Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33382e35332e302f32342d3234203d3e20323131343430.roa
File: 3139332e33382e35332e302f32342d3234203d3e20323131343430.roa (raw, json)
Hash identifier: kvqC1zcDr7+ruFE2Qq0ckM9Z8TRsoyAfOiO0fBTyu4c=
Subject key identifier: 6D:38:46:29:43:D9:CA:33:18:BD:7A:25:9A:DB:70:CC:32:AD:BE:35
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 2CB175AE3F93B0541AFE925A37AFC240B486BD80
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33382e35332e302f32342d3234203d3e20323131343430.roa
Signing time: Fri 15 Nov 2024 14:47:53 +0000
ROA not before: Fri 15 Nov 2024 14:42:53 +0000
ROA not after: Fri 14 Nov 2025 14:47:53 +0000
asID: 211440
IP address blocks: 193.38.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft
rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:b1:75:ae:3f:93:b0:54:1a:fe:92:5a:37:af:c2:40:b4:86:bd:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Nov 15 14:42:53 2024 GMT
Not After : Nov 14 14:47:53 2025 GMT
Subject: CN=6D38462943D9CA3318BD7A259ADB70CC32ADBE35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:80:75:15:d7:b8:4e:d7:e6:4a:3e:c1:09:8c:
db:d3:c5:6f:f2:e8:a2:99:df:7c:42:3a:22:6d:03:
c9:ed:b6:43:94:9a:3b:bb:bb:0b:39:55:0e:d4:9f:
95:a6:f6:b0:87:bb:14:5e:0e:01:d9:0e:3f:29:26:
5d:50:88:af:7f:a4:99:b7:e3:a2:06:e4:1d:70:d9:
31:82:1b:28:db:cd:f6:1e:a2:29:a0:a3:45:1e:ff:
58:9c:eb:03:68:53:f6:38:cc:07:ee:e0:40:4f:d8:
7f:27:e9:0a:bd:76:25:c7:47:12:10:b8:f5:06:2e:
0b:26:0d:28:7a:a7:8c:a4:03:e9:33:5b:1f:d5:3e:
69:0b:d7:64:51:3e:cd:85:3e:60:07:c8:c3:f4:cd:
4e:e2:70:91:12:5b:86:73:04:1f:70:92:6d:f7:45:
fc:0a:3c:f9:6f:96:04:aa:38:64:3d:48:02:3c:e0:
b4:27:5e:b6:c6:f9:35:57:19:5b:70:91:8e:34:37:
c7:28:44:a9:e2:ec:9c:3b:d9:06:ce:eb:a8:34:a9:
1a:7b:2b:cc:4e:b7:98:90:2a:db:4a:90:c7:0c:59:
c7:ad:08:ff:f8:b0:b9:02:2c:a5:20:f6:bd:c1:4e:
cf:3a:14:0c:31:e8:d0:92:7e:79:7a:78:d1:43:74:
2f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:38:46:29:43:D9:CA:33:18:BD:7A:25:9A:DB:70:CC:32:AD:BE:35
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33382e35332e302f32342d3234203d3e20323131343430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.53.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:c1:71:5e:f8:46:27:a2:85:12:d8:60:e1:97:55:cd:7f:3b:
f8:59:3d:28:8b:32:8e:08:49:bf:0a:a1:89:c6:6b:c7:60:f2:
13:96:09:3f:1a:53:55:d8:f6:57:4b:5a:7c:78:26:d4:77:56:
7e:f8:f4:e5:55:55:39:1e:a1:db:59:70:fb:75:7d:dd:0c:8f:
ad:8f:c0:fe:bd:d3:9f:ac:70:42:9f:00:51:28:5b:94:a9:1d:
05:5f:44:6d:93:2c:aa:e1:0b:cd:9a:c9:97:db:1e:55:e3:77:
7d:74:b3:f1:38:80:8b:8a:2e:31:5f:46:ea:ec:2b:41:63:e2:
ba:60:69:a2:c2:22:71:0d:20:ad:19:db:86:c4:53:88:f7:35:
af:70:3f:6a:4a:ee:d5:2b:b0:96:f1:e2:53:02:bf:a8:9d:a8:
16:24:80:33:ae:47:6e:c3:a4:77:d2:87:32:a0:7e:4b:19:f8:
ac:57:4d:15:61:f5:2d:ef:79:1e:4b:10:d4:9e:78:ef:58:27:
a7:73:5b:a1:ed:b9:f1:a4:c7:05:dd:f3:93:df:f4:86:e7:db:
b6:3b:23:0f:ca:62:87:3e:f6:d3:f6:fa:00:ca:05:94:37:60:
a2:07:98:74:39:e7:58:a5:b4:0f:09:4a:cc:eb:a0:8c:11:b8:
e4:4e:78:52
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULLF1rj+TsFQa/pJaN6/CQLSGvYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDExMTUxNDQyNTNaFw0yNTExMTQxNDQ3NTNaMDMxMTAvBgNV
BAMTKDZEMzg0NjI5NDNEOUNBMzMxOEJEN0EyNTlBREI3MENDMzJBREJFMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChgHUV17hO1+ZKPsEJjNvTxW/y
6KKZ33xCOiJtA8nttkOUmju7uws5VQ7Un5Wm9rCHuxReDgHZDj8pJl1QiK9/pJm3
46IG5B1w2TGCGyjbzfYeoimgo0Ue/1ic6wNoU/Y4zAfu4EBP2H8n6Qq9diXHRxIQ
uPUGLgsmDSh6p4ykA+kzWx/VPmkL12RRPs2FPmAHyMP0zU7icJESW4ZzBB9wkm33
RfwKPPlvlgSqOGQ9SAI84LQnXrbG+TVXGVtwkY40N8coRKni7Jw72QbO66g0qRp7
K8xOt5iQKttKkMcMWcetCP/4sLkCLKUg9r3BTs86FAwx6NCSfnl6eNFDdC+RAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUbThGKUPZyjMYvXolmttwzDKtvjUwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzMzM4MmUzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzQzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wSY1MA0GCSqGSIb3DQEBCwUAA4IBAQCmwXFe+EYnooUS2GDhl1XNfzv4WT0oizKO
CEm/CqGJxmvHYPITlgk/GlNV2PZXS1p8eCbUd1Z++PTlVVU5HqHbWXD7dX3dDI+t
j8D+vdOfrHBCnwBRKFuUqR0FX0Rtkyyq4QvNmsmX2x5V43d9dLPxOICLii4xX0bq
7CtBY+K6YGmiwiJxDSCtGduGxFOI9zWvcD9qSu7VK7CW8eJTAr+onagWJIAzrkdu
w6R30ocyoH5LGfisV00VYfUt73keSxDUnnjvWCenc1uh7bnxpMcF3fOT3/SG59u2
OyMPymKHPvbT9voAygWUN2CiB5h0OedYpbQPCUrM66CMEbjkTnhS
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:01 2024 by rpki-client on console-fra.rpki-client.org