Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230302e3130322e302f32332d3234203d3e20323134373835.roa
File: 3139332e3230302e3130322e302f32332d3234203d3e20323134373835.roa (raw, json)
Hash identifier: 02yFXexx0RukReo8+AwmPQHmksLCVOWv/mWLCeyTOYY=
Subject key identifier: 00:5D:04:E3:38:12:53:E5:C4:EB:21:84:A6:2F:40:5C:79:2D:57:E0
Certificate issuer: /CN=5511f6d7def4c0ffb6e2b3b3f0c4455dcd14c160
Certificate serial: 767DD879C0A282D625157DEE616CB19B55C95D64
Authority key identifier: 55:11:F6:D7:DE:F4:C0:FF:B6:E2:B3:B3:F0:C4:45:5D:CD:14:C1:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VRH21970wP-24rOz8MRFXc0UwWA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230302e3130322e302f32332d3234203d3e20323134373835.roa
Signing time: Thu 17 Oct 2024 03:02:44 +0000
ROA not before: Thu 17 Oct 2024 02:57:44 +0000
ROA not after: Thu 16 Oct 2025 03:02:44 +0000
asID: 214785
IP address blocks: 193.200.102.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/5511F6D7DEF4C0FFB6E2B3B3F0C4455DCD14C160.crl
rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/5511F6D7DEF4C0FFB6E2B3B3F0C4455DCD14C160.mft
rsync://rpki.ripe.net/repository/DEFAULT/VRH21970wP-24rOz8MRFXc0UwWA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:7d:d8:79:c0:a2:82:d6:25:15:7d:ee:61:6c:b1:9b:55:c9:5d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5511f6d7def4c0ffb6e2b3b3f0c4455dcd14c160
Validity
Not Before: Oct 17 02:57:44 2024 GMT
Not After : Oct 16 03:02:44 2025 GMT
Subject: CN=005D04E3381253E5C4EB2184A62F405C792D57E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9b:98:f7:a4:ea:28:fe:79:cf:9f:1d:e9:02:
75:3c:05:74:d0:78:08:0c:36:25:03:3a:a0:08:0f:
35:ca:bd:7b:c4:65:a2:6b:d2:e5:a7:10:71:ad:97:
3c:e1:92:2d:4d:d2:8e:ad:3a:98:2f:29:17:33:72:
f3:93:86:5d:b9:0c:9a:fe:b5:e0:b5:53:0d:ca:1f:
ac:9e:4e:27:55:13:e8:61:6a:70:18:6b:5f:a3:b3:
59:4a:f9:f6:bb:e8:9c:10:2d:25:2a:9f:da:c5:e8:
84:9f:e1:c0:93:3f:c4:94:4c:74:33:f1:e2:26:f0:
7c:c6:1f:b8:c6:fe:6a:31:23:01:b8:53:7d:35:2c:
38:82:92:32:3d:0c:50:98:e0:c1:f3:a6:0c:2d:f6:
25:5f:e4:10:8f:5a:a3:1d:8f:08:79:e7:a7:3d:3c:
fe:1c:d3:c7:66:84:db:e0:17:78:b3:bc:27:ff:3c:
37:5e:58:56:83:63:2a:a8:8f:4a:c0:bb:23:da:6e:
f0:85:5d:1b:60:f1:46:73:d5:7c:a4:2f:96:0c:6c:
b1:79:21:cd:47:cd:e3:ba:09:14:bb:22:c5:6d:14:
ca:8f:d6:8a:00:45:ca:47:d0:71:ee:de:f9:b3:1d:
66:f5:34:fb:d2:11:6e:04:b9:df:de:bb:ae:ec:c1:
a8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5D:04:E3:38:12:53:E5:C4:EB:21:84:A6:2F:40:5C:79:2D:57:E0
X509v3 Authority Key Identifier:
keyid:55:11:F6:D7:DE:F4:C0:FF:B6:E2:B3:B3:F0:C4:45:5D:CD:14:C1:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/5511F6D7DEF4C0FFB6E2B3B3F0C4455DCD14C160.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VRH21970wP-24rOz8MRFXc0UwWA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230302e3130322e302f32332d3234203d3e20323134373835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.102.0/23
Signature Algorithm: sha256WithRSAEncryption
37:02:ff:45:f1:83:3d:f4:d8:00:4f:5e:81:86:6d:a9:3a:aa:
ed:90:44:78:39:3b:4d:d9:bf:17:1b:51:c2:7a:d9:5f:c7:74:
b9:98:bb:75:aa:83:e3:7e:5a:01:b9:d7:48:f1:46:10:f5:81:
3d:c7:8c:6b:2a:39:34:70:e1:3c:15:df:86:3f:f4:bd:57:a6:
b5:62:68:af:bb:e4:a1:69:ec:63:37:b0:1b:46:d0:97:bb:85:
ea:97:3f:82:b0:e8:84:60:a4:b0:98:df:b1:17:cf:18:6f:4d:
28:0c:d5:49:14:92:79:a6:df:3a:09:45:3c:ba:29:60:b4:d4:
01:51:11:a1:27:29:34:9c:73:bb:da:5a:6b:91:bb:16:45:55:
33:64:a4:d2:17:87:4c:2f:39:e3:bd:92:36:0b:88:57:12:b2:
a0:30:0e:b6:24:45:b6:3f:f3:14:69:1e:20:4f:47:01:9c:52:
5b:3e:56:de:be:14:f1:26:59:89:0e:22:e0:90:da:73:fa:fa:
25:7c:e6:b2:da:b4:e9:54:84:d7:08:3c:0a:87:2d:92:c6:30:
8f:35:98:72:c9:8b:b4:74:63:68:52:8c:23:5a:29:85:91:e1:
76:c6:78:ac:f6:fd:96:46:64:37:1d:a3:6e:d0:da:a1:74:98:
22:1c:ce:82
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUdn3YecCigtYlFX3uYWyxm1XJXWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTUxMWY2ZDdkZWY0YzBmZmI2ZTJiM2IzZjBjNDQ1NWRj
ZDE0YzE2MDAeFw0yNDEwMTcwMjU3NDRaFw0yNTEwMTYwMzAyNDRaMDMxMTAvBgNV
BAMTKDAwNUQwNEUzMzgxMjUzRTVDNEVCMjE4NEE2MkY0MDVDNzkyRDU3RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2m5j3pOoo/nnPnx3pAnU8BXTQ
eAgMNiUDOqAIDzXKvXvEZaJr0uWnEHGtlzzhki1N0o6tOpgvKRczcvOThl25DJr+
teC1Uw3KH6yeTidVE+hhanAYa1+js1lK+fa76JwQLSUqn9rF6ISf4cCTP8SUTHQz
8eIm8HzGH7jG/moxIwG4U301LDiCkjI9DFCY4MHzpgwt9iVf5BCPWqMdjwh556c9
PP4c08dmhNvgF3izvCf/PDdeWFaDYyqoj0rAuyPabvCFXRtg8UZz1XykL5YMbLF5
Ic1HzeO6CRS7IsVtFMqP1ooARcpH0HHu3vmzHWb1NPvSEW4Eud/eu67swaiJAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUAF0E4zgSU+XE6yGEpi9AXHktV+AwHwYDVR0j
BBgwFoAUVRH21970wP+24rOz8MRFXc0UwWAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA4YmM0OWQtMDMzOC00YjVmLTgyMDQtMDAwNGE2NjEw
NWM5LzAvNTUxMUY2RDdERUY0QzBGRkI2RTJCM0IzRjBDNDQ1NURDRDE0QzE2MC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1ZSSDIxOTcwd1AtMjRyT3o4TVJGWGMw
VXdXQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDA4YmM0OWQt
MDMzOC00YjVmLTgyMDQtMDAwNGE2NjEwNWM5LzAvMzEzOTMzMmUzMjMwMzAyZTMx
MzAzMjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzEzNDM3MzgzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAcHIZjANBgkqhkiG9w0BAQsFAAOCAQEANwL/RfGDPfTYAE9egYZtqTqq7ZBE
eDk7Tdm/FxtRwnrZX8d0uZi7daqD435aAbnXSPFGEPWBPceMayo5NHDhPBXfhj/0
vVemtWJor7vkoWnsYzewG0bQl7uF6pc/grDohGCksJjfsRfPGG9NKAzVSRSSeabf
OglFPLopYLTUAVERoScpNJxzu9paa5G7FkVVM2Sk0heHTC85472SNguIVxKyoDAO
tiRFtj/zFGkeIE9HAZxSWz5W3r4U8SZZiQ4i4JDac/r6JXzmstq06VSE1wg8Coct
ksYwjzWYcsmLtHRjaFKMI1ophZHhdsZ4rPb9lkZkNx2jbtDaoXSYIhzOgg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:52:27 2024 by rpki-client on console-ams.rpki-client.org