Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136352e302f32342d3234203d3e20383334.roa
File: 39352e3136392e3136352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 8e1yZ3qZY4AyZ0//kAgPH+4b2bfnVu/DBtF50ilTw/Q=
Subject key identifier: 4F:B5:55:E6:EE:84:26:11:C0:24:8C:12:30:41:76:6E:07:45:22:C2
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 7093F736CAA1D926376836D7C86DDB29586EF273
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136352e302f32342d3234203d3e20383334.roa
Signing time: Wed 20 Nov 2024 00:04:18 +0000
ROA not before: Tue 19 Nov 2024 23:59:18 +0000
ROA not after: Wed 19 Nov 2025 00:04:18 +0000
asID: 834
IP address blocks: 95.169.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:93:f7:36:ca:a1:d9:26:37:68:36:d7:c8:6d:db:29:58:6e:f2:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Nov 19 23:59:18 2024 GMT
Not After : Nov 19 00:04:18 2025 GMT
Subject: CN=4FB555E6EE842611C0248C123041766E074522C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e4:21:d4:ac:f3:44:18:f1:e4:6b:9f:59:67:
ff:cb:7d:4d:34:2f:8d:c6:41:f3:0a:5e:69:cc:3c:
61:0c:3a:33:d4:c4:c7:6d:39:0a:30:f9:f0:2f:b1:
de:4c:5a:fb:b9:d3:7c:3e:78:65:2b:b4:33:48:a5:
f9:4f:52:2d:be:aa:91:bc:25:c5:e8:3f:0e:1f:d8:
ca:72:bb:7d:43:7e:06:11:75:d7:a2:a1:2a:e3:d5:
39:1d:77:89:19:e6:9b:d2:fd:d2:be:90:1f:fa:7e:
b2:bb:40:95:db:e8:37:18:91:5e:ee:99:ad:dd:fe:
eb:5f:6c:e7:0b:3d:f6:28:82:dd:d6:d4:8b:f0:2e:
9b:fb:73:b7:b7:73:9e:2f:01:3d:7a:08:64:dd:10:
04:ea:70:0c:5c:93:99:7b:ec:62:18:f8:45:ee:d4:
93:42:c2:77:e6:57:51:35:be:6e:7e:a3:77:e2:29:
80:d9:2d:1e:de:3d:69:95:9b:c5:b2:7d:dc:13:f4:
84:d0:79:80:ed:a3:b8:86:aa:af:bf:03:5b:3f:46:
1a:1f:7b:67:66:f3:b5:57:86:37:40:2a:4b:19:03:
ad:b2:6d:9c:86:f7:83:44:6b:02:03:e3:52:ce:b6:
02:fe:3f:aa:f5:1a:c3:24:7a:69:ed:2b:b4:d0:01:
73:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B5:55:E6:EE:84:26:11:C0:24:8C:12:30:41:76:6E:07:45:22:C2
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3136352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.165.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:b1:39:96:2d:16:4c:9f:d0:06:19:1c:66:b5:f1:ed:53:8c:
ac:49:c5:a6:31:3c:2b:ce:4f:33:a5:27:f8:1f:49:e9:9b:1d:
cc:4d:7a:e1:01:00:de:f9:ed:d5:48:20:73:a5:1e:b2:69:1b:
b4:0b:4c:34:b8:6a:2e:b1:43:b7:b0:84:54:ff:1c:6a:9a:4f:
d3:50:d1:fe:3d:23:73:80:cd:a6:c7:1f:36:46:da:b6:cc:eb:
9a:f3:c3:e9:96:76:ba:01:c2:73:4c:b9:3b:e4:ed:5e:29:5f:
b5:e0:09:f7:3e:82:37:f4:e4:a6:b1:72:fb:3e:15:6c:56:20:
93:93:70:13:16:3e:30:e5:56:75:24:98:b5:d8:4a:d5:0f:ba:
37:fa:a3:ef:fe:25:c4:e5:e0:a0:19:10:1b:47:d1:d5:54:00:
72:d3:3f:4e:84:43:f2:9f:14:a0:c8:ee:2f:7a:82:59:cf:c6:
5a:e3:46:d3:01:08:63:a5:3e:10:28:9c:c6:13:11:13:92:fc:
e1:87:e9:bf:af:49:70:92:6e:90:b3:c8:91:e5:46:4d:0b:18:
b1:9d:0f:8a:28:c2:77:67:9c:a9:51:8c:01:98:28:9e:3b:41:
d8:82:b9:07:37:9f:07:df:1b:7e:ac:b2:61:7e:5d:c2:29:8b:
f0:5e:00:de
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUcJP3Nsqh2SY3aDbXyG3bKVhu8nMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNDExMTkyMzU5MThaFw0yNTExMTkwMDA0MThaMDMxMTAvBgNV
BAMTKDRGQjU1NUU2RUU4NDI2MTFDMDI0OEMxMjMwNDE3NjZFMDc0NTIyQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf5CHUrPNEGPHka59ZZ//LfU00
L43GQfMKXmnMPGEMOjPUxMdtOQow+fAvsd5MWvu503w+eGUrtDNIpflPUi2+qpG8
JcXoPw4f2Mpyu31DfgYRddeioSrj1Tkdd4kZ5pvS/dK+kB/6frK7QJXb6DcYkV7u
ma3d/utfbOcLPfYogt3W1IvwLpv7c7e3c54vAT16CGTdEATqcAxck5l77GIY+EXu
1JNCwnfmV1E1vm5+o3fiKYDZLR7ePWmVm8WyfdwT9ITQeYDto7iGqq+/A1s/Rhof
e2dm87VXhjdAKksZA62ybZyG94NEawID41LOtgL+P6r1GsMkemntK7TQAXObAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUT7VV5u6EJhHAJIwSMEF2bgdFIsIwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM2
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABfqaUw
DQYJKoZIhvcNAQELBQADggEBAI+xOZYtFkyf0AYZHGa18e1TjKxJxaYxPCvOTzOl
J/gfSembHcxNeuEBAN757dVIIHOlHrJpG7QLTDS4ai6xQ7ewhFT/HGqaT9NQ0f49
I3OAzabHHzZG2rbM65rzw+mWdroBwnNMuTvk7V4pX7XgCfc+gjf05Kaxcvs+FWxW
IJOTcBMWPjDlVnUkmLXYStUPujf6o+/+JcTl4KAZEBtH0dVUAHLTP06EQ/KfFKDI
7i96glnPxlrjRtMBCGOlPhAonMYTEROS/OGH6b+vSXCSbpCzyJHlRk0LGLGdD4oo
wndnnKlRjAGYKJ47QdiCuQc3nwffG36ssmF+XcIpi/BeAN4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:21 2024 by rpki-client on console-ams.rpki-client.org