Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/3139342e3135362e37362e302f32342d3234203d3e20323132323338.roa
File: 3139342e3135362e37362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: aYgIlKiSJ4ioWL0iywiOQHZgGMKhrRUwH6j6yolmnUs=
Subject key identifier: 79:0A:4C:A8:BB:C1:7E:D0:79:A8:63:BB:73:C5:5E:37:36:1D:F1:B3
Certificate issuer: /CN=0993289b168a37d449bc0d44b1ad35e532025cf1
Certificate serial: 0472AA0DA02EF091BC81BB290B08E463AAA5C0E3
Authority key identifier: 09:93:28:9B:16:8A:37:D4:49:BC:0D:44:B1:AD:35:E5:32:02:5C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZMomxaKN9RJvA1Esa015TICXPE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/3139342e3135362e37362e302f32342d3234203d3e20323132323338.roa
Signing time: Thu 12 Sep 2024 19:04:00 +0000
ROA not before: Thu 12 Sep 2024 18:59:00 +0000
ROA not after: Thu 11 Sep 2025 19:04:00 +0000
asID: 212238
IP address blocks: 194.156.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/0993289B168A37D449BC0D44B1AD35E532025CF1.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/0993289B168A37D449BC0D44B1AD35E532025CF1.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZMomxaKN9RJvA1Esa015TICXPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:72:aa:0d:a0:2e:f0:91:bc:81:bb:29:0b:08:e4:63:aa:a5:c0:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0993289b168a37d449bc0d44b1ad35e532025cf1
Validity
Not Before: Sep 12 18:59:00 2024 GMT
Not After : Sep 11 19:04:00 2025 GMT
Subject: CN=790A4CA8BBC17ED079A863BB73C55E37361DF1B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ef:01:ca:74:16:76:14:6d:0d:a4:c3:8c:ef:
b3:40:39:d3:f4:50:71:9a:90:a0:70:18:02:98:ce:
c0:02:ba:c8:4a:02:f5:dd:be:5e:bc:ae:e9:f8:7a:
65:71:78:00:ec:9d:df:5b:9f:8a:2a:34:ea:39:5c:
5d:a8:42:cb:2b:fc:cf:a1:27:43:d6:31:e5:53:fa:
9f:77:9d:01:3e:ad:48:1f:2c:8c:c0:8f:51:c4:e1:
40:95:1a:6b:40:31:fb:89:10:ee:91:33:bd:fe:7b:
7f:78:d1:4e:8c:96:82:9c:92:17:d3:67:31:59:1a:
78:f9:95:ba:27:96:c7:c7:86:06:48:9a:21:49:8f:
cd:fb:04:d1:e0:00:d6:a1:cd:73:18:87:0d:d7:47:
9e:00:e5:d8:bb:01:05:ae:70:8d:e8:9d:0b:37:85:
d4:0a:bf:7b:9a:33:69:78:f6:28:b4:1e:6a:da:76:
ab:be:71:6d:79:7d:42:2c:29:28:5d:62:e9:90:89:
5f:53:b5:d1:60:6c:95:31:99:7c:8f:46:d7:47:99:
06:de:7d:c9:e3:56:3e:8e:71:c2:eb:04:c5:11:8d:
a9:83:93:7b:be:a1:63:09:b6:a9:98:56:71:fc:01:
e4:5b:81:eb:2e:f7:c7:a0:cf:e5:e4:91:d3:ac:40:
e6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0A:4C:A8:BB:C1:7E:D0:79:A8:63:BB:73:C5:5E:37:36:1D:F1:B3
X509v3 Authority Key Identifier:
keyid:09:93:28:9B:16:8A:37:D4:49:BC:0D:44:B1:AD:35:E5:32:02:5C:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/0993289B168A37D449BC0D44B1AD35E532025CF1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZMomxaKN9RJvA1Esa015TICXPE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3bd2d2e-f40e-472e-9f8f-8984feaaa5c7/0/3139342e3135362e37362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.76.0/24
Signature Algorithm: sha256WithRSAEncryption
42:4b:a8:df:d7:75:da:cf:ad:08:10:37:47:d2:c7:59:f7:2f:
71:73:d0:6c:e7:d5:14:e9:27:f5:da:c4:e0:a1:ad:16:b2:45:
72:8a:50:9f:f6:ad:c5:22:f4:e2:3e:be:33:bb:d9:56:f5:70:
6e:9b:f0:8d:b8:9f:29:22:f8:1c:95:cf:fd:41:6d:aa:7b:47:
a2:52:39:e9:96:9c:88:14:58:17:5d:59:0a:2a:41:91:34:d8:
1d:5f:b0:f3:53:c8:85:62:91:16:98:36:ef:d5:0e:bd:fa:65:
fb:06:37:f6:f1:e2:3b:c3:31:15:34:a9:34:1c:b0:38:ec:92:
e3:e3:1a:c1:36:28:47:4c:b4:28:b9:9b:3d:e8:63:0a:44:c3:
10:90:dc:d2:2c:7a:68:70:6a:8d:94:6e:11:0a:7e:ac:9f:f5:
97:f9:d2:2d:a5:8d:07:71:89:ae:b9:d7:d5:9c:7f:7b:db:55:
6c:e6:ff:e3:04:b3:f0:b5:93:e3:26:d3:55:bc:e3:9c:a9:b1:
71:aa:26:db:cb:b2:31:54:fe:e5:ac:4f:fc:56:19:a0:ef:94:
c2:36:9f:29:0f:a2:f6:6c:d3:a8:22:12:56:e2:76:c4:a4:01:
86:15:85:08:50:93:e1:15:f9:00:c6:27:9f:d6:06:4a:25:2c:
10:9a:69:06
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBHKqDaAu8JG8gbspCwjkY6qlwOMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk5MzI4OWIxNjhhMzdkNDQ5YmMwZDQ0YjFhZDM1ZTUz
MjAyNWNmMTAeFw0yNDA5MTIxODU5MDBaFw0yNTA5MTExOTA0MDBaMDMxMTAvBgNV
BAMTKDc5MEE0Q0E4QkJDMTdFRDA3OUE4NjNCQjczQzU1RTM3MzYxREYxQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW7wHKdBZ2FG0NpMOM77NAOdP0
UHGakKBwGAKYzsACushKAvXdvl68run4emVxeADsnd9bn4oqNOo5XF2oQssr/M+h
J0PWMeVT+p93nQE+rUgfLIzAj1HE4UCVGmtAMfuJEO6RM73+e3940U6MloKckhfT
ZzFZGnj5lbonlsfHhgZImiFJj837BNHgANahzXMYhw3XR54A5di7AQWucI3onQs3
hdQKv3uaM2l49ii0Hmradqu+cW15fUIsKShdYumQiV9TtdFgbJUxmXyPRtdHmQbe
fcnjVj6OccLrBMURjamDk3u+oWMJtqmYVnH8AeRbgesu98egz+XkkdOsQObRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUeQpMqLvBftB5qGO7c8VeNzYd8bMwHwYDVR0j
BBgwFoAUCZMomxaKN9RJvA1Esa015TICXPEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNiZDJkMmUtZjQwZS00NzJlLTlmOGYtODk4NGZlYWFh
NWM3LzAvMDk5MzI4OUIxNjhBMzdENDQ5QkMwRDQ0QjFBRDM1RTUzMjAyNUNGMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NaTW9teGFLTjlSSnZBMUVzYTAxNVRJ
Q1hQRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNiZDJkMmUt
ZjQwZS00NzJlLTlmOGYtODk4NGZlYWFhNWM3LzAvMzEzOTM0MmUzMTM1MzYyZTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADCnEwwDQYJKoZIhvcNAQELBQADggEBAEJLqN/XddrPrQgQN0fSx1n3L3Fz0Gzn
1RTpJ/XaxOChrRayRXKKUJ/2rcUi9OI+vjO72Vb1cG6b8I24nyki+ByVz/1Bbap7
R6JSOemWnIgUWBddWQoqQZE02B1fsPNTyIVikRaYNu/VDr36ZfsGN/bx4jvDMRU0
qTQcsDjskuPjGsE2KEdMtCi5mz3oYwpEwxCQ3NIsemhwao2UbhEKfqyf9Zf50i2l
jQdxia6519Wcf3vbVWzm/+MEs/C1k+Mm01W845ypsXGqJtvLsjFU/uWsT/xWGaDv
lMI2nykPovZs06giElbidsSkAYYVhQhQk+EV+QDGJ5/WBkolLBCaaQY=
-----END CERTIFICATE-----
Generated at Fri Sep 20 09:46:27 2024 by rpki-client on console-fra.rpki-client.org