Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203239383032.roa
File: 3139332e33372e3233362e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: dPumV3w+l5K00Z5figZidyPpD2Xj/WObq95u77jhIK4=
Subject key identifier: CB:C6:CB:C4:49:B8:81:0C:C2:AF:FC:E7:45:E7:4E:6E:AA:B0:BF:1B
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 5F33718891E9054B891132598D5F3C294CECEC35
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203239383032.roa
Signing time: Tue 03 Dec 2024 18:44:17 +0000
ROA not before: Tue 03 Dec 2024 18:39:17 +0000
ROA not after: Tue 02 Dec 2025 18:44:17 +0000
asID: 29802
IP address blocks: 193.37.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 22:52:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:33:71:88:91:e9:05:4b:89:11:32:59:8d:5f:3c:29:4c:ec:ec:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Dec 3 18:39:17 2024 GMT
Not After : Dec 2 18:44:17 2025 GMT
Subject: CN=CBC6CBC449B8810CC2AFFCE745E74E6EAAB0BF1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:92:e0:3d:60:17:6a:97:b7:db:69:05:d8:f0:
1d:95:e1:64:a6:9e:06:e0:c5:60:e4:f0:cf:dc:e0:
3f:e9:b5:1d:1e:c8:72:8e:0c:a7:16:cd:7f:12:98:
52:b8:93:ed:a2:f2:ca:11:75:d6:7d:36:42:9a:e2:
54:24:cc:7d:ab:28:d9:a7:dd:a6:09:d3:ec:bd:1b:
67:4b:36:6c:84:3a:9b:c6:3c:0f:8f:8b:76:99:70:
65:f4:c8:d2:38:83:a8:7c:59:64:cb:4a:59:07:3b:
cc:43:9b:13:1a:10:7f:ee:0b:41:65:37:0e:10:f2:
f7:39:05:29:25:af:ba:78:a0:2b:91:dd:9c:b8:44:
f2:05:a5:8f:7e:ab:e1:8e:76:82:84:f3:fc:d2:1b:
c2:eb:a9:e7:a8:a5:57:50:7e:e6:15:ad:b6:e3:d3:
e6:34:c7:d0:78:5c:10:a6:5a:b0:aa:92:4a:6f:22:
cc:b6:bf:70:fb:fb:c8:c2:fd:30:b7:4c:2f:ac:27:
f6:7c:57:ef:b8:d8:bb:e2:c6:21:3a:6f:e4:e7:31:
6e:76:66:f2:1d:19:75:f1:56:77:d1:66:cf:2e:50:
f6:80:ea:76:58:de:29:3f:91:47:56:d7:1e:df:12:
86:72:e3:c0:8c:7c:f5:89:2a:ba:bb:d5:db:3a:e3:
97:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C6:CB:C4:49:B8:81:0C:C2:AF:FC:E7:45:E7:4E:6E:AA:B0:BF:1B
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139332e33372e3233362e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.236.0/24
Signature Algorithm: sha256WithRSAEncryption
67:31:57:85:ce:f6:55:91:50:c6:c0:13:8a:37:34:8c:20:7f:
5d:c9:ee:a9:91:f9:eb:2a:40:ab:91:ed:54:a7:45:75:5b:f1:
b3:77:ba:a2:10:b4:ba:fe:96:09:48:58:fc:27:24:b2:8b:51:
0e:90:d0:15:dd:e9:02:e7:a4:d6:d0:56:43:f4:56:50:f6:29:
69:eb:3b:7f:8d:c2:3c:6c:15:45:14:64:08:7f:f4:5b:98:88:
ba:aa:90:47:52:b8:cd:26:ec:cb:0c:4a:4c:8a:83:00:cc:84:
cc:35:37:36:85:5d:8f:8c:e6:d2:f1:21:f2:aa:a2:d8:b2:b1:
8e:76:bf:4c:94:12:30:91:a5:e1:84:33:47:ce:5c:33:96:e3:
36:22:d5:2a:c9:cb:29:ad:21:07:8b:6e:a5:72:19:38:b1:36:
55:82:cf:2e:b5:35:ee:40:83:90:76:85:ba:cd:c4:09:3b:72:
6f:4a:0c:bd:af:06:ee:fa:34:ab:76:36:dd:90:f3:59:97:78:
12:c6:9f:56:3d:63:b5:e9:f1:a4:96:65:0d:04:1d:b5:42:6e:
bf:6a:d2:1a:29:f6:e9:29:78:02:f8:e5:05:7c:df:d0:41:a4:
7f:97:ae:16:2c:ab:7c:85:23:09:8e:2f:10:fd:a9:9b:30:15:
9e:84:93:41
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXzNxiJHpBUuJETJZjV88KUzs7DUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNDEyMDMxODM5MTdaFw0yNTEyMDIxODQ0MTdaMDMxMTAvBgNV
BAMTKENCQzZDQkM0NDlCODgxMENDMkFGRkNFNzQ1RTc0RTZFQUFCMEJGMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+kuA9YBdql7fbaQXY8B2V4WSm
ngbgxWDk8M/c4D/ptR0eyHKODKcWzX8SmFK4k+2i8soRddZ9NkKa4lQkzH2rKNmn
3aYJ0+y9G2dLNmyEOpvGPA+Pi3aZcGX0yNI4g6h8WWTLSlkHO8xDmxMaEH/uC0Fl
Nw4Q8vc5BSklr7p4oCuR3Zy4RPIFpY9+q+GOdoKE8/zSG8LrqeeopVdQfuYVrbbj
0+Y0x9B4XBCmWrCqkkpvIsy2v3D7+8jC/TC3TC+sJ/Z8V++42LvixiE6b+TnMW52
ZvIdGXXxVnfRZs8uUPaA6nZY3ik/kUdW1x7fEoZy48CMfPWJKrq71ds645drAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUy8bLxEm4gQzCr/znRedObqqwvxswHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzOTMzMmUzMzM3MmUzMjMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSXsMA0GCSqGSIb3DQEBCwUAA4IBAQBnMVeFzvZVkVDGwBOKNzSMIH9dye6pkfnr
KkCrke1Up0V1W/Gzd7qiELS6/pYJSFj8JySyi1EOkNAV3ekC56TW0FZD9FZQ9ilp
6zt/jcI8bBVFFGQIf/RbmIi6qpBHUrjNJuzLDEpMioMAzITMNTc2hV2PjObS8SHy
qqLYsrGOdr9MlBIwkaXhhDNHzlwzluM2ItUqycsprSEHi26lchk4sTZVgs8utTXu
QIOQdoW6zcQJO3JvSgy9rwbu+jSrdjbdkPNZl3gSxp9WPWO16fGklmUNBB21Qm6/
atIaKfbpKXgC+OUFfN/QQaR/l64WLKt8hSMJji8Q/ambMBWehJNB
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:39:54 2025 by rpki-client