Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135342e302f32342d3234203d3e20323131343135.roa
File: 3139332e39332e3135342e302f32342d3234203d3e20323131343135.roa (raw, json)
Hash identifier: lcDvK25Krwnz/wCtWIMtJ+GA0fjdNOA7l7WMMKyVVUU=
Subject key identifier: 95:0A:62:E8:9F:E2:1F:F1:41:54:39:14:E3:D4:28:5F:F9:2B:9A:55
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 57442D5A0A152114D1FB085998A167679582771A
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135342e302f32342d3234203d3e20323131343135.roa
Signing time: Sat 12 Oct 2024 18:43:25 +0000
ROA not before: Sat 12 Oct 2024 18:38:25 +0000
ROA not after: Sat 11 Oct 2025 18:43:25 +0000
asID: 211415
IP address blocks: 193.93.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.mft
rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:44:2d:5a:0a:15:21:14:d1:fb:08:59:98:a1:67:67:95:82:77:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Oct 12 18:38:25 2024 GMT
Not After : Oct 11 18:43:25 2025 GMT
Subject: CN=950A62E89FE21FF141543914E3D4285FF92B9A55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ee:76:31:67:5a:f2:78:b7:da:f8:3d:f0:64:
d0:bc:5f:0a:6f:f0:21:30:dc:b5:70:4d:5a:b4:fe:
3b:fb:6a:89:b2:5c:7c:70:fa:60:11:4f:3c:3a:5f:
26:0f:d7:6b:a5:8b:d8:00:d4:87:37:2f:1d:13:6d:
82:a6:0c:96:26:0a:96:fd:ec:a6:df:8c:48:22:c6:
18:af:01:38:82:aa:fe:f2:22:6d:87:22:2d:92:42:
0a:1e:a0:2c:73:dd:e9:83:ec:94:af:6c:f8:68:15:
a0:9c:5b:63:18:fd:c9:a4:84:a2:c8:d9:30:8e:13:
da:0c:3a:38:ee:ab:30:ce:13:3b:a3:9a:60:4a:f4:
18:25:ba:32:2a:0a:98:3f:ce:ea:86:4a:59:ab:18:
b1:ba:38:f4:cb:97:1c:bd:06:ee:53:88:ba:94:b0:
92:7d:3d:1d:3b:98:70:d0:81:86:63:cb:22:3f:19:
7e:3b:51:d7:b3:12:45:10:78:49:0a:13:59:eb:7a:
1a:4c:da:3f:4b:93:9e:b2:14:f7:f4:50:80:03:f7:
80:1c:56:40:08:fb:61:7b:9a:a5:6d:73:f8:73:a9:
7a:51:31:cb:12:f9:c5:1a:f1:3c:a6:34:33:1c:4e:
3e:e4:4d:26:07:71:53:54:67:25:a6:56:93:ee:b5:
74:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0A:62:E8:9F:E2:1F:F1:41:54:39:14:E3:D4:28:5F:F9:2B:9A:55
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/3139332e39332e3135342e302f32342d3234203d3e20323131343135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.93.154.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:29:0d:42:6e:d0:25:dd:58:12:85:15:80:99:6a:45:26:2b:
b3:82:5f:5c:1a:6c:2b:f7:d6:f3:fb:37:59:25:c3:6e:42:d5:
c2:17:eb:22:2e:a5:1a:0c:6b:d0:da:86:f5:d6:a9:36:67:a7:
62:c2:3c:00:01:c2:fb:94:b0:26:14:74:53:83:ff:98:3c:4a:
d7:d0:f4:a4:25:32:13:dd:21:8b:0c:5a:60:90:53:18:d4:e8:
fe:c2:21:9c:ea:37:2b:54:7d:3e:47:1e:00:79:61:45:da:84:
ab:fc:24:f6:12:20:69:50:d3:10:05:2b:85:c0:35:09:09:11:
3a:8b:f8:72:7c:3b:ae:cd:2d:eb:81:e4:ec:30:d8:ed:14:73:
ac:30:e2:de:8b:28:b5:cd:6f:77:46:72:21:34:4e:7f:2a:cb:
3d:7a:53:4a:e8:1c:83:a8:ba:c7:8e:98:84:01:0c:81:8d:21:
97:9b:04:70:1c:f5:8f:b4:f5:00:9e:7b:8c:fa:26:e8:12:c5:
cb:7d:7d:74:09:cf:fb:b4:7c:2e:c9:74:b4:74:c3:4a:59:df:
a2:54:06:f8:15:1e:7c:d5:98:6f:a9:79:4f:23:cf:f7:7c:bb:
23:d8:ba:7b:93:ec:53:8e:a3:2f:60:85:37:cd:ef:3b:47:db:
fb:53:2d:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUV0QtWgoVIRTR+whZmKFnZ5WCdxowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yNDEwMTIxODM4MjVaFw0yNTEwMTExODQzMjVaMDMxMTAvBgNV
BAMTKDk1MEE2MkU4OUZFMjFGRjE0MTU0MzkxNEUzRDQyODVGRjkyQjlBNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV7nYxZ1ryeLfa+D3wZNC8Xwpv
8CEw3LVwTVq0/jv7aomyXHxw+mARTzw6XyYP12uli9gA1Ic3Lx0TbYKmDJYmCpb9
7KbfjEgixhivATiCqv7yIm2HIi2SQgoeoCxz3emD7JSvbPhoFaCcW2MY/cmkhKLI
2TCOE9oMOjjuqzDOEzujmmBK9BglujIqCpg/zuqGSlmrGLG6OPTLlxy9Bu5TiLqU
sJJ9PR07mHDQgYZjyyI/GX47UdezEkUQeEkKE1nrehpM2j9Lk56yFPf0UIAD94Ac
VkAI+2F7mqVtc/hzqXpRMcsS+cUa8TymNDMcTj7kTSYHcVNUZyWmVpPutXQLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlQpi6J/iH/FBVDkU49QoX/krmlUwHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzEzOTMzMmUzOTMzMmUzMTM1
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzNDMxMzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBXZowDQYJKoZIhvcNAQELBQADggEBAKgpDUJu0CXdWBKFFYCZakUmK7OCX1wa
bCv31vP7N1klw25C1cIX6yIupRoMa9DahvXWqTZnp2LCPAABwvuUsCYUdFOD/5g8
StfQ9KQlMhPdIYsMWmCQUxjU6P7CIZzqNytUfT5HHgB5YUXahKv8JPYSIGlQ0xAF
K4XANQkJETqL+HJ8O67NLeuB5Oww2O0Uc6ww4t6LKLXNb3dGciE0Tn8qyz16U0ro
HIOouseOmIQBDIGNIZebBHAc9Y+09QCee4z6JugSxct9fXQJz/u0fC7JdLR0w0pZ
36JUBvgVHnzVmG+peU8jz/d8uyPYunuT7FOOoy9ghTfN7ztH2/tTLWo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 05:53:32 2024 by rpki-client on console-fra.rpki-client.org