Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32352e302f32342d3234203d3e20323131343135.roa
File: 3133392e32382e32352e302f32342d3234203d3e20323131343135.roa (raw, json)
Hash identifier: t2eZOXbWa1wSXQ/lRcYYBLRQZdrsUg6kK3TUWhBYOoo=
Subject key identifier: 93:5C:BB:28:0E:BC:A0:B5:B2:F6:4D:6A:08:66:F6:FB:FE:3F:CB:47
Certificate issuer: /CN=637fd1ba3fed44454d6d7030247709d28db3491a
Certificate serial: 212C14761A8CC2AA58885CA25650877417A29449
Authority key identifier: 63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32352e302f32342d3234203d3e20323131343135.roa
Signing time: Fri 27 Sep 2024 14:43:22 +0000
ROA not before: Fri 27 Sep 2024 14:38:22 +0000
ROA not after: Fri 26 Sep 2025 14:43:22 +0000
asID: 211415
IP address blocks: 139.28.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:2c:14:76:1a:8c:c2:aa:58:88:5c:a2:56:50:87:74:17:a2:94:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637fd1ba3fed44454d6d7030247709d28db3491a
Validity
Not Before: Sep 27 14:38:22 2024 GMT
Not After : Sep 26 14:43:22 2025 GMT
Subject: CN=935CBB280EBCA0B5B2F64D6A0866F6FBFE3FCB47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9b:fc:73:1b:af:15:cc:c5:b1:16:b1:87:89:
7f:a3:61:f4:21:62:fe:23:53:16:8a:ae:32:70:8f:
f9:30:88:ba:37:c2:2a:49:dd:a2:0d:90:c2:9d:21:
33:1a:53:c1:20:01:16:c9:0a:d1:01:ab:94:71:29:
f8:73:c5:0d:21:3c:84:7d:a1:af:b0:d3:82:78:8e:
66:5c:cf:6e:d4:e5:b1:ba:1b:cb:7a:81:04:7e:2a:
df:17:e7:e8:f1:18:64:34:86:93:47:bb:e5:c4:7b:
bf:da:a7:e8:e7:4c:0a:2d:41:7b:94:8e:db:44:ed:
30:96:79:f1:ad:e6:70:5b:be:38:61:67:29:96:91:
c4:c3:0c:10:40:3e:a9:1f:35:e6:2a:33:a3:36:a9:
f7:9c:e8:61:b1:78:64:17:7a:af:07:90:9c:0a:8c:
43:34:af:04:68:1d:6f:a9:02:53:3f:f0:57:75:ff:
c5:a6:a9:82:25:23:7c:9e:65:48:68:7a:42:7f:cb:
ff:ae:8a:01:d3:d8:fe:18:bb:14:b4:9d:68:43:59:
cd:01:f6:7c:01:2d:ec:a1:cd:eb:b9:fc:1b:29:96:
e8:c3:66:0e:3f:28:39:b8:4b:91:17:ba:bc:9d:51:
bc:10:d4:ae:9a:3e:18:c3:d2:9b:63:90:89:73:ec:
1e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:5C:BB:28:0E:BC:A0:B5:B2:F6:4D:6A:08:66:F6:FB:FE:3F:CB:47
X509v3 Authority Key Identifier:
keyid:63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32352e302f32342d3234203d3e20323131343135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.25.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:3f:75:be:ac:bc:4d:6c:85:5c:c9:d4:9c:e0:8f:68:e0:6e:
41:43:e0:5c:37:39:d5:fc:12:ec:e1:c3:8b:85:09:5b:7b:c3:
42:d3:d9:d3:fa:ef:4c:49:ba:12:58:bb:c5:a0:04:cd:1a:63:
26:25:8d:8a:20:c2:b4:fc:f7:4d:7c:1f:05:fb:83:b5:00:7c:
74:c2:90:17:12:71:2e:a4:74:8f:00:79:06:70:20:01:48:05:
12:45:f9:31:3c:c9:4e:7e:1b:1a:cb:dd:6c:af:58:eb:c0:65:
09:4d:b3:a5:13:4e:06:50:0c:ac:ec:04:a5:71:fc:af:dc:58:
7d:69:8b:4a:0e:d3:4b:d0:be:bc:5b:dd:ae:40:3e:14:f2:82:
07:97:46:23:80:b4:05:df:af:e7:00:c0:59:4c:ed:e8:98:91:
3a:2a:4c:1b:73:81:1b:01:9f:c1:5c:f7:af:5d:ff:d8:fd:00:
c2:96:a8:cd:aa:f6:d2:09:57:2f:31:f1:b4:3d:8c:27:3c:ae:
5c:0e:67:f1:15:ab:2e:54:9c:fd:71:52:b3:43:e0:4b:a9:b6:
e1:79:62:65:66:43:f2:1f:31:1d:c2:48:7c:fa:06:01:37:7a:
78:b0:56:6e:64:83:58:ee:fc:75:52:4b:6a:24:7f:b7:2b:7a:
e3:86:ba:1c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUISwUdhqMwqpYiFyiVlCHdBeilEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM3ZmQxYmEzZmVkNDQ0NTRkNmQ3MDMwMjQ3NzA5ZDI4
ZGIzNDkxYTAeFw0yNDA5MjcxNDM4MjJaFw0yNTA5MjYxNDQzMjJaMDMxMTAvBgNV
BAMTKDkzNUNCQjI4MEVCQ0EwQjVCMkY2NEQ2QTA4NjZGNkZCRkUzRkNCNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHm/xzG68VzMWxFrGHiX+jYfQh
Yv4jUxaKrjJwj/kwiLo3wipJ3aINkMKdITMaU8EgARbJCtEBq5RxKfhzxQ0hPIR9
oa+w04J4jmZcz27U5bG6G8t6gQR+Kt8X5+jxGGQ0hpNHu+XEe7/ap+jnTAotQXuU
jttE7TCWefGt5nBbvjhhZymWkcTDDBBAPqkfNeYqM6M2qfec6GGxeGQXeq8HkJwK
jEM0rwRoHW+pAlM/8Fd1/8WmqYIlI3yeZUhoekJ/y/+uigHT2P4YuxS0nWhDWc0B
9nwBLeyhzeu5/BsplujDZg4/KDm4S5EXurydUbwQ1K6aPhjD0ptjkIlz7B6xAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUk1y7KA68oLWy9k1qCGb2+/4/y0cwHwYDVR0j
BBgwFoAUY3/Ruj/tREVNbXAwJHcJ0o2zSRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQtZDM3ZC00OTQyLThlOTQtOTFkZDg1M2Vm
N2UzLzAvNjM3RkQxQkEzRkVENDQ0NTRENkQ3MDMwMjQ3NzA5RDI4REIzNDkxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1kzX1J1al90UkVWTmJYQXdKSGNKMG8y
elNSby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQt
ZDM3ZC00OTQyLThlOTQtOTFkZDg1M2VmN2UzLzAvMzEzMzM5MmUzMjM4MmUzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzQzMTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ixwZMA0GCSqGSIb3DQEBCwUAA4IBAQCqP3W+rLxNbIVcydSc4I9o4G5BQ+BcNznV
/BLs4cOLhQlbe8NC09nT+u9MSboSWLvFoATNGmMmJY2KIMK0/PdNfB8F+4O1AHx0
wpAXEnEupHSPAHkGcCABSAUSRfkxPMlOfhsay91sr1jrwGUJTbOlE04GUAys7ASl
cfyv3Fh9aYtKDtNL0L68W92uQD4U8oIHl0YjgLQF36/nAMBZTO3omJE6Kkwbc4Eb
AZ/BXPevXf/Y/QDClqjNqvbSCVcvMfG0PYwnPK5cDmfxFasuVJz9cVKzQ+BLqbbh
eWJlZkPyHzEdwkh8+gYBN3p4sFZuZINY7vx1UktqJH+3K3rjhroc
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:00 2024 by rpki-client on console-ams.rpki-client.org