Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139342e302e3232392e302f32342d3234203d3e2035343634.roa
File: 3139342e302e3232392e302f32342d3234203d3e2035343634.roa (raw, json)
Hash identifier: oQyH8lZhLG0u0aqF+4s4indFn1nAIdiedV1waxwDSVA=
Subject key identifier: F1:E4:46:C4:00:10:18:0B:9B:22:2F:20:8C:29:84:C7:53:25:1D:C7
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 0F283134E5242F9D077548E12DD4FDE386F6D632
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139342e302e3232392e302f32342d3234203d3e2035343634.roa
Signing time: Wed 22 May 2024 09:05:16 +0000
ROA not before: Wed 22 May 2024 09:00:16 +0000
ROA not after: Wed 21 May 2025 09:05:16 +0000
asID: 5464
IP address blocks: 194.0.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.mft
rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:28:31:34:e5:24:2f:9d:07:75:48:e1:2d:d4:fd:e3:86:f6:d6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: May 22 09:00:16 2024 GMT
Not After : May 21 09:05:16 2025 GMT
Subject: CN=F1E446C40010180B9B222F208C2984C753251DC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b5:c2:f3:62:fa:e2:60:b6:0e:be:aa:c1:ee:
bc:29:68:a4:38:a5:ac:e6:66:87:5b:cc:82:fd:08:
b3:a7:9b:0b:e7:87:32:d5:50:58:ec:de:38:9b:39:
a1:f5:51:d0:03:c4:79:20:40:7a:b1:e1:e3:98:34:
a6:b3:c6:1c:40:42:93:c1:42:4f:f0:ac:8c:0f:8f:
a9:df:a6:72:8c:f1:99:52:b0:46:01:ef:51:2a:b0:
79:d0:5c:94:05:c6:f0:bb:e4:65:09:98:c0:28:1d:
97:42:de:c4:3a:10:78:48:61:94:ae:44:89:2e:52:
a8:03:bf:9c:c2:91:8d:16:72:02:7d:5c:03:95:7f:
f1:75:73:2d:dd:f6:30:f3:a7:be:96:67:1f:ac:be:
0f:6d:e1:d3:25:fe:01:db:80:6c:d9:b4:9f:c3:2a:
0a:41:3f:d4:39:53:2f:9a:f4:2b:fc:81:7e:38:f5:
fd:aa:16:c2:69:77:46:99:28:74:7a:62:b1:ef:87:
d8:17:65:c5:d0:10:80:7a:c2:ba:92:68:2f:10:c9:
91:5a:70:5a:14:cf:65:17:7b:98:67:46:65:93:11:
54:8b:4f:cd:43:8d:a7:b1:1f:ef:b1:99:df:ed:3b:
1c:62:af:93:0d:b1:db:65:99:8a:1c:63:5c:63:4c:
f5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E4:46:C4:00:10:18:0B:9B:22:2F:20:8C:29:84:C7:53:25:1D:C7
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3139342e302e3232392e302f32342d3234203d3e2035343634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.229.0/24
Signature Algorithm: sha256WithRSAEncryption
37:52:48:25:74:b9:63:df:9a:9d:40:ae:d3:94:33:75:53:83:
57:78:d1:ee:b2:02:60:14:6a:c2:d4:c8:b4:80:3a:a9:b1:09:
d3:10:78:b9:f9:b2:58:f6:eb:80:a1:85:9f:ec:f6:2d:17:f5:
01:0c:1a:0b:d4:61:1b:6d:5a:d4:28:32:80:ad:ed:b5:f3:c9:
39:5c:75:30:f2:24:6d:d5:66:64:3c:97:cf:ae:5b:ab:b2:d3:
d2:61:be:13:55:6e:36:29:43:4e:26:96:83:87:6b:88:e8:5f:
7e:14:49:4a:3e:1d:2f:a4:20:5e:eb:f0:45:22:f3:5a:7e:c6:
cf:dc:e2:d8:4c:f2:6d:33:9b:19:c6:82:8e:2b:cf:1f:8d:73:
ae:2a:b3:7a:e0:45:1d:01:ba:ef:a3:06:4c:82:b7:53:ba:96:
f8:91:60:4d:44:c4:8e:99:6e:85:c1:5f:dd:c3:6d:30:7f:52:
ac:82:48:22:50:34:fd:d3:f8:98:bf:23:b3:5c:b5:ff:6c:19:
d7:cf:55:e8:59:37:ec:be:0b:e9:64:74:4e:f8:45:47:55:8b:
f6:99:4d:80:88:ab:11:80:da:b0:2c:b7:e4:22:ca:29:fa:56:
ff:7a:05:08:01:61:65:dc:1d:32:43:4e:6f:bf:b7:2c:77:8e:
f1:01:fa:37
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDygxNOUkL50HdUjhLdT944b21jIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNDA1MjIwOTAwMTZaFw0yNTA1MjEwOTA1MTZaMDMxMTAvBgNV
BAMTKEYxRTQ0NkM0MDAxMDE4MEI5QjIyMkYyMDhDMjk4NEM3NTMyNTFEQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBtcLzYvriYLYOvqrB7rwpaKQ4
pazmZodbzIL9CLOnmwvnhzLVUFjs3jibOaH1UdADxHkgQHqx4eOYNKazxhxAQpPB
Qk/wrIwPj6nfpnKM8ZlSsEYB71EqsHnQXJQFxvC75GUJmMAoHZdC3sQ6EHhIYZSu
RIkuUqgDv5zCkY0WcgJ9XAOVf/F1cy3d9jDzp76WZx+svg9t4dMl/gHbgGzZtJ/D
KgpBP9Q5Uy+a9Cv8gX449f2qFsJpd0aZKHR6YrHvh9gXZcXQEIB6wrqSaC8QyZFa
cFoUz2UXe5hnRmWTEVSLT81DjaexH++xmd/tOxxir5MNsdtlmYocY1xjTPX9AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU8eRGxAAQGAubIi8gjCmEx1MlHccwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzOTM0MmUzMDJlMzIzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzNDM2MzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCAOUw
DQYJKoZIhvcNAQELBQADggEBADdSSCV0uWPfmp1ArtOUM3VTg1d40e6yAmAUasLU
yLSAOqmxCdMQeLn5slj264ChhZ/s9i0X9QEMGgvUYRttWtQoMoCt7bXzyTlcdTDy
JG3VZmQ8l8+uW6uy09JhvhNVbjYpQ04mloOHa4joX34USUo+HS+kIF7r8EUi81p+
xs/c4thM8m0zmxnGgo4rzx+Nc64qs3rgRR0Buu+jBkyCt1O6lviRYE1ExI6ZboXB
X93DbTB/UqyCSCJQNP3T+Ji/I7Nctf9sGdfPVehZN+y+C+lkdE74RUdVi/aZTYCI
qxGA2rAst+Qiyin6Vv96BQgBYWXcHTJDTm+/tyx3jvEB+jc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 12:00:56 2024 by rpki-client on console-ams.rpki-client.org