Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135332e302f32342d3234203d3e20323134303336.roa
File: 3139332e39332e3135332e302f32342d3234203d3e20323134303336.roa (raw, json)
Hash identifier: FgMfWX7zLNqyUMvyIkAVqVqXpYApxS0iTmFAdZ7lH9Q=
Subject key identifier: A6:C3:81:7B:9E:09:C4:BF:A1:70:E2:64:C0:80:4A:D6:3B:A2:A0:CF
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 073A37E05FFFFCBA6E99C03E27EE52D32707831C
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135332e302f32342d3234203d3e20323134303336.roa
Signing time: Thu 14 Nov 2024 18:31:58 +0000
ROA not before: Thu 14 Nov 2024 18:26:58 +0000
ROA not after: Thu 13 Nov 2025 18:31:58 +0000
asID: 214036
IP address blocks: 193.93.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:3a:37:e0:5f:ff:fc:ba:6e:99:c0:3e:27:ee:52:d3:27:07:83:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Nov 14 18:26:58 2024 GMT
Not After : Nov 13 18:31:58 2025 GMT
Subject: CN=A6C3817B9E09C4BFA170E264C0804AD63BA2A0CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:99:23:dc:02:6b:14:63:18:57:07:09:04:a4:
db:c5:fd:a3:e8:0b:7b:fc:5a:41:79:ca:dc:53:26:
ee:32:93:ca:02:c8:de:53:1b:f5:d1:38:ac:f7:06:
fc:ff:98:d3:db:e0:c7:74:80:95:38:a1:96:b7:54:
cd:00:cc:0b:30:26:9c:10:e3:61:2f:2c:b5:86:8f:
97:41:0f:6a:c4:6f:7c:a6:ab:e8:dd:55:da:eb:d8:
5c:0a:34:2e:12:7c:83:83:29:40:34:8e:10:c3:8e:
34:6c:6c:3b:2e:1c:72:19:21:9c:45:9c:f6:ed:3d:
e1:53:44:aa:f9:b2:00:18:9c:5d:44:ae:0a:a9:86:
14:46:9b:7a:05:d3:e0:5d:7f:dd:62:db:c2:0c:87:
94:cf:54:f9:3f:f5:8c:93:35:0a:b9:d4:6f:df:db:
53:f1:27:3b:27:88:a4:d5:7c:6b:c6:dd:fb:f8:fc:
5c:0f:36:14:09:9b:3a:c1:a2:8f:85:0a:91:e5:7b:
3a:65:61:a8:ed:8e:0e:65:a8:06:fb:d7:f7:ee:5b:
73:d9:b7:43:04:ee:45:07:3d:cf:28:30:d2:4c:0b:
f0:90:60:61:4c:a4:ca:0a:7c:7c:60:93:8f:0f:47:
1f:79:23:c0:9e:d4:7f:7c:6c:a2:4c:7c:d0:bf:97:
27:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C3:81:7B:9E:09:C4:BF:A1:70:E2:64:C0:80:4A:D6:3B:A2:A0:CF
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135332e302f32342d3234203d3e20323134303336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.153.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:8a:df:6c:eb:3f:1f:89:c0:08:9f:fb:b9:ae:00:04:fd:e9:
4f:cf:51:f5:aa:09:54:ca:89:1f:39:01:78:95:bf:c4:3d:c9:
d6:6a:05:f0:ab:d8:9d:ed:05:40:f3:0e:46:7d:7e:27:a8:b6:
61:4e:10:4c:25:57:17:51:73:ce:2e:25:cc:62:af:0f:45:8d:
3b:5a:c8:bb:a0:45:92:be:bf:35:ea:21:36:7c:07:94:d7:33:
66:45:4a:9e:bb:89:b5:fe:05:00:86:08:2f:c6:bb:b6:0f:7c:
6e:ab:a8:11:94:5d:4b:5c:cb:7a:f2:8d:d3:c4:92:cf:1a:73:
e6:99:60:78:b6:d7:1f:60:1d:6b:63:d2:6c:71:a0:0c:8f:ba:
8c:b7:5b:ab:44:72:bc:a3:90:fb:80:39:01:12:af:7f:cb:bc:
d9:72:da:1a:8b:cb:7d:b3:23:02:a4:eb:e7:ea:cf:fe:97:bc:
f0:bc:67:6d:f3:78:68:36:28:85:6e:0f:15:90:b2:05:fd:80:
a3:8c:39:3b:42:31:2e:7f:69:9e:30:48:9c:de:c0:2a:62:aa:
07:a3:47:a2:ef:f6:c8:16:22:2e:85:2b:56:a5:a3:88:30:b6:
14:0a:5b:07:25:b1:0e:73:30:15:f3:71:b9:e1:7d:7e:56:76:
dd:ea:a1:77
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBzo34F///LpumcA+J+5S0ycHgxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yNDExMTQxODI2NThaFw0yNTExMTMxODMxNThaMDMxMTAvBgNV
BAMTKEE2QzM4MTdCOUUwOUM0QkZBMTcwRTI2NEMwODA0QUQ2M0JBMkEwQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvmSPcAmsUYxhXBwkEpNvF/aPo
C3v8WkF5ytxTJu4yk8oCyN5TG/XROKz3Bvz/mNPb4Md0gJU4oZa3VM0AzAswJpwQ
42EvLLWGj5dBD2rEb3ymq+jdVdrr2FwKNC4SfIODKUA0jhDDjjRsbDsuHHIZIZxF
nPbtPeFTRKr5sgAYnF1ErgqphhRGm3oF0+Bdf91i28IMh5TPVPk/9YyTNQq51G/f
21PxJzsniKTVfGvG3fv4/FwPNhQJmzrBoo+FCpHlezplYajtjg5lqAb71/fuW3PZ
t0ME7kUHPc8oMNJMC/CQYGFMpMoKfHxgk48PRx95I8Ce1H98bKJMfNC/lyfdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpsOBe54JxL+hcOJkwIBK1juioM8wHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzEzOTMzMmUzOTMzMmUzMTM1
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzQzMDMzMzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBXZkwDQYJKoZIhvcNAQELBQADggEBAKiK32zrPx+JwAif+7muAAT96U/PUfWq
CVTKiR85AXiVv8Q9ydZqBfCr2J3tBUDzDkZ9fieotmFOEEwlVxdRc84uJcxirw9F
jTtayLugRZK+vzXqITZ8B5TXM2ZFSp67ibX+BQCGCC/Gu7YPfG6rqBGUXUtcy3ry
jdPEks8ac+aZYHi21x9gHWtj0mxxoAyPuoy3W6tEcryjkPuAOQESr3/LvNly2hqL
y32zIwKk6+fqz/6XvPC8Z23zeGg2KIVuDxWQsgX9gKOMOTtCMS5/aZ4wSJzewCpi
qgejR6Lv9sgWIi6FK1alo4gwthQKWwclsQ5zMBXzcbnhfX5Wdt3qoXc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:41:51 2024 by rpki-client on console-ams.rpki-client.org