Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d2b0a202-e1f4-4f72-a6d2-e2b297ac2b94/0/3139352e3234352e3139382e302f32342d3234203d3e203538303631.roa
File: 3139352e3234352e3139382e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: nk9w9Z0XUZ1ee8G3pMDLx2e/5b/7MtruoYoFsYo0R4c=
Subject key identifier: FD:F9:79:65:97:CD:03:47:7E:3F:A4:97:F9:CB:90:CA:18:4C:41:8E
Certificate issuer: /CN=91a33711a470a1caf41284b368f40fd2bdf16f01
Certificate serial: 4DF8C40DB9D0E5B3B89D7C24128D4D54D78CB22C
Authority key identifier: 91:A3:37:11:A4:70:A1:CA:F4:12:84:B3:68:F4:0F:D2:BD:F1:6F:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaM3EaRwocr0EoSzaPQP0r3xbwE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d2b0a202-e1f4-4f72-a6d2-e2b297ac2b94/0/3139352e3234352e3139382e302f32342d3234203d3e203538303631.roa
Signing time: Tue 19 Nov 2024 10:43:28 +0000
ROA not before: Tue 19 Nov 2024 10:38:28 +0000
ROA not after: Tue 18 Nov 2025 10:43:28 +0000
asID: 58061
IP address blocks: 195.245.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d2b0a202-e1f4-4f72-a6d2-e2b297ac2b94/0/91A33711A470A1CAF41284B368F40FD2BDF16F01.crl
rsync://rsync.paas.rpki.ripe.net/repository/d2b0a202-e1f4-4f72-a6d2-e2b297ac2b94/0/91A33711A470A1CAF41284B368F40FD2BDF16F01.mft
rsync://rpki.ripe.net/repository/DEFAULT/kaM3EaRwocr0EoSzaPQP0r3xbwE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:f8:c4:0d:b9:d0:e5:b3:b8:9d:7c:24:12:8d:4d:54:d7:8c:b2:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91a33711a470a1caf41284b368f40fd2bdf16f01
Validity
Not Before: Nov 19 10:38:28 2024 GMT
Not After : Nov 18 10:43:28 2025 GMT
Subject: CN=FDF9796597CD03477E3FA497F9CB90CA184C418E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3d:af:83:c9:37:d4:3e:93:63:30:9a:2b:f2:
c2:bc:b2:a9:25:48:96:f1:62:f7:f7:ef:c9:ab:9e:
88:79:ea:3d:06:0a:16:95:fe:83:df:b1:ac:3b:61:
ed:78:2f:7c:15:e9:1d:78:82:b7:b1:f6:7e:fd:f8:
00:14:ea:07:83:d3:f0:90:1b:69:4d:16:90:cb:bf:
52:03:1a:92:03:f0:46:a9:f9:8a:8b:df:c6:67:f0:
a5:94:23:7c:12:4d:be:96:96:4e:e8:99:b2:43:f8:
10:9a:8f:8b:5a:f3:69:06:db:d9:0c:50:26:cd:d2:
28:7c:9c:ca:9d:b5:5f:83:3b:89:bf:de:bd:a1:0c:
22:a3:b1:17:df:39:16:5a:b1:4f:53:33:c6:cf:d1:
27:2d:7e:4c:47:93:5d:b9:19:c4:87:15:c5:23:b5:
71:6f:c4:db:2c:59:71:82:98:26:aa:f4:9b:aa:9e:
05:4b:b2:e2:71:6a:93:4a:a9:e1:ca:f9:c4:ea:5f:
f5:ae:23:4c:37:bb:7b:52:59:d0:eb:09:84:03:ea:
3f:dd:90:4c:17:f5:a7:c3:bf:8b:1b:ae:92:1f:a2:
90:40:37:b1:d2:b5:15:65:7d:ed:12:59:15:21:79:
03:1a:34:47:ab:1e:5e:f9:10:e7:db:df:fa:a0:e1:
ff:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F9:79:65:97:CD:03:47:7E:3F:A4:97:F9:CB:90:CA:18:4C:41:8E
X509v3 Authority Key Identifier:
keyid:91:A3:37:11:A4:70:A1:CA:F4:12:84:B3:68:F4:0F:D2:BD:F1:6F:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d2b0a202-e1f4-4f72-a6d2-e2b297ac2b94/0/91A33711A470A1CAF41284B368F40FD2BDF16F01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaM3EaRwocr0EoSzaPQP0r3xbwE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d2b0a202-e1f4-4f72-a6d2-e2b297ac2b94/0/3139352e3234352e3139382e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.198.0/24
Signature Algorithm: sha256WithRSAEncryption
55:aa:6b:26:22:77:e0:f6:f8:65:06:e1:0b:3b:ab:f7:bb:5e:
b1:3a:89:76:e0:a5:02:21:d9:5c:f4:fa:84:77:68:50:46:15:
87:76:98:24:94:5e:3e:b3:4b:6a:45:25:53:02:be:35:5b:50:
56:a3:8b:ad:9a:07:1a:b8:fc:ab:8e:d8:7e:b9:7a:6c:c1:bc:
aa:4c:16:7c:e4:07:54:fe:11:fa:fa:4d:1a:58:fb:fb:a1:e4:
65:c0:0a:29:4e:a7:2c:34:aa:c5:50:4a:40:87:87:cc:3b:26:
0d:29:88:6c:32:4e:79:d9:9d:32:e8:98:34:d8:99:67:9c:41:
18:f5:05:cb:74:e6:04:03:9a:e3:8a:b8:ee:9c:84:75:35:51:
5f:d5:e2:7d:1c:71:0c:a6:4e:42:65:70:3c:75:aa:7f:89:64:
04:cb:39:0f:b5:4b:1b:28:bb:cf:e6:c6:bf:16:2a:b7:b8:98:
1b:81:f8:b9:66:9c:96:ec:1a:50:da:6b:25:66:fc:af:d3:b4:
6a:73:5f:24:77:7a:17:4b:61:89:a7:53:bf:34:3b:46:dd:1d:
b1:bc:03:54:67:03:14:a9:02:34:30:63:63:fd:7c:d4:2a:26:
b7:3f:8d:09:31:5e:77:f6:6e:70:48:38:bf:50:0b:0a:1c:a5:
df:8e:ea:6b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTfjEDbnQ5bO4nXwkEo1NVNeMsiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTFhMzM3MTFhNDcwYTFjYWY0MTI4NGIzNjhmNDBmZDJi
ZGYxNmYwMTAeFw0yNDExMTkxMDM4MjhaFw0yNTExMTgxMDQzMjhaMDMxMTAvBgNV
BAMTKEZERjk3OTY1OTdDRDAzNDc3RTNGQTQ5N0Y5Q0I5MENBMTg0QzQxOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDePa+DyTfUPpNjMJor8sK8sqkl
SJbxYvf378mrnoh56j0GChaV/oPfsaw7Ye14L3wV6R14grex9n79+AAU6geD0/CQ
G2lNFpDLv1IDGpID8Eap+YqL38Zn8KWUI3wSTb6Wlk7ombJD+BCaj4ta82kG29kM
UCbN0ih8nMqdtV+DO4m/3r2hDCKjsRffORZasU9TM8bP0SctfkxHk125GcSHFcUj
tXFvxNssWXGCmCaq9JuqngVLsuJxapNKqeHK+cTqX/WuI0w3u3tSWdDrCYQD6j/d
kEwX9afDv4sbrpIfopBAN7HStRVlfe0SWRUheQMaNEerHl75EOfb3/qg4f+9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/fl5ZZfNA0d+P6SX+cuQyhhMQY4wHwYDVR0j
BBgwFoAUkaM3EaRwocr0EoSzaPQP0r3xbwEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDJiMGEyMDItZTFmNC00ZjcyLWE2ZDItZTJiMjk3YWMy
Yjk0LzAvOTFBMzM3MTFBNDcwQTFDQUY0MTI4NEIzNjhGNDBGRDJCREYxNkYwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2thTTNFYVJ3b2NyMEVvU3phUFFQMHIz
eGJ3RS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDJiMGEyMDIt
ZTFmNC00ZjcyLWE2ZDItZTJiMjk3YWMyYjk0LzAvMzEzOTM1MmUzMjM0MzUyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMDM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADD9cYwDQYJKoZIhvcNAQELBQADggEBAFWqayYid+D2+GUG4Qs7q/e7XrE6iXbg
pQIh2Vz0+oR3aFBGFYd2mCSUXj6zS2pFJVMCvjVbUFaji62aBxq4/KuO2H65emzB
vKpMFnzkB1T+Efr6TRpY+/uh5GXACilOpyw0qsVQSkCHh8w7Jg0piGwyTnnZnTLo
mDTYmWecQRj1Bct05gQDmuOKuO6chHU1UV/V4n0ccQymTkJlcDx1qn+JZATLOQ+1
Sxsou8/mxr8WKre4mBuB+LlmnJbsGlDaayVm/K/TtGpzXyR3ehdLYYmnU780O0bd
HbG8A1RnAxSpAjQwY2P9fNQqJrc/jQkxXnf2bnBIOL9QCwocpd+O6ms=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:07:16 2024 by rpki-client on console-ams.rpki-client.org