Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137322e302f32342d3234203d3e20333935383939.roa
File: 39352e3136392e3137322e302f32342d3234203d3e20333935383939.roa (raw, json)
Hash identifier: yFqNWqtBxekSpr/YkMNinB3Hvctt3k1Mt3JP6WaO1xo=
Subject key identifier: 00:A4:A8:55:00:A0:9C:FF:B1:49:27:37:5E:B9:C6:EE:0C:0C:29:09
Certificate issuer: /CN=9e576996388e94b8c7ab20effb23bd11becb4108
Certificate serial: 1C37AF46156AAF6B165A642558B06BA55BFDF669
Authority key identifier: 9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137322e302f32342d3234203d3e20333935383939.roa
Signing time: Mon 10 Jun 2024 11:44:18 +0000
ROA not before: Mon 10 Jun 2024 11:39:18 +0000
ROA not after: Mon 09 Jun 2025 11:44:18 +0000
asID: 395899
IP address blocks: 95.169.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.mft
rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:37:af:46:15:6a:af:6b:16:5a:64:25:58:b0:6b:a5:5b:fd:f6:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e576996388e94b8c7ab20effb23bd11becb4108
Validity
Not Before: Jun 10 11:39:18 2024 GMT
Not After : Jun 9 11:44:18 2025 GMT
Subject: CN=00A4A85500A09CFFB14927375EB9C6EE0C0C2909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9d:02:c4:16:0f:bf:0b:54:f6:47:e1:c2:cd:
47:b5:7c:0d:7c:78:8f:4a:1e:ee:9c:ae:2f:60:c3:
07:a5:f6:bf:08:6e:56:4c:33:79:ed:99:aa:42:8a:
e5:28:5e:ee:d6:0d:d0:ab:e1:14:c6:43:2a:b8:57:
5f:dd:ef:f4:52:89:6c:b8:6c:16:70:d8:ad:d7:71:
c1:88:be:91:72:56:bf:c5:44:e5:cd:54:c0:76:53:
06:f7:1b:bc:22:fc:27:01:62:31:e4:b8:5b:ae:ed:
64:d7:90:78:c8:ac:ef:9a:76:14:c9:8e:4c:f6:9f:
a2:1f:98:2d:d9:59:35:f9:81:cc:9f:cb:16:a9:d1:
b2:02:49:38:cc:d0:07:27:a2:92:02:ab:07:3f:f2:
66:a4:e0:b4:8c:27:76:8c:55:4f:20:70:61:89:0a:
d0:d4:7c:1c:ea:83:88:83:11:67:86:ce:7a:1c:fe:
3f:9c:8a:e2:a1:f6:63:b2:8e:9a:c3:1d:04:a1:17:
81:83:e7:ef:67:0d:89:98:d3:19:f9:e7:d0:5f:e1:
93:52:31:df:64:bf:6c:c3:8d:86:af:68:87:51:62:
37:db:1c:0e:e5:ba:93:35:9c:5e:4b:b0:e5:5c:62:
4e:4b:74:11:14:9e:f1:54:44:31:3b:ca:29:ef:9b:
02:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A4:A8:55:00:A0:9C:FF:B1:49:27:37:5E:B9:C6:EE:0C:0C:29:09
X509v3 Authority Key Identifier:
keyid:9E:57:69:96:38:8E:94:B8:C7:AB:20:EF:FB:23:BD:11:BE:CB:41:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/9E576996388E94B8C7AB20EFFB23BD11BECB4108.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nldpljiOlLjHqyDv-yO9Eb7LQQg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f5e64030-2f28-42c9-b004-354bb28f6123/0/39352e3136392e3137322e302f32342d3234203d3e20333935383939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.172.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:1a:2f:fd:bc:08:93:da:c9:c1:af:05:63:6e:9b:1c:ed:bc:
0c:43:35:f1:0c:69:58:0a:7b:b3:28:33:eb:7b:a7:82:c5:b0:
f6:cf:73:96:2a:a2:03:1a:81:fd:3b:7c:bc:a5:c8:d9:3d:83:
aa:4a:4a:4f:c2:d4:10:89:20:f0:6f:3f:c6:1c:32:f6:42:b9:
b5:b1:6d:78:68:5b:dd:5a:b1:4d:6f:b1:86:4c:15:c0:35:06:
88:88:02:f1:83:ed:38:a3:f2:2a:e6:f5:3f:d4:0f:d0:06:1f:
55:95:23:47:3f:71:18:8e:b5:1b:87:8d:b4:2d:ed:e9:f9:26:
c4:bf:14:f6:b9:05:d0:cf:c1:04:69:e3:30:f9:7d:a3:07:09:
14:b3:02:19:3d:8f:b9:63:17:6b:48:52:48:37:ad:0c:6c:23:
3b:b4:5c:91:da:03:d4:32:ad:cf:cb:5b:7c:50:f0:5a:a1:cb:
fb:ef:ab:a3:70:fd:fd:15:fa:37:30:ca:ec:30:e1:b5:aa:59:
68:65:6a:ba:ae:83:70:4f:c9:2e:4e:fa:5f:9a:a4:ed:c3:5f:
d1:7f:dc:f1:2b:f8:2e:74:c3:0e:e3:e2:61:19:37:5d:ca:c1:
62:4e:9b:7f:ed:62:07:13:8e:2b:f7:7e:c4:fa:be:16:b5:3b:
c3:aa:80:07
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHDevRhVqr2sWWmQlWLBrpVv99mkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWU1NzY5OTYzODhlOTRiOGM3YWIyMGVmZmIyM2JkMTFi
ZWNiNDEwODAeFw0yNDA2MTAxMTM5MThaFw0yNTA2MDkxMTQ0MThaMDMxMTAvBgNV
BAMTKDAwQTRBODU1MDBBMDlDRkZCMTQ5MjczNzVFQjlDNkVFMEMwQzI5MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDanQLEFg+/C1T2R+HCzUe1fA18
eI9KHu6cri9gwwel9r8IblZMM3ntmapCiuUoXu7WDdCr4RTGQyq4V1/d7/RSiWy4
bBZw2K3XccGIvpFyVr/FROXNVMB2Uwb3G7wi/CcBYjHkuFuu7WTXkHjIrO+adhTJ
jkz2n6IfmC3ZWTX5gcyfyxap0bICSTjM0AcnopICqwc/8mak4LSMJ3aMVU8gcGGJ
CtDUfBzqg4iDEWeGznoc/j+ciuKh9mOyjprDHQShF4GD5+9nDYmY0xn559Bf4ZNS
Md9kv2zDjYavaIdRYjfbHA7lupM1nF5LsOVcYk5LdBEUnvFURDE7yinvmwJJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAKSoVQCgnP+xSSc3XrnG7gwMKQkwHwYDVR0j
BBgwFoAUnldpljiOlLjHqyDv+yO9Eb7LQQgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAtMmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2
MTIzLzAvOUU1NzY5OTYzODhFOTRCOEM3QUIyMEVGRkIyM0JEMTFCRUNCNDEwOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25sZHBsamlPbExqSHF5RHYteU85RWI3
TFFRZy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjVlNjQwMzAt
MmYyOC00MmM5LWIwMDQtMzU0YmIyOGY2MTIzLzAvMzkzNTJlMzEzNjM5MmUzMTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzM5MzUzODM5Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABfqawwDQYJKoZIhvcNAQELBQADggEBAE0aL/28CJPaycGvBWNumxztvAxDNfEM
aVgKe7MoM+t7p4LFsPbPc5YqogMagf07fLylyNk9g6pKSk/C1BCJIPBvP8YcMvZC
ubWxbXhoW91asU1vsYZMFcA1BoiIAvGD7Tij8irm9T/UD9AGH1WVI0c/cRiOtRuH
jbQt7en5JsS/FPa5BdDPwQRp4zD5faMHCRSzAhk9j7ljF2tIUkg3rQxsIzu0XJHa
A9Qyrc/LW3xQ8Fqhy/vvq6Nw/f0V+jcwyuww4bWqWWhlarqug3BPyS5O+l+apO3D
X9F/3PEr+C50ww7j4mEZN13KwWJOm3/tYgcTjiv3fsT6vha1O8OqgAc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:22:33 2024 by rpki-client on console-fra.rpki-client.org