0000
ROA not after: Sat 19 Jul 2025 06:15:02 +0000
asID: 214536
IP address blocks: 195.211.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 13:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:57:1a:5c:1f:b0:f6:42:7b:b3:47:41:11:81:65:db:25:de:12:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jul 20 06:10:02 2024 GMT
Not After : Jul 19 06:15:02 2025 GMT
Subject: CN=F8332F2AA69471E659DF417B15C8BA54E7DF40EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:23:da:8e:5f:c1:78:10:14:45:24:69:bd:3c:
7b:a9:7b:bc:00:96:f5:b9:24:b8:5e:ce:26:3a:5c:
29:e0:c8:47:cf:33:7f:7f:ba:c6:28:a7:75:e7:cc:
29:3f:59:65:c3:2a:f2:12:f3:b1:35:bd:90:9e:a5:
16:5b:f7:be:ed:15:c2:fc:9a:fd:59:06:68:fb:bf:
0e:42:c6:3a:30:76:51:56:6f:bc:ed:1e:d6:0d:dc:
3d:75:b8:18:f6:da:1a:8a:71:05:3a:b1:56:2e:e7:
5b:86:a1:47:62:67:a5:ed:db:a4:be:c8:37:8c:a3:
e8:5c:bc:dc:29:87:03:1a:2b:f6:18:4f:34:26:55:
92:ff:2b:e8:46:ad:bc:4c:47:2f:60:e9:c5:42:54:
85:e8:eb:10:70:40:30:2e:f4:ff:d8:3f:7e:ab:bf:
8b:2d:1c:6c:16:1d:4e:e4:e7:18:9c:4f:5d:85:07:
df:7f:53:13:32:a0:c9:28:5f:92:0b:96:94:2c:a1:
12:44:48:10:1d:80:f0:2f:f1:b0:de:c1:fa:15:78:
b4:c7:3d:18:f7:4b:68:48:9f:4d:59:96:6d:cc:1e:
d6:96:84:e4:97:52:31:d3:5b:5d:1e:84:d1:fe:87:
41:17:c9:33:b2:8c:15:49:38:9a:28:af:c0:57:8c:
62:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:33:2F:2A:A6:94:71:E6:59:DF:41:7B:15:C8:BA:54:E7:DF:40:EB
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e20323134353336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.51.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:95:e8:c3:21:d9:15:fa:eb:d2:ef:73:fe:fb:de:ca:eb:4f:
17:4e:3a:1c:46:f8:d1:0d:df:cc:2a:44:c7:10:29:60:37:1c:
ff:90:b5:50:69:8a:6b:38:ce:08:06:7d:9e:b8:fc:0c:b7:58:
c9:c3:c3:44:6e:9d:08:03:20:9a:ea:be:42:67:63:99:63:48:
20:4e:7f:f0:99:31:34:81:f0:50:d9:9a:dd:76:7c:71:1a:3a:
26:49:e2:b3:fe:7c:d4:ee:a3:93:fa:6d:ca:bf:0b:06:58:d5:
67:64:b8:c9:a3:a5:5d:70:39:1f:1b:df:54:68:40:aa:a4:4b:
09:c8:31:f1:9c:21:19:32:31:50:37:48:3f:2d:bd:9d:96:29:
eb:55:78:71:87:20:05:cc:6b:6b:f1:a9:3d:a2:1f:79:bf:63:
06:d4:e0:e7:3e:43:5a:83:df:3a:fb:b3:9a:88:a0:a6:e8:3f:
46:e5:c0:44:f8:5c:31:93:5a:df:3b:91:b1:aa:c4:06:29:d0:
5b:35:d0:53:d6:2d:9f:fa:e3:7f:b9:0e:43:60:98:de:4c:c0:
2f:65:3f:2c:a3:2f:06:d0:a6:08:b8:0b:70:f4:84:0f:13:50:
1c:ed:98:8e:53:d4:61:57:8a:cb:aa:6e:7f:41:39:b3:3d:e2:
da:9c:7f:7f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaFcaXB+w9kJ7s0dBEYFl2yXeEj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDA3MjAwNjEwMDJaFw0yNTA3MTkwNjE1MDJaMDMxMTAvBgNV
BAMTKEY4MzMyRjJBQTY5NDcxRTY1OURGNDE3QjE1QzhCQTU0RTdERjQwRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjI9qOX8F4EBRFJGm9PHupe7wA
lvW5JLheziY6XCngyEfPM39/usYop3XnzCk/WWXDKvIS87E1vZCepRZb977tFcL8
mv1ZBmj7vw5CxjowdlFWb7ztHtYN3D11uBj22hqKcQU6sVYu51uGoUdiZ6Xt26S+
yDeMo+hcvNwphwMaK/YYTzQmVZL/K+hGrbxMRy9g6cVCVIXo6xBwQDAu9P/YP36r
v4stHGwWHU7k5xicT12FB99/UxMyoMkoX5ILlpQsoRJESBAdgPAv8bDewfoVeLTH
PRj3S2hIn01Zlm3MHtaWhOSXUjHTW10ehNH+h0EXyTOyjBVJOJoor8BXjGJrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU+DMvKqaUceZZ30F7Fci6VOffQOswHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzOTM1MmUzMjMxMzEyZTM1
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzNTMzMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADD0zMwDQYJKoZIhvcNAQELBQADggEBADqV6MMh2RX669Lvc/773srrTxdOOhxG
+NEN38wqRMcQKWA3HP+QtVBpims4zggGfZ64/Ay3WMnDw0RunQgDIJrqvkJnY5lj
SCBOf/CZMTSB8FDZmt12fHEaOiZJ4rP+fNTuo5P6bcq/CwZY1WdkuMmjpV1wOR8b
31RoQKqkSwnIMfGcIRkyMVA3SD8tvZ2WKetVeHGHIAXMa2vxqT2iH3m/YwbU4Oc+
Q1qD3zr7s5qIoKboP0blwET4XDGTWt87kbGqxAYp0Fs10FPWLZ/643+5DkNgmN5M
wC9lPyyjLwbQpgi4C3D0hA8TUBztmI5T1GFXisuqbn9BObM94tqcf38=
-----END CERTIFICATE-----
Generated at Wed Sep 18 21:44:43 2024 by rpki-client on console-ams.rpki-client.org