Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32362e302f32342d3234203d3e20313337343039.roa
File: 3133392e32382e32362e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier: jGCu+6PUFJehV7SD97XGwxO4qcYEtjZiP9+tOlftrfA=
Subject key identifier: 66:79:73:A2:8A:57:B7:82:6B:68:E4:70:EA:24:99:28:1A:4B:C7:22
Certificate issuer: /CN=637fd1ba3fed44454d6d7030247709d28db3491a
Certificate serial: 18A025619024FBA8A4B1557F2E389A5F6CFC74EB
Authority key identifier: 63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32362e302f32342d3234203d3e20313337343039.roa
Signing time: Mon 30 Sep 2024 07:43:22 +0000
ROA not before: Mon 30 Sep 2024 07:38:22 +0000
ROA not after: Mon 29 Sep 2025 07:43:22 +0000
asID: 137409
IP address blocks: 139.28.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:a0:25:61:90:24:fb:a8:a4:b1:55:7f:2e:38:9a:5f:6c:fc:74:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637fd1ba3fed44454d6d7030247709d28db3491a
Validity
Not Before: Sep 30 07:38:22 2024 GMT
Not After : Sep 29 07:43:22 2025 GMT
Subject: CN=667973A28A57B7826B68E470EA2499281A4BC722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b3:12:39:1e:5e:34:c6:fa:2a:7e:2e:84:05:
0e:7f:58:fc:6d:c9:9a:20:7e:d5:65:48:94:1f:bc:
7c:24:be:c4:5e:d3:0a:b4:a4:a1:51:e0:5f:e4:b2:
4a:20:0d:bb:c0:94:33:62:4f:06:42:61:1e:b0:38:
9e:69:e8:45:f8:b9:d2:34:58:3b:dc:9f:8b:1f:e4:
23:54:c6:f8:8e:81:12:ef:02:b1:04:a7:48:d0:17:
73:bd:ef:dc:7c:cb:f4:5f:f6:bc:0f:7d:59:90:49:
1f:35:d5:b3:c7:04:86:ad:03:af:b4:7a:56:8b:fc:
d0:69:d1:54:d5:53:97:52:cf:24:ab:93:33:d3:8f:
2d:06:6d:6b:3d:4c:e4:19:c8:b0:0c:d3:ea:47:90:
40:ec:b7:23:26:17:cb:d4:b9:f8:c8:f1:1b:76:38:
24:43:50:2b:70:4d:2f:60:93:ef:68:54:86:2e:d6:
90:ed:75:ae:b7:6d:dd:78:d3:08:7a:46:96:0f:77:
ba:30:a7:17:82:7a:8e:cc:f3:a3:d7:83:5a:87:00:
18:4c:6b:2a:66:a7:50:f0:b4:44:25:53:9e:b1:2b:
c6:55:df:07:94:4c:76:6f:50:94:48:9c:f8:81:b0:
30:da:b7:54:6f:ff:7d:f2:24:95:79:6e:b3:3a:cd:
e4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:79:73:A2:8A:57:B7:82:6B:68:E4:70:EA:24:99:28:1A:4B:C7:22
X509v3 Authority Key Identifier:
keyid:63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32362e302f32342d3234203d3e20313337343039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.26.0/24
Signature Algorithm: sha256WithRSAEncryption
86:d6:db:ee:e8:a2:9b:54:db:b5:c2:86:9b:e4:7c:61:76:c0:
9f:8e:15:af:5e:e3:96:95:0d:e0:45:b5:ca:7b:5f:a6:1b:ff:
d2:e3:c5:c6:16:4e:7d:84:09:2d:81:a9:63:08:25:f2:b9:6b:
5b:cc:03:24:76:e0:5c:36:77:13:04:9c:37:77:42:f3:b0:a4:
e6:36:5b:c4:5c:60:d5:48:d3:56:9b:38:a1:09:0c:f1:d7:4b:
26:11:be:62:11:51:90:54:74:ae:84:f9:37:e8:e2:f0:9d:78:
8d:87:9f:bd:b2:72:d6:f1:78:53:3a:06:20:7d:ca:54:21:fa:
80:21:70:75:f1:b4:5c:e1:c8:6b:71:f5:28:28:af:74:e4:ab:
e8:08:e3:92:c6:a0:65:1c:b1:5a:b8:7d:fa:3a:f7:0a:fd:a5:
1c:55:8f:a9:b8:30:99:05:7f:91:43:45:75:72:20:68:22:d7:
97:50:04:80:89:57:9c:48:6a:69:6c:61:18:02:ef:e2:1a:16:
cc:03:6a:ed:92:12:ba:d6:20:c1:46:0d:79:fb:a8:d4:5f:6c:
64:d1:70:6d:12:5a:ae:1a:a8:c2:e5:55:d4:95:d6:de:5c:bb:
30:57:f4:7e:37:37:b8:8c:1f:de:e1:15:c0:ab:a0:9e:fc:ba:
fc:5d:a3:47
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGKAlYZAk+6iksVV/LjiaX2z8dOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjM3ZmQxYmEzZmVkNDQ0NTRkNmQ3MDMwMjQ3NzA5ZDI4
ZGIzNDkxYTAeFw0yNDA5MzAwNzM4MjJaFw0yNTA5MjkwNzQzMjJaMDMxMTAvBgNV
BAMTKDY2Nzk3M0EyOEE1N0I3ODI2QjY4RTQ3MEVBMjQ5OTI4MUE0QkM3MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChsxI5Hl40xvoqfi6EBQ5/WPxt
yZogftVlSJQfvHwkvsRe0wq0pKFR4F/kskogDbvAlDNiTwZCYR6wOJ5p6EX4udI0
WDvcn4sf5CNUxviOgRLvArEEp0jQF3O979x8y/Rf9rwPfVmQSR811bPHBIatA6+0
elaL/NBp0VTVU5dSzySrkzPTjy0GbWs9TOQZyLAM0+pHkEDstyMmF8vUufjI8Rt2
OCRDUCtwTS9gk+9oVIYu1pDtda63bd140wh6RpYPd7owpxeCeo7M86PXg1qHABhM
aypmp1DwtEQlU56xK8ZV3weUTHZvUJRInPiBsDDat1Rv/33yJJV5brM6zeRJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZnlzoopXt4JraORw6iSZKBpLxyIwHwYDVR0j
BBgwFoAUY3/Ruj/tREVNbXAwJHcJ0o2zSRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQtZDM3ZC00OTQyLThlOTQtOTFkZDg1M2Vm
N2UzLzAvNjM3RkQxQkEzRkVENDQ0NTRENkQ3MDMwMjQ3NzA5RDI4REIzNDkxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1kzX1J1al90UkVWTmJYQXdKSGNKMG8y
elNSby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTk0ZGY3MTQt
ZDM3ZC00OTQyLThlOTQtOTFkZDg1M2VmN2UzLzAvMzEzMzM5MmUzMjM4MmUzMjM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM3MzQzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ixwaMA0GCSqGSIb3DQEBCwUAA4IBAQCG1tvu6KKbVNu1woab5HxhdsCfjhWvXuOW
lQ3gRbXKe1+mG//S48XGFk59hAktgaljCCXyuWtbzAMkduBcNncTBJw3d0LzsKTm
NlvEXGDVSNNWmzihCQzx10smEb5iEVGQVHSuhPk36OLwnXiNh5+9snLW8XhTOgYg
fcpUIfqAIXB18bRc4chrcfUoKK905KvoCOOSxqBlHLFauH36OvcK/aUcVY+puDCZ
BX+RQ0V1ciBoIteXUASAiVecSGppbGEYAu/iGhbMA2rtkhK61iDBRg15+6jUX2xk
0XBtElquGqjC5VXUldbeXLswV/R+Nze4jB/e4RXAq6Ce/Lr8XaNH
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:00 2024 by rpki-client on console-ams.rpki-client.org