Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32372e302f32342d3234203d3e20323036313530.roa
File: 3133392e32382e32372e302f32342d3234203d3e20323036313530.roa (raw, json)
Hash identifier: PhaaQ0B2G4/BYaJYdmj2wNhh4+UZzlq/QFz8ZTfUDhY=
Subject key identifier: 74:CD:9E:C2:DD:7D:82:5B:66:A8:AC:21:C0:A7:A4:B5:32:6B:0B:4C
Certificate issuer: /CN=637fd1ba3fed44454d6d7030247709d28db3491a
Certificate serial: 03320C5936A9A1F46ADB3588CB7EC51C8047BC
Authority key identifier: 63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32372e302f32342d3234203d3e20323036313530.roa
Signing time: Fri 27 Sep 2024 14:43:22 +0000
ROA not before: Fri 27 Sep 2024 14:38:22 +0000
ROA not after: Fri 26 Sep 2025 14:43:22 +0000
asID: 206150
IP address blocks: 139.28.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:32:0c:59:36:a9:a1:f4:6a:db:35:88:cb:7e:c5:1c:80:47:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=637fd1ba3fed44454d6d7030247709d28db3491a
Validity
Not Before: Sep 27 14:38:22 2024 GMT
Not After : Sep 26 14:43:22 2025 GMT
Subject: CN=74CD9EC2DD7D825B66A8AC21C0A7A4B5326B0B4C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:90:b2:61:31:70:a9:7c:02:55:21:39:af:d2:
d2:a4:f3:8b:86:7e:c0:75:3e:3d:84:61:62:98:7f:
02:21:e7:12:1a:e6:ff:ef:18:61:33:02:97:08:1a:
29:06:88:42:24:1b:42:7c:7f:a2:1e:8a:84:b6:7c:
98:71:34:ff:43:8e:36:5c:c2:8c:35:c9:b3:28:b5:
60:19:22:7c:b6:3c:13:69:30:a1:68:e9:6b:36:ef:
87:9c:93:0f:16:50:2d:6e:1c:d2:cf:09:6e:17:89:
fa:2c:b3:f9:89:ac:b8:19:41:73:c8:3b:d5:e2:88:
3d:5c:cc:89:34:2e:a2:4a:0b:ff:75:16:d3:73:86:
1f:17:b4:b4:00:93:ef:e0:f0:e8:f2:5c:f7:19:42:
8a:af:77:f3:a0:ed:c4:e0:bb:63:0f:12:ef:1d:3f:
85:78:c2:4f:b0:ed:b2:8c:35:e1:6a:ed:a4:7e:df:
36:dc:b8:de:9a:f2:a6:df:b9:e3:2e:5c:8c:07:52:
40:b2:14:e2:77:22:ab:75:3b:8d:28:7e:77:1b:9e:
fd:43:62:88:47:d4:01:f1:1c:a3:27:f0:cf:43:21:
6b:24:c3:b9:96:47:f3:b1:e4:7e:b5:38:1e:63:04:
20:00:e2:25:c3:dd:d1:c1:a2:76:ef:fe:2d:ef:01:
87:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CD:9E:C2:DD:7D:82:5B:66:A8:AC:21:C0:A7:A4:B5:32:6B:0B:4C
X509v3 Authority Key Identifier:
keyid:63:7F:D1:BA:3F:ED:44:45:4D:6D:70:30:24:77:09:D2:8D:B3:49:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/637FD1BA3FED44454D6D7030247709D28DB3491A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3_Ruj_tREVNbXAwJHcJ0o2zSRo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a94df714-d37d-4942-8e94-91dd853ef7e3/0/3133392e32382e32372e302f32342d3234203d3e20323036313530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.27.0/24
Signature Algorithm: sha256WithRSAEncryption
19:95:ee:fa:b9:b5:04:4b:2c:dd:0f:66:0a:ca:e0:e9:15:48:
aa:9a:38:d0:78:87:48:f6:4c:2f:ef:7c:03:6c:ee:95:54:80:
ea:f4:3d:e5:44:82:4e:5b:7e:f9:cd:fe:de:85:cf:6c:16:6e:
c4:9c:f7:54:3b:7f:06:85:38:64:59:7f:f4:71:26:44:c5:9b:
22:13:ef:0e:2d:88:89:09:67:f7:6f:07:b5:38:5d:b4:c7:b7:
51:03:74:ca:62:de:f5:d9:27:23:f4:47:9b:f3:07:76:66:68:
b0:eb:be:bf:9f:39:8a:73:82:90:ac:25:28:4c:0c:96:4e:b5:
9b:f9:ac:b1:7f:4f:bf:3b:dd:d5:fe:f4:7e:d5:d1:e8:71:17:
9b:78:dd:f7:d1:2f:4c:56:1f:eb:7d:f4:c1:79:10:0a:c5:c9:
d1:75:cb:c6:b8:41:d2:d1:58:31:55:6f:0f:7d:ee:bf:3a:70:
bd:73:ae:0a:a0:1a:e5:c9:7e:1d:ba:58:b7:2a:77:9b:75:46:
98:9a:75:5f:3b:1c:76:a6:49:97:8f:88:f4:59:50:12:33:95:
6f:1d:6b:73:74:14:72:b9:b8:03:b9:8d:63:82:75:fa:92:53:
04:b4:df:fe:6b:01:27:ee:57:2e:5a:87:b4:7c:d0:51:87:a2:
7a:e6:34:84
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgITAzIMWTapofRq2zWIy37FHIBHvDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg2MzdmZDFiYTNmZWQ0NDQ1NGQ2ZDcwMzAyNDc3MDlkMjhk
YjM0OTFhMB4XDTI0MDkyNzE0MzgyMloXDTI1MDkyNjE0NDMyMlowMzExMC8GA1UE
AxMoNzRDRDlFQzJERDdEODI1QjY2QThBQzIxQzBBN0E0QjUzMjZCMEI0QzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMKQsmExcKl8AlUhOa/S0qTzi4Z+
wHU+PYRhYph/AiHnEhrm/+8YYTMClwgaKQaIQiQbQnx/oh6KhLZ8mHE0/0OONlzC
jDXJsyi1YBkifLY8E2kwoWjpazbvh5yTDxZQLW4c0s8JbheJ+iyz+YmsuBlBc8g7
1eKIPVzMiTQuokoL/3UW03OGHxe0tACT7+Dw6PJc9xlCiq9386DtxOC7Yw8S7x0/
hXjCT7Dtsow14WrtpH7fNty43prypt+54y5cjAdSQLIU4nciq3U7jSh+dxue/UNi
iEfUAfEcoyfwz0MhayTDuZZH87HkfrU4HmMEIADiJcPd0cGidu/+Le8BhysCAwEA
AaOCAj0wggI5MB0GA1UdDgQWBBR0zZ7C3X2CW2aorCHAp6S1MmsLTDAfBgNVHSME
GDAWgBRjf9G6P+1ERU1tcDAkdwnSjbNJGjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9hOTRkZjcxNC1kMzdkLTQ5NDItOGU5NC05MWRkODUzZWY3
ZTMvMC82MzdGRDFCQTNGRUQ0NDQ1NEQ2RDcwMzAyNDc3MDlEMjhEQjM0OTFBLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvWTNfUnVqX3RSRVZOYlhBd0pIY0owbzJ6
U1JvLmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hOTRkZjcxNC1k
MzdkLTQ5NDItOGU5NC05MWRkODUzZWY3ZTMvMC8zMTMzMzkyZTMyMzgyZTMyMzcy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMTM1MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACL
HBswDQYJKoZIhvcNAQELBQADggEBABmV7vq5tQRLLN0PZgrK4OkVSKqaONB4h0j2
TC/vfANs7pVUgOr0PeVEgk5bfvnN/t6Fz2wWbsSc91Q7fwaFOGRZf/RxJkTFmyIT
7w4tiIkJZ/dvB7U4XbTHt1EDdMpi3vXZJyP0R5vzB3ZmaLDrvr+fOYpzgpCsJShM
DJZOtZv5rLF/T7873dX+9H7V0ehxF5t43ffRL0xWH+t99MF5EArFydF1y8a4QdLR
WDFVbw997r86cL1zrgqgGuXJfh26WLcqd5t1RpiadV87HHamSZePiPRZUBIzlW8d
a3N0FHK5uAO5jWOCdfqSUwS03/5rASfuVy5ah7R80FGHonrmNIQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:00 2024 by rpki-client on console-ams.rpki-client.org