Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e203536393133.roa
File: 3139352e3231312e35312e302f32342d3234203d3e203536393133.roa (raw, json)
Hash identifier: UslQcIWF3w5Uye0sQTNbkLM9HQa9mA2meqV4r3zYVXQ=
Subject key identifier: 2D:18:A3:5B:27:51:5F:21:5F:15:24:C5:6F:47:C2:D9:22:70:9E:9C
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 3DBE75F94947162316575371310EF7D9A1B070F3
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e203536393133.roa
Signing time: Sat 16 Dec 2023 07:39:45 +0000
ROA not before: Sat 16 Dec 2023 07:34:45 +0000
ROA not after: Sat 14 Dec 2024 07:39:45 +0000
asID: 56913
IP address blocks: 195.211.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:be:75:f9:49:47:16:23:16:57:53:71:31:0e:f7:d9:a1:b0:70:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Dec 16 07:34:45 2023 GMT
Not After : Dec 14 07:39:45 2024 GMT
Subject: CN=2D18A35B27515F215F1524C56F47C2D922709E9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7d:4d:04:c8:86:e5:06:a1:fe:d5:74:7c:cf:
b2:d5:33:b3:ac:54:e8:7b:1a:c9:c2:47:a4:b2:53:
8a:0c:40:e2:cb:eb:7d:98:5d:11:03:b5:28:01:a9:
b7:8a:ae:54:0a:e3:5c:ef:c7:05:7b:3f:4a:17:f3:
a9:62:46:67:18:99:07:63:26:56:f0:f2:3c:c8:93:
53:cc:e4:b6:24:7c:a4:23:2c:b0:83:5e:38:ca:95:
7e:ad:28:91:85:e0:3f:59:5a:c1:44:f4:84:84:a5:
39:06:7b:4c:1f:19:01:f5:3b:96:6a:e7:1a:bf:f7:
3b:2c:30:39:3c:27:63:ed:b2:c6:59:e4:dd:13:4b:
76:d6:9d:ce:1e:ba:a3:08:34:9b:ee:20:ce:1d:49:
f8:56:c5:d0:2a:79:75:dc:21:e5:49:50:14:bc:4d:
13:6c:eb:67:73:b1:16:31:31:09:c2:fe:b4:3e:4e:
b0:29:d0:ae:47:ed:f9:f6:87:f6:72:55:ef:d1:42:
e6:c0:4e:3c:bd:d0:fc:86:0c:88:99:bd:30:d7:7c:
07:7d:84:67:d2:80:ad:08:44:40:da:ab:4f:60:d8:
d8:84:8e:48:75:bb:e7:c8:65:69:bc:35:dc:5e:a5:
40:05:34:ba:1b:e2:4a:b4:9c:c3:ee:63:b8:1b:62:
79:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:18:A3:5B:27:51:5F:21:5F:15:24:C5:6F:47:C2:D9:22:70:9E:9C
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3139352e3231312e35312e302f32342d3234203d3e203536393133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.51.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:1e:1a:58:ea:26:d2:c2:25:ca:c0:67:20:e2:03:d4:06:99:
91:5a:81:94:10:f6:4b:c9:06:e2:97:78:23:0b:84:5b:87:c0:
d1:45:b5:87:af:05:6b:5c:4f:cd:c6:e8:23:c9:59:55:63:f7:
f1:68:c6:2a:00:83:83:52:14:4b:8e:30:6e:91:9e:84:af:66:
62:90:df:e8:25:ac:ee:a8:7a:9c:3c:a7:47:f4:4c:6d:76:bc:
8a:57:d5:d0:4c:98:37:ae:e0:eb:03:68:1c:3d:04:9b:09:72:
d7:b3:13:61:2b:c7:46:6e:8a:fe:c2:60:c4:0c:0e:7c:96:27:
4c:a2:48:70:0e:0c:48:93:82:42:d8:fb:80:79:61:db:76:bf:
89:fc:47:b9:ac:7a:a7:59:de:8e:42:ca:c2:df:fd:cf:d6:c0:
a2:56:c0:f9:4e:d4:cf:fd:e7:d7:b1:30:bd:56:6b:62:1e:8b:
b7:a1:e7:bf:66:bc:05:8c:65:ee:3b:08:7b:a7:15:6a:3e:71:
7c:7f:d2:49:c3:3c:76:4a:f2:3e:47:dd:7f:85:19:dc:5b:85:
90:47:92:1b:41:2e:57:fe:e1:54:bb:4b:b1:81:ae:e1:39:bb:
b5:54:f5:8b:5d:cc:53:1c:d6:fa:3e:fe:5c:39:8e:44:3c:5a:
22:81:8a:f3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPb51+UlHFiMWV1NxMQ732aGwcPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzEyMTYwNzM0NDVaFw0yNDEyMTQwNzM5NDVaMDMxMTAvBgNV
BAMTKDJEMThBMzVCMjc1MTVGMjE1RjE1MjRDNTZGNDdDMkQ5MjI3MDlFOUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4fU0EyIblBqH+1XR8z7LVM7Os
VOh7GsnCR6SyU4oMQOLL632YXREDtSgBqbeKrlQK41zvxwV7P0oX86liRmcYmQdj
Jlbw8jzIk1PM5LYkfKQjLLCDXjjKlX6tKJGF4D9ZWsFE9ISEpTkGe0wfGQH1O5Zq
5xq/9zssMDk8J2PtssZZ5N0TS3bWnc4euqMINJvuIM4dSfhWxdAqeXXcIeVJUBS8
TRNs62dzsRYxMQnC/rQ+TrAp0K5H7fn2h/ZyVe/RQubATjy90PyGDIiZvTDXfAd9
hGfSgK0IREDaq09g2NiEjkh1u+fIZWm8NdxepUAFNLob4kq0nMPuY7gbYnl7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULRijWydRXyFfFSTFb0fC2SJwnpwwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzOTM1MmUzMjMxMzEyZTM1
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM2MzkzMTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
w9MzMA0GCSqGSIb3DQEBCwUAA4IBAQC7HhpY6ibSwiXKwGcg4gPUBpmRWoGUEPZL
yQbil3gjC4Rbh8DRRbWHrwVrXE/NxugjyVlVY/fxaMYqAIODUhRLjjBukZ6Er2Zi
kN/oJazuqHqcPKdH9ExtdryKV9XQTJg3ruDrA2gcPQSbCXLXsxNhK8dGbor+wmDE
DA58lidMokhwDgxIk4JC2PuAeWHbdr+J/Ee5rHqnWd6OQsrC3/3P1sCiVsD5TtTP
/efXsTC9VmtiHou3oee/ZrwFjGXuOwh7pxVqPnF8f9JJwzx2SvI+R91/hRncW4WQ
R5IbQS5X/uFUu0uxga7hObu1VPWLXcxTHNb6Pv5cOY5EPFoigYrz
-----END CERTIFICATE-----
Generated at Sat Jun 1 06:15:07 2024 by rpki-client on console-ams.rpki-client.org