Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/3139332e33362e3130362e302f32342d3234203d3e20323130303336.roa
File: 3139332e33362e3130362e302f32342d3234203d3e20323130303336.roa (raw, json)
Hash identifier: vJ2TPwkWtWC9on+HuIpQJAsK37BeXe2LiPhFGiuERFQ=
Subject key identifier: BD:97:60:9C:FF:C9:D8:BF:CB:07:6F:3F:4B:4E:C4:BD:86:6E:59:60
Certificate issuer: /CN=87d48146623246673056151f64abb8d1ee6b7727
Certificate serial: 129F978E85DE6F62C922EB7E1D273FBCD0745C42
Authority key identifier: 87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/3139332e33362e3130362e302f32342d3234203d3e20323130303336.roa
Signing time: Mon 15 Jan 2024 15:37:27 +0000
ROA not before: Mon 15 Jan 2024 15:32:27 +0000
ROA not after: Mon 13 Jan 2025 15:37:27 +0000
asID: 210036
IP address blocks: 193.36.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.crl
rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.mft
rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:9f:97:8e:85:de:6f:62:c9:22:eb:7e:1d:27:3f:bc:d0:74:5c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87d48146623246673056151f64abb8d1ee6b7727
Validity
Not Before: Jan 15 15:32:27 2024 GMT
Not After : Jan 13 15:37:27 2025 GMT
Subject: CN=BD97609CFFC9D8BFCB076F3F4B4EC4BD866E5960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:53:30:02:e2:75:ed:ba:01:75:50:15:13:9e:
9c:22:96:09:a5:fb:56:4a:4c:a4:bb:cc:9a:3f:09:
c0:62:46:4b:f9:3a:6a:c5:58:ef:76:11:64:f7:11:
f3:e1:cf:d7:d7:f9:fd:83:65:cc:55:ac:85:5c:44:
1f:b1:a5:55:b1:cd:54:c4:f8:3d:79:be:ca:3b:ac:
f6:6a:ee:ce:63:6f:ba:dc:02:2f:47:6e:11:97:91:
a1:12:92:90:f5:58:48:e8:6f:54:29:47:e6:63:78:
2d:7d:29:e9:42:bc:e5:4a:5e:ee:ed:0d:be:a2:10:
de:d2:57:13:a3:2e:bd:fc:ff:c5:a1:b8:1a:e1:54:
3e:24:c9:0b:d1:f5:d2:25:a3:f4:15:99:ef:34:23:
da:76:52:50:af:ed:38:85:2d:67:f2:59:91:07:6a:
f2:ca:7a:60:55:dc:24:da:ba:e8:75:62:3d:c4:3a:
ee:21:d2:7f:da:2b:f0:c6:68:d9:0e:0c:20:22:cc:
48:85:0d:31:c3:4c:5f:31:d3:b8:ca:c9:71:39:ad:
89:0b:aa:76:37:ee:9e:82:cf:91:94:62:1d:35:28:
cc:50:17:c1:96:5b:50:c5:0d:03:62:5b:2d:5a:ac:
33:80:3d:3f:ce:12:74:d3:a5:1e:cf:25:17:2b:2c:
99:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:97:60:9C:FF:C9:D8:BF:CB:07:6F:3F:4B:4E:C4:BD:86:6E:59:60
X509v3 Authority Key Identifier:
keyid:87:D4:81:46:62:32:46:67:30:56:15:1F:64:AB:B8:D1:EE:6B:77:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/87D48146623246673056151F64ABB8D1EE6B7727.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9SBRmIyRmcwVhUfZKu40e5rdyc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a84b548c-275a-476e-bfbe-540e73e62383/0/3139332e33362e3130362e302f32342d3234203d3e20323130303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.106.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:61:54:ff:10:3e:13:fa:d5:e2:de:53:d5:49:bb:b3:bd:01:
03:1d:b5:32:e0:93:86:39:e5:12:27:d0:34:2f:97:c5:c4:ab:
9c:5a:7b:52:c1:87:87:bc:aa:c8:a1:e7:6e:1e:f2:ab:9c:c1:
74:0d:ae:74:c4:c5:8a:22:fa:1f:48:92:87:0c:a3:d7:e4:b9:
1e:40:49:84:c7:cb:ac:7a:c9:d1:0b:a6:3f:c9:b0:dc:47:d5:
96:5f:74:c8:ed:c5:66:38:34:88:d5:28:ad:f9:1b:0a:40:f0:
d3:df:71:88:53:9f:3d:ab:08:42:f9:90:d1:03:43:82:67:3f:
bd:61:6a:94:97:fc:92:d8:ce:23:01:0d:9e:fc:5b:1d:54:30:
8d:51:1a:25:fd:db:ca:87:c4:f8:b0:b8:c5:2f:20:74:f7:55:
f4:18:85:72:1b:f1:58:05:ab:1e:36:e0:9b:21:a9:16:ae:39:
4c:0c:81:1f:b1:e6:2c:a3:f5:ac:b4:53:14:c7:75:3b:08:fb:
22:0b:7a:9c:0b:a2:9d:7e:ef:8e:ca:c7:21:04:ae:3d:dc:15:
ea:fc:d2:30:ef:34:32:38:74:5c:7d:62:f1:dd:32:6d:0b:2a:
52:ce:fe:91:9a:fe:e4:04:97:d0:fc:88:e7:d7:24:54:86:c4:
9c:d9:f0:04
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEp+XjoXeb2LJIut+HSc/vNB0XEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODdkNDgxNDY2MjMyNDY2NzMwNTYxNTFmNjRhYmI4ZDFl
ZTZiNzcyNzAeFw0yNDAxMTUxNTMyMjdaFw0yNTAxMTMxNTM3MjdaMDMxMTAvBgNV
BAMTKEJEOTc2MDlDRkZDOUQ4QkZDQjA3NkYzRjRCNEVDNEJEODY2RTU5NjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPUzAC4nXtugF1UBUTnpwilgml
+1ZKTKS7zJo/CcBiRkv5OmrFWO92EWT3EfPhz9fX+f2DZcxVrIVcRB+xpVWxzVTE
+D15vso7rPZq7s5jb7rcAi9HbhGXkaESkpD1WEjob1QpR+ZjeC19KelCvOVKXu7t
Db6iEN7SVxOjLr38/8WhuBrhVD4kyQvR9dIlo/QVme80I9p2UlCv7TiFLWfyWZEH
avLKemBV3CTauuh1Yj3EOu4h0n/aK/DGaNkODCAizEiFDTHDTF8x07jKyXE5rYkL
qnY37p6Cz5GUYh01KMxQF8GWW1DFDQNiWy1arDOAPT/OEnTTpR7PJRcrLJnRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvZdgnP/J2L/LB28/S07EvYZuWWAwHwYDVR0j
BBgwFoAUh9SBRmIyRmcwVhUfZKu40e5rdycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTg0YjU0OGMtMjc1YS00NzZlLWJmYmUtNTQwZTczZTYy
MzgzLzAvODdENDgxNDY2MjMyNDY2NzMwNTYxNTFGNjRBQkI4RDFFRTZCNzcyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2g5U0JSbUl5Um1jd1ZoVWZaS3U0MGU1
cmR5Yy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTg0YjU0OGMt
Mjc1YS00NzZlLWJmYmUtNTQwZTczZTYyMzgzLzAvMzEzOTMzMmUzMzM2MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzAzMDMzMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBJGowDQYJKoZIhvcNAQELBQADggEBALBhVP8QPhP61eLeU9VJu7O9AQMdtTLg
k4Y55RIn0DQvl8XEq5xae1LBh4e8qsih524e8qucwXQNrnTExYoi+h9IkocMo9fk
uR5ASYTHy6x6ydELpj/JsNxH1ZZfdMjtxWY4NIjVKK35GwpA8NPfcYhTnz2rCEL5
kNEDQ4JnP71hapSX/JLYziMBDZ78Wx1UMI1RGiX928qHxPiwuMUvIHT3VfQYhXIb
8VgFqx424JshqRauOUwMgR+x5iyj9ay0UxTHdTsI+yILepwLop1+747KxyEErj3c
Fer80jDvNDI4dFx9YvHdMm0LKlLO/pGa/uQEl9D8iOfXJFSGxJzZ8AQ=
-----END CERTIFICATE-----
Generated at Fri Jun 28 19:45:15 2024 by rpki-client on console-ams.rpki-client.org