Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136332e302f32342d3234203d3e20333935383339.roa
File: 39352e3136392e3136332e302f32342d3234203d3e20333935383339.roa (raw, json)
Hash identifier: v/eMpREThFrpgz/AUqmkgk2qTPPnlNhtSRcCOJsq9qc=
Subject key identifier: 45:F1:1F:D5:EE:92:10:C7:0C:01:05:06:BB:B5:25:E2:8B:BD:07:EC
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 301201E1562C1CC153C2FAA62E1455EE5F0CC5A5
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136332e302f32342d3234203d3e20333935383339.roa
Signing time: Wed 20 Nov 2024 17:34:15 +0000
ROA not before: Wed 20 Nov 2024 17:29:15 +0000
ROA not after: Wed 19 Nov 2025 17:34:15 +0000
asID: 395839
IP address blocks: 95.169.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:12:01:e1:56:2c:1c:c1:53:c2:fa:a6:2e:14:55:ee:5f:0c:c5:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Nov 20 17:29:15 2024 GMT
Not After : Nov 19 17:34:15 2025 GMT
Subject: CN=45F11FD5EE9210C70C010506BBB525E28BBD07EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fd:11:d1:16:32:47:3c:1c:3c:d0:20:14:65:
8f:91:5f:f5:ee:98:84:24:3c:cd:b0:65:12:18:76:
6d:02:0a:6b:85:9e:03:dc:5e:43:cc:db:8f:88:a1:
9f:4f:bd:67:b9:0b:60:1a:d6:b4:2d:b1:b2:97:bf:
ae:85:41:82:e7:b4:9f:7e:f3:59:a8:c4:77:e1:af:
e9:05:d3:57:a9:9c:dc:cf:fa:c2:ba:67:84:3c:fd:
50:f4:f2:43:c0:f3:3d:56:16:61:8b:e8:d0:03:31:
46:30:82:c6:ba:dd:3e:c7:c1:4c:f7:0e:9e:c2:89:
10:05:8a:ce:60:95:41:cf:5a:79:fa:33:41:01:9e:
4b:d8:24:e3:ad:45:40:31:36:19:6a:25:f8:42:82:
9d:c8:1a:cf:17:4b:37:fc:91:8c:62:f6:db:db:5e:
b9:a3:a4:d5:a0:f2:55:c2:54:b3:52:6c:22:d5:ff:
16:d7:c4:15:9c:4a:da:44:f0:dd:c6:77:d1:21:38:
2c:9d:23:34:1d:16:a5:79:63:86:6d:ad:58:30:f0:
16:8a:3e:aa:00:f5:0d:07:07:be:0f:9a:83:7e:5c:
15:5e:22:49:49:13:a6:66:ad:7f:b5:85:65:b9:96:
55:5e:48:76:78:a7:0d:f0:c4:4b:a6:40:95:3d:31:
3f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F1:1F:D5:EE:92:10:C7:0C:01:05:06:BB:B5:25:E2:8B:BD:07:EC
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136332e302f32342d3234203d3e20333935383339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.163.0/24
Signature Algorithm: sha256WithRSAEncryption
11:60:ad:f9:d3:34:a1:f9:82:86:3e:be:98:bf:94:81:9f:3f:
ce:32:cd:33:17:c0:5c:b9:f7:23:0b:e9:3b:78:63:4f:8b:d3:
b1:04:96:97:8a:c3:f1:09:40:e0:72:9d:a0:dd:19:0b:5b:f7:
a9:56:60:e8:d5:4a:3a:b7:ef:87:36:1b:32:ff:c7:8f:1b:d7:
16:3a:97:38:87:aa:df:31:8c:03:bd:46:6b:bd:14:bf:9d:97:
8d:c1:c3:07:c6:67:55:97:b0:ea:4d:a2:02:61:8b:c5:df:eb:
46:d8:f2:c2:f0:89:bc:67:48:e3:ab:9e:d9:ad:96:82:44:32:
63:4a:df:8d:30:91:20:8d:31:82:4c:c1:56:c5:cc:72:a1:d6:
dc:fc:84:55:63:a4:10:a3:6c:ba:e5:45:44:73:22:9e:e3:60:
37:28:02:d9:da:08:ba:79:19:ea:a5:9f:63:6a:fa:3f:1e:a8:
c5:4c:18:92:22:8f:32:06:a7:63:88:92:a2:78:02:48:86:ee:
c1:ba:ea:b1:71:48:dd:4d:24:bc:74:41:f0:e3:38:ea:64:d3:
0d:50:ce:4b:c1:a2:e9:f8:e9:6c:35:e6:8b:3e:a7:13:ea:2c:
7c:3a:c8:32:bf:8a:ff:09:a9:ff:40:71:ff:4b:e8:93:66:a4:
68:ed:a3:e2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMBIB4VYsHMFTwvqmLhRV7l8MxaUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNDExMjAxNzI5MTVaFw0yNTExMTkxNzM0MTVaMDMxMTAvBgNV
BAMTKDQ1RjExRkQ1RUU5MjEwQzcwQzAxMDUwNkJCQjUyNUUyOEJCRDA3RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4/RHRFjJHPBw80CAUZY+RX/Xu
mIQkPM2wZRIYdm0CCmuFngPcXkPM24+IoZ9PvWe5C2Aa1rQtsbKXv66FQYLntJ9+
81moxHfhr+kF01epnNzP+sK6Z4Q8/VD08kPA8z1WFmGL6NADMUYwgsa63T7HwUz3
Dp7CiRAFis5glUHPWnn6M0EBnkvYJOOtRUAxNhlqJfhCgp3IGs8XSzf8kYxi9tvb
XrmjpNWg8lXCVLNSbCLV/xbXxBWcStpE8N3Gd9EhOCydIzQdFqV5Y4ZtrVgw8BaK
PqoA9Q0HB74PmoN+XBVeIklJE6ZmrX+1hWW5llVeSHZ4pw3wxEumQJU9MT+5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURfEf1e6SEMcMAQUGu7Ul4ou9B+wwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzODMzMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABfqaMwDQYJKoZIhvcNAQELBQADggEBABFgrfnTNKH5goY+vpi/lIGfP84yzTMX
wFy59yML6Tt4Y0+L07EElpeKw/EJQOBynaDdGQtb96lWYOjVSjq374c2GzL/x48b
1xY6lziHqt8xjAO9Rmu9FL+dl43BwwfGZ1WXsOpNogJhi8Xf60bY8sLwibxnSOOr
ntmtloJEMmNK340wkSCNMYJMwVbFzHKh1tz8hFVjpBCjbLrlRURzIp7jYDcoAtna
CLp5Geqln2Nq+j8eqMVMGJIijzIGp2OIkqJ4AkiG7sG66rFxSN1NJLx0QfDjOOpk
0w1QzkvBoun46Ww15os+pxPqLHw6yDK/iv8Jqf9Acf9L6JNmpGjto+I=
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:14 2024 by rpki-client on console-fra.rpki-client.org