Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233372e302f32342d3234203d3e203438303730.roa
File: 39342e3132362e3233372e302f32342d3234203d3e203438303730.roa (raw, json)
Hash identifier: GzEfYNi6/vde9duBI4GoacY9I1ImrO0osp4FqLdS6w0=
Subject key identifier: B8:95:B4:32:4F:94:C1:F4:64:C2:31:C1:3E:3C:48:4B:FB:DE:66:47
Certificate issuer: /CN=98a87cad5b710890a9528f166f4202393824e6b8
Certificate serial: 5ADF90E099A346639DA75A2CF181C091C0C1B0DC
Authority key identifier: 98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233372e302f32342d3234203d3e203438303730.roa
Signing time: Tue 25 Jun 2024 15:49:17 +0000
ROA not before: Tue 25 Jun 2024 15:44:17 +0000
ROA not after: Tue 24 Jun 2025 15:49:17 +0000
asID: 48070
IP address blocks: 94.126.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Nov 2024 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:df:90:e0:99:a3:46:63:9d:a7:5a:2c:f1:81:c0:91:c0:c1:b0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98a87cad5b710890a9528f166f4202393824e6b8
Validity
Not Before: Jun 25 15:44:17 2024 GMT
Not After : Jun 24 15:49:17 2025 GMT
Subject: CN=B895B4324F94C1F464C231C13E3C484BFBDE6647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e2:f3:a4:25:b5:48:e8:d8:b3:8b:ee:a4:3e:
fa:65:60:8d:e2:47:00:3a:b7:37:cd:b8:f3:8d:07:
4e:81:e1:1a:a2:8a:b6:0e:04:f2:94:9b:0b:a2:ce:
8d:f7:9c:f6:e5:66:a9:75:52:2c:1d:5d:69:da:a5:
18:a7:1f:bf:1d:47:ef:32:d1:3c:90:ba:b3:7f:fe:
73:17:1f:08:9f:3a:f8:47:a5:13:28:55:04:c3:a5:
b7:6d:52:1b:af:f3:53:8d:25:33:49:6b:3e:77:77:
d6:bc:5a:fe:f6:9d:31:51:5f:1e:d5:12:65:f2:6e:
4c:11:1f:d7:74:c6:87:69:53:9d:07:0e:7d:8a:f6:
8e:82:0d:06:d4:cf:1b:05:5d:95:c8:60:ca:e8:7d:
2d:31:ca:03:cd:53:c5:14:5d:9f:58:76:9f:74:44:
ae:5e:8c:46:fd:f5:56:5e:8e:45:6d:10:d1:48:1b:
ed:c4:63:19:dd:90:13:ab:42:05:96:9c:2d:d4:a9:
bb:ab:5a:57:af:49:45:52:59:bf:f0:e9:a7:b9:e4:
9a:27:45:04:ab:8e:54:46:be:83:f8:20:7a:3d:25:
9c:a7:85:bc:88:9e:7b:53:89:06:16:ad:fa:31:e3:
f9:27:2c:69:d3:80:17:6e:ca:56:29:c6:df:78:ed:
ff:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:95:B4:32:4F:94:C1:F4:64:C2:31:C1:3E:3C:48:4B:FB:DE:66:47
X509v3 Authority Key Identifier:
keyid:98:A8:7C:AD:5B:71:08:90:A9:52:8F:16:6F:42:02:39:38:24:E6:B8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/98A87CAD5B710890A9528F166F4202393824E6B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mKh8rVtxCJCpUo8Wb0ICOTgk5rg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/dce196fe-4b1a-46ea-9c95-4af12964a49d/0/39342e3132362e3233372e302f32342d3234203d3e203438303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.237.0/24
Signature Algorithm: sha256WithRSAEncryption
82:d6:97:2b:be:e1:84:0d:f4:65:65:3d:32:51:4b:31:0b:a2:
80:c5:46:82:76:1c:4c:53:87:c6:02:41:b8:0f:66:36:b3:44:
17:3e:6b:8a:d0:5d:d7:ec:9e:9e:f0:1b:21:d4:1e:35:c4:fc:
e5:da:d6:7e:7a:a9:cc:e2:dd:04:a5:ef:37:1a:ca:ef:1f:87:
ee:d5:a8:a7:fb:b9:f8:9e:57:f7:a5:e7:75:a4:45:7a:ff:06:
18:dc:ef:ec:4e:09:45:f4:1f:ad:ec:31:05:28:57:6a:2d:1d:
07:08:40:92:f8:68:ba:a0:9f:79:46:e1:ce:75:77:12:49:64:
7c:67:b0:a3:0d:d0:f1:c7:9e:31:14:f6:f1:80:2f:2d:10:8d:
80:49:88:bd:a8:e7:ea:2a:c5:98:cd:bf:5d:83:a5:2d:12:c8:
2e:7d:43:98:93:4d:45:83:ef:96:3d:be:3a:07:a5:cc:96:b7:
b2:c0:8b:d9:d4:2a:36:de:bb:75:11:50:09:ee:d2:04:bb:e4:
1b:8f:77:08:fa:3c:bb:94:1f:68:e0:e8:c0:f7:ce:f0:24:62:
c5:f5:5c:24:a6:89:b3:f7:75:87:e4:5a:0b:35:6f:1c:84:13:
f6:15:56:bf:3d:73:54:c6:a9:04:82:0f:ae:d2:17:91:9b:c2:
16:09:f9:39
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWt+Q4JmjRmOdp1os8YHAkcDBsNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThhODdjYWQ1YjcxMDg5MGE5NTI4ZjE2NmY0MjAyMzkz
ODI0ZTZiODAeFw0yNDA2MjUxNTQ0MTdaFw0yNTA2MjQxNTQ5MTdaMDMxMTAvBgNV
BAMTKEI4OTVCNDMyNEY5NEMxRjQ2NEMyMzFDMTNFM0M0ODRCRkJERTY2NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq4vOkJbVI6Nizi+6kPvplYI3i
RwA6tzfNuPONB06B4RqiirYOBPKUmwuizo33nPblZql1UiwdXWnapRinH78dR+8y
0TyQurN//nMXHwifOvhHpRMoVQTDpbdtUhuv81ONJTNJaz53d9a8Wv72nTFRXx7V
EmXybkwRH9d0xodpU50HDn2K9o6CDQbUzxsFXZXIYMrofS0xygPNU8UUXZ9Ydp90
RK5ejEb99VZejkVtENFIG+3EYxndkBOrQgWWnC3UqburWlevSUVSWb/w6ae55Jon
RQSrjlRGvoP4IHo9JZynhbyInntTiQYWrfox4/knLGnTgBduylYpxt947f/hAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUuJW0Mk+UwfRkwjHBPjxIS/veZkcwHwYDVR0j
BBgwFoAUmKh8rVtxCJCpUo8Wb0ICOTgk5rgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUtNGIxYS00NmVhLTljOTUtNGFmMTI5NjRh
NDlkLzAvOThBODdDQUQ1QjcxMDg5MEE5NTI4RjE2NkY0MjAyMzkzODI0RTZCOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL21LaDhyVnR4Q0pDcFVvOFdiMElDT1Rn
azVyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZGNlMTk2ZmUt
NGIxYS00NmVhLTljOTUtNGFmMTI5NjRhNDlkLzAvMzkzNDJlMzEzMjM2MmUzMjMz
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzAzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Xn7tMA0GCSqGSIb3DQEBCwUAA4IBAQCC1pcrvuGEDfRlZT0yUUsxC6KAxUaCdhxM
U4fGAkG4D2Y2s0QXPmuK0F3X7J6e8Bsh1B41xPzl2tZ+eqnM4t0Epe83GsrvH4fu
1ain+7n4nlf3ped1pEV6/wYY3O/sTglF9B+t7DEFKFdqLR0HCECS+Gi6oJ95RuHO
dXcSSWR8Z7CjDdDxx54xFPbxgC8tEI2ASYi9qOfqKsWYzb9dg6UtEsgufUOYk01F
g++WPb46B6XMlreywIvZ1Co23rt1EVAJ7tIEu+Qbj3cI+jy7lB9o4OjA987wJGLF
9Vwkpomz93WH5FoLNW8chBP2FVa/PXNUxqkEgg+u0heRm8IWCfk5
-----END CERTIFICATE-----
Generated at Wed Nov 20 20:46:08 2024 by rpki-client on console-fra.rpki-client.org