Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233352e302f32342d3234203d3e20383334.roa
File: 3139332e32342e3233352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: zxnP8zsGGQUlVguvOXyhQWG+mkPFttYWWV8GjmVZt7w=
Subject key identifier: D4:28:FE:CD:D3:EA:B7:38:2D:67:2B:D7:56:CB:EA:4E:AA:B3:EC:F6
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 26DF68489B9024B17781EFE6D6104B084818508F
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233352e302f32342d3234203d3e20383334.roa
Signing time: Wed 30 Oct 2024 06:31:33 +0000
ROA not before: Wed 30 Oct 2024 06:26:33 +0000
ROA not after: Wed 29 Oct 2025 06:31:33 +0000
asID: 834
IP address blocks: 193.24.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Nov 2024 07:00:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:df:68:48:9b:90:24:b1:77:81:ef:e6:d6:10:4b:08:48:18:50:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Oct 30 06:26:33 2024 GMT
Not After : Oct 29 06:31:33 2025 GMT
Subject: CN=D428FECDD3EAB7382D672BD756CBEA4EAAB3ECF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3b:d4:32:24:7b:e0:50:11:97:6a:17:18:c4:
8c:6b:1f:ff:1f:0b:30:68:98:c8:8f:68:c9:09:50:
9a:a8:89:f2:fb:a2:43:57:8d:7e:8b:c3:88:f9:07:
6d:68:1e:d8:cf:59:45:41:dc:0a:49:3e:98:98:49:
a1:68:fa:e5:dd:b2:53:1f:dc:f0:d7:75:51:63:f5:
ca:40:85:d2:eb:06:e0:08:eb:12:45:c0:5c:e8:86:
43:f6:b6:9b:03:79:d4:af:8f:65:36:ae:f0:cf:38:
1c:3c:7f:7d:3a:48:1a:fc:c3:c2:e1:de:ec:f3:b8:
43:6b:0f:08:ba:98:06:02:5b:0e:98:06:1b:ec:3f:
3a:2b:6a:60:fa:be:a3:d4:8f:98:a8:09:15:19:a3:
1b:78:77:6d:05:ad:94:bb:a4:fc:f2:c3:46:3d:f1:
87:ce:78:df:d1:69:c6:74:03:bb:38:b4:7f:f6:d8:
a6:28:2b:4b:49:b3:5d:0c:3b:75:1a:16:e7:02:ba:
5a:11:82:8b:a7:fd:ae:f9:d7:a4:bf:45:b6:a0:b1:
a7:18:92:3f:5b:cd:41:f7:e5:27:73:ab:2f:c4:c4:
c1:06:ed:f8:23:0a:42:f8:1b:e6:8c:4f:22:3c:5b:
f2:da:85:12:ca:e8:b2:3c:b6:89:d6:32:b3:ee:a5:
69:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:28:FE:CD:D3:EA:B7:38:2D:67:2B:D7:56:CB:EA:4E:AA:B3:EC:F6
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3139332e32342e3233352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.24.235.0/24
Signature Algorithm: sha256WithRSAEncryption
02:5b:64:77:bd:31:67:c0:fd:7e:3a:1f:4b:b0:f1:95:6e:95:
16:f6:6e:0f:18:32:66:df:9e:de:23:83:d2:75:67:2b:ed:05:
12:3f:e9:6f:c6:8d:01:36:05:2e:16:b6:2a:b7:8b:c1:e8:8e:
f1:43:07:96:31:4c:85:0f:5a:83:f2:04:5d:06:71:8a:8e:fe:
0e:aa:98:9b:4f:55:e3:61:ee:eb:10:9d:d7:0f:c0:d5:44:a4:
fb:49:15:0a:82:21:3c:e2:2a:27:7b:db:04:a3:29:4e:96:9a:
b2:7b:60:d3:b8:99:17:0c:fb:f5:07:50:ab:09:57:1d:15:40:
cb:5d:d7:93:77:5f:66:97:54:f3:28:ec:5a:5e:29:9e:03:7c:
ae:d8:9e:be:e6:3c:ff:bf:ec:2e:00:99:a2:5a:5b:25:be:39:
6e:66:15:df:6f:88:ff:29:77:79:f9:43:a1:bf:5e:8d:e1:8d:
c9:f1:da:46:36:6a:ed:58:fd:af:7a:7e:98:f5:84:18:f1:2a:
ec:59:f2:59:82:18:8f:32:35:e1:07:c7:dc:3d:68:c9:55:72:
47:f0:90:67:b9:5d:c4:c1:a3:39:46:a9:c5:04:ce:b1:f7:79:
af:55:5e:49:04:cb:cc:b3:31:a6:2b:49:66:6f:fc:00:eb:09:
23:b4:4d:9f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUJt9oSJuQJLF3ge/m1hBLCEgYUI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNDEwMzAwNjI2MzNaFw0yNTEwMjkwNjMxMzNaMDMxMTAvBgNV
BAMTKEQ0MjhGRUNERDNFQUI3MzgyRDY3MkJENzU2Q0JFQTRFQUFCM0VDRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAO9QyJHvgUBGXahcYxIxrH/8f
CzBomMiPaMkJUJqoifL7okNXjX6Lw4j5B21oHtjPWUVB3ApJPpiYSaFo+uXdslMf
3PDXdVFj9cpAhdLrBuAI6xJFwFzohkP2tpsDedSvj2U2rvDPOBw8f306SBr8w8Lh
3uzzuENrDwi6mAYCWw6YBhvsPzoramD6vqPUj5ioCRUZoxt4d20FrZS7pPzyw0Y9
8YfOeN/RacZ0A7s4tH/22KYoK0tJs10MO3UaFucCuloRgoun/a7516S/RbagsacY
kj9bzUH35Sdzqy/ExMEG7fgjCkL4G+aMTyI8W/LahRLK6LI8tonWMrPupWmJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU1Cj+zdPqtzgtZyvXVsvqTqqz7PYwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzOTMzMmUzMjM0MmUzMjMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBGOsw
DQYJKoZIhvcNAQELBQADggEBAAJbZHe9MWfA/X46H0uw8ZVulRb2bg8YMmbfnt4j
g9J1ZyvtBRI/6W/GjQE2BS4Wtiq3i8HojvFDB5YxTIUPWoPyBF0GcYqO/g6qmJtP
VeNh7usQndcPwNVEpPtJFQqCITziKid72wSjKU6WmrJ7YNO4mRcM+/UHUKsJVx0V
QMtd15N3X2aXVPMo7FpeKZ4DfK7Ynr7mPP+/7C4AmaJaWyW+OW5mFd9viP8pd3n5
Q6G/Xo3hjcnx2kY2au1Y/a96fpj1hBjxKuxZ8lmCGI8yNeEHx9w9aMlVckfwkGe5
XcTBozlGqcUEzrH3ea9VXkkEy8yzMaYrSWZv/ADrCSO0TZ8=
-----END CERTIFICATE-----
Generated at Mon Nov 4 09:04:49 2024 by rpki-client on console-ams.rpki-client.org